Jump to content

Malware chrome.exe*32 other processes .exe*32


Recommended Posts

Can someone please help me? We have lots of chrome.exe*32 and other .exe*32. I've downloaded AVG and Malwarebytes that looked like they got rid of some things but it is still on all the processes and every time we connect through the internet through our cable wi-fi it slows everything waaay down. Funnily enough, we can connect through our verizon jetpack with no problem, even though all the .exe*32s still show up. Can someone help? My next step is to save everything to discs and wipe it clean to factory settings. 

 

  

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Log from FRST:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Owner at 2014-07-21 19:41:42
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Apple Application Support (HKLM-x32\...\{853A4763-6643-4604-8D64-28BDD8925F4C}) (Version: 1.5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F473675-D702-45F9-8EBC-342B40C17BF5}) (Version: 3.4.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Ask Toolbar for Epson (HKLM-x32\...\{45504E56-3634-006A-76A7-A758B70C0A06}) (Version: 12.10.6.5424 - APN, LLC) <==== ATTENTION
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{5792CD64-61B4-C448-0D22-3C51DD73AB2A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.1.0.6 - AVG Technologies)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0315.1050.17562 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help English (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help French (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help German (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
ccc-utility64 (Version: 2010.0315.1050.17562 - ATI) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diamond Mind Baseball version 10 (HKLM-x32\...\Diamond Mind Baseball version 10) (Version: 10 - Diamond Mind, Inc.)
DMB version 10a patch (HKLM-x32\...\DMB version 10a patch) (Version: 10a - Diamond Mind, Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iTunes (HKLM\...\{18155797-EF2E-4699-9A16-FE787C4C10DB}) (Version: 10.2.2.14 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoHelper 2.1.40 Driver 5.5.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.40 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0 - Motorola Inc.) Hidden
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}) (Version: 2.0.3977.0 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.7.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.7.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.7.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - )
TOSHIBA Hardware Setup (Version: 4.03.02.00 - TOSHIBA) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.05.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - )
TOSHIBA Supervisor Password (Version: 4.03.02.00 - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.2.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.2.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMware View Client (HKLM\...\{70C29540-5625-443D-BC4F-6D0C763F44C8}) (Version: 4.6.0.366101 - VMware, Inc.)
War2Combat version 3.15 (HKLM-x32\...\War2Combat_is1) (Version: 3.15 - War2 RU Admins)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.7 - HTC)
 
==================== Restore Points  =========================
 
07-07-2014 04:29:19 Windows Update
11-07-2014 01:12:14 Windows Update
11-07-2014 03:49:09 Windows Update
12-07-2014 06:11:40 Windows Update
12-07-2014 17:03:00 Windows Update
13-07-2014 21:17:23 Windows Update
14-07-2014 04:15:32 Windows Update
15-07-2014 04:38:48 Windows Update
16-07-2014 01:04:02 Windows Update
16-07-2014 02:12:14 Installed AVG 2014
16-07-2014 02:12:57 Installed AVG 2014
16-07-2014 04:53:11 Windows Update
17-07-2014 04:14:32 Windows Update
19-07-2014 01:39:41 Windows Update
19-07-2014 02:52:42 Windows Update
20-07-2014 05:34:22 Windows Update
21-07-2014 04:30:38 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2011-05-22 17:05 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0409A1E2-BA6C-4984-A381-A3C11819B00F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)
Task: {17D15337-C682-45C1-8CF4-F854DB3D8155} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {2651E268-08E9-40E0-81E6-3DA7A21737B9} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {3702F7EB-6DA3-41FE-A05D-BB46C1DC5E12} - System32\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {3A1B607A-5A60-4E97-B856-1E516335CAAF} - System32\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {460A3B3F-80BA-44B7-9A6E-15377179A22C} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {6F676728-0A6D-4512-B4AD-95E5426FF69D} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {70036A4B-A5E3-4584-BE0E-A492CD5324BC} - System32\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {85AD9731-CA23-4080-B1B0-E5A7F83722A1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {86EF6F4E-C5EE-4642-8098-68B98D001686} - System32\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {A142736D-435A-4730-A8E0-F3F7BF2D290E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-18] (Google Inc.)
Task: {A46E0F6D-CAFB-4C8C-BC23-F5FDC74EA0F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-18] (Google Inc.)
Task: {D24E8ED2-CF1C-49CA-B723-2018802C22CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-02-01 17:55 - 2012-02-01 17:55 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2010-03-03 17:15 - 2010-03-03 17:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-07-18 21:25 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2012-02-01 17:55 - 2012-02-01 17:55 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2014-07-17 20:17 - 2014-07-17 20:16 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
2013-12-08 18:30 - 2013-11-24 13:56 - 03139072 _____ () C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-07-17 20:17 - 2014-07-17 20:16 - 02575384 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2009-10-13 13:00 - 2009-10-13 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-10 07:30 - 2010-09-10 07:30 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2010-11-21 15:07 - 2010-09-22 14:41 - 00539744 _____ () C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\ziptv06.dll
2010-11-21 15:07 - 2010-09-22 14:41 - 00419192 _____ () C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\LockBox.dll
2014-07-17 20:17 - 2014-07-17 20:16 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\log4cplusU.dll
2011-03-21 17:30 - 2011-03-21 17:30 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-18 22:24 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 22:24 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 22:24 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 22:24 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 22:24 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Owner\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Owner\Downloads\noname.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/20/2014 09:14:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/20/2014 09:14:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/20/2014 00:12:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/20/2014 00:12:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/19/2014 11:00:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/19/2014 11:00:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/19/2014 10:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/19/2014 10:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/19/2014 09:20:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/19/2014 09:20:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (07/21/2014 00:32:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
 
Error: (07/21/2014 00:31:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/20/2014 01:35:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/18/2014 10:53:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/18/2014 09:42:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/17/2014 00:15:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
 
Error: (07/17/2014 00:15:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/16/2014 00:53:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
Error: (07/15/2014 09:59:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ask Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/15/2014 09:04:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).
 
 
Microsoft Office Sessions:
=========================
Error: (07/20/2014 09:14:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/20/2014 09:14:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/20/2014 00:12:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/20/2014 00:12:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/19/2014 11:00:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/19/2014 11:00:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/19/2014 10:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/19/2014 10:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/19/2014 09:20:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/19/2014 09:20:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-11-03 15:53:09.231
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 15:53:09.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 15:53:09.222
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 15:53:09.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 15:53:09.189
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 15:53:09.184
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 14:29:46.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 14:29:46.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 14:29:46.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-03 14:29:46.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 61%
Total physical RAM: 2810.9 MB
Available physical RAM: 1072.67 MB
Total Pagefile: 5619.98 MB
Available Pagefile: 3344.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI105949W0C) (Fixed) (Total:286.57 GB) (Free:184.56 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4A473AB0)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=17)
 
==================== End Of Log ============================
Link to post
Share on other sites

And here is initial one (additional one was pasted first)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Owner (administrator) on OWNER-PC on 21-07-2014 19:40:38
Running from C:\Users\Owner\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
( ) C:\Windows\System32\lxczcoms.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe
(Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
() C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Owner\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)
HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-04-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-18] (APN)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2575384 2014-07-17] ()
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" 
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-19] (Google Inc.)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Amazon Cloud Player] => C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: H - H:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {2b93059a-6353-11e1-b05a-60eb693fb36f} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {3e725b56-9181-11e1-b0c8-60eb693fb36f} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {85334b43-42e2-11e0-bb1a-60eb693fb36f} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {b58712ed-e7e6-11e1-8a36-60eb693fb36f} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {b65e6f9d-5b0e-11e2-8603-60eb693fb36f} - F:\iLinker.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {dcb488a7-49a1-11e3-82cc-60eb693fb36f} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {df07aa66-244c-11e2-adb1-60eb693fb36f} - E:\TL-Bootstrap.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKCU - {B70C8C06-E07D-4550-9D57-FBE5D6A57401} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.1.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\xfinity.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp
CHR StartupUrls: "https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-05]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]
CHR Extension: (McAfee Security Scan+) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]
CHR Extension: (Hangouts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-14]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [aaaakabcghbhlohjjnonbaadlhlkhaob] - C:\ProgramData\AskPartnerNetwork\Toolbar\EPNV64\CRX\ToolbarCR.crx [2014-04-08]
 
==================== Services (Whitelisted) =================
 
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-18] (APN LLC.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxcz_device; C:\windows\system32\lxczcoms.exe [566192 2007-04-19] ( )
R2 lxcz_device; C:\windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [361472 2011-06-13] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [441344 2011-06-13] (Alcatel-Lucent) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]
R2 vToolbarUpdater3.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [1814040 2014-07-17] (AVG Secure Search)
R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [3872776 2010-09-22] (Webroot Software, Inc. (www.webroot.com))
 
==================== Drivers (Whitelisted) ====================
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-07-17] (AVG Technologies)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-07-05] (LeapFrog)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 ssfmonm; C:\Windows\System32\DRIVERS\ssfmonm.sys [55360 2010-06-17] (Webroot Software, Inc. (www.webroot.com))
R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [136224 2010-06-17] (Webroot Software, Inc. (www.webroot.com))
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-21 19:40 - 2014-07-21 19:40 - 02090496 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-07-21 19:36 - 2014-07-21 19:41 - 00026580 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-07-21 19:35 - 2014-07-21 19:40 - 00000000 ____D () C:\FRST
2014-07-21 19:34 - 2014-07-21 19:34 - 01080320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-07-20 22:34 - 2014-07-20 22:35 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip
2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip
2014-07-17 20:18 - 2014-07-18 21:42 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-17 20:18 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp
2014-07-17 20:18 - 2014-07-17 20:16 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-07-17 20:17 - 2014-07-17 20:18 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-07-16 22:13 - 2014-07-17 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-16 22:12 - 2014-07-17 00:13 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-16 22:11 - 2014-07-16 22:12 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe
2014-07-16 22:09 - 2014-07-16 22:10 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe
2014-07-16 20:42 - 2014-07-16 21:50 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 20:40 - 2014-07-17 20:12 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-16 20:40 - 2014-07-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-16 20:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-16 20:39 - 2014-07-16 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-16 20:38 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014
2014-07-15 22:14 - 2014-07-15 22:15 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ___HD () C:\$AVG
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-15 22:04 - 2014-07-15 22:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014
2014-07-15 22:03 - 2014-07-15 22:04 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx
2014-07-11 23:54 - 2014-07-11 23:56 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip
2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip
2014-07-10 22:54 - 2014-07-10 22:55 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip
2014-07-10 21:28 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-10 21:28 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-10 21:28 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-10 21:28 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-10 21:28 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-10 21:28 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 21:28 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-10 21:28 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-10 21:28 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-10 21:28 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-10 21:28 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-10 21:28 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-10 21:28 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-10 21:28 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 21:28 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-10 21:28 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-10 21:28 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-10 21:28 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-10 21:28 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-10 21:27 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-10 21:27 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-10 21:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-10 21:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-10 21:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-10 21:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-10 21:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-10 21:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-10 21:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-10 21:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-10 21:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-10 21:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-10 21:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-10 21:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-10 21:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-10 21:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-10 21:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-10 21:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-10 21:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-10 21:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-10 21:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-10 21:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-10 21:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-10 21:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-10 21:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-10 21:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-10 21:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-10 21:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-10 21:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-10 21:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-10 21:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-10 21:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-10 21:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-10 21:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-10 21:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-10 21:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-10 21:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-10 21:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-10 21:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-10 21:27 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-10 21:27 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-10 21:27 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-10 21:27 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-10 21:27 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-10 21:27 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-10 21:23 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-10 21:23 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-10 21:23 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-09 00:33 - 2014-07-09 00:34 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip
2014-07-08 23:41 - 2014-07-08 23:52 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe
2014-07-08 23:37 - 2014-07-08 23:38 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe
2014-07-08 21:19 - 2014-07-08 21:20 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip
2014-07-06 22:26 - 2014-07-06 22:27 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip
2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip
2014-07-05 22:28 - 2014-07-05 22:29 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip
2014-07-03 18:24 - 2014-07-03 18:25 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip
2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip
2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip
2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip
2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip
2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip
2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4
2014-06-25 21:04 - 2014-06-25 21:13 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014
2014-06-25 20:59 - 2014-06-25 21:27 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning
2014-06-23 22:32 - 2014-06-23 22:33 - 03669818 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (10).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 ____N () C:\Users\Owner\Downloads\IBC14_0622 (1).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 _____ () C:\Users\Owner\Downloads\IBC14_0622.zip
2014-06-22 14:50 - 2014-07-08 19:58 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos
 
==================== One Month Modified Files and Folders =======
 
2014-07-21 19:41 - 2014-07-21 19:36 - 00026580 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-07-21 19:40 - 2014-07-21 19:40 - 02090496 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-07-21 19:40 - 2014-07-21 19:35 - 00000000 ____D () C:\FRST
2014-07-21 19:38 - 2010-09-10 07:29 - 01431158 _____ () C:\windows\WindowsUpdate.log
2014-07-21 19:34 - 2014-07-21 19:34 - 01080320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-07-21 19:29 - 2014-03-03 22:55 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job
2014-07-21 19:29 - 2014-03-03 22:55 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job
2014-07-21 19:29 - 2013-12-13 22:44 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job
2014-07-21 19:29 - 2013-12-13 22:44 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job
2014-07-21 19:29 - 2012-09-03 19:34 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job
2014-07-21 19:29 - 2012-03-30 19:36 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 19:29 - 2010-07-18 21:28 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 19:29 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-07-21 18:13 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 18:13 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 18:10 - 2012-10-10 22:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-21 18:05 - 2011-02-28 00:17 - 00000000 ____D () C:\Temp
2014-07-21 18:04 - 2010-07-18 21:28 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 18:04 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-21 18:04 - 2009-07-14 00:51 - 00119774 _____ () C:\windows\setupact.log
2014-07-20 22:39 - 2012-01-29 22:43 - 00000000 ____D () C:\dmb10
2014-07-20 22:35 - 2014-07-20 22:34 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip
2014-07-20 22:32 - 2012-09-03 19:34 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job
2014-07-20 21:14 - 2009-07-14 01:13 - 00006454 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip
2014-07-18 21:42 - 2014-07-17 20:18 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-18 21:38 - 2014-07-17 20:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp
2014-07-17 20:18 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-07-17 20:16 - 2014-07-17 20:18 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-07-17 20:12 - 2014-07-16 20:40 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-17 20:07 - 2010-07-18 21:36 - 00342838 _____ () C:\windows\PFRO.log
2014-07-17 00:13 - 2014-07-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-17 00:13 - 2014-07-16 22:12 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-16 22:12 - 2014-07-16 22:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe
2014-07-16 22:10 - 2014-07-16 22:09 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe
2014-07-16 21:50 - 2014-07-16 20:42 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 21:49 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2014-07-16 21:24 - 2010-07-18 21:30 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-16 21:22 - 2014-04-27 01:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\systweak
2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 20:41 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-16 20:39 - 2014-07-16 20:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 20:30 - 2009-07-14 01:08 - 00032610 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-16 00:52 - 2010-11-29 23:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2014-07-15 22:55 - 2014-07-15 22:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014
2014-07-15 22:15 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ___HD () C:\$AVG
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-15 22:04 - 2014-07-15 22:03 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx
2014-07-11 23:56 - 2014-07-11 23:54 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip
2014-07-11 22:56 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip
2014-07-11 20:36 - 2009-07-14 00:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-11 20:34 - 2014-05-07 00:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-11 20:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism
2014-07-10 23:54 - 2013-07-21 10:43 - 00000000 ____D () C:\windows\system32\MRT
2014-07-10 23:52 - 2010-11-20 23:02 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-10 22:55 - 2014-07-10 22:54 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip
2014-07-09 00:34 - 2014-07-09 00:33 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip
2014-07-08 23:52 - 2014-07-08 23:41 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe
2014-07-08 23:38 - 2014-07-08 23:37 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe
2014-07-08 21:20 - 2014-07-08 21:19 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip
2014-07-08 21:07 - 2012-03-30 19:36 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 21:07 - 2012-03-30 19:35 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 21:07 - 2011-09-23 22:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 19:58 - 2014-06-22 14:50 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos
2014-07-06 22:27 - 2014-07-06 22:26 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip
2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip
2014-07-05 22:29 - 2014-07-05 22:28 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip
2014-07-03 18:25 - 2014-07-03 18:24 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip
2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip
2014-06-29 22:09 - 2014-07-10 21:27 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-10 21:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip
2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip
2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip
2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip
2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4
2014-06-25 21:27 - 2014-06-25 20:59 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning
2014-06-25 21:13 - 2014-06-25 21:04 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014
2014-06-23 22:33 - 2014-06-23 22:32 - 03669818 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (10).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 ____N () C:\Users\Owner\Downloads\IBC14_0622 (1).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 _____ () C:\Users\Owner\Downloads\IBC14_0622.zip
2014-06-22 00:14 - 2010-07-18 21:28 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 00:14 - 2010-07-18 21:28 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\avguidx.dll
C:\Users\Owner\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Owner\AppData\Local\Temp\contentDATs.exe
C:\Users\Owner\AppData\Local\Temp\jna1055410394220127404.dll
C:\Users\Owner\AppData\Local\Temp\jna1073645731335081262.dll
C:\Users\Owner\AppData\Local\Temp\jna1089234737564245298.dll
C:\Users\Owner\AppData\Local\Temp\jna1265585676370952990.dll
C:\Users\Owner\AppData\Local\Temp\jna127990445597468992.dll
C:\Users\Owner\AppData\Local\Temp\jna1301368914540418725.dll
C:\Users\Owner\AppData\Local\Temp\jna1338255137550711605.dll
C:\Users\Owner\AppData\Local\Temp\jna1345494521560818300.dll
C:\Users\Owner\AppData\Local\Temp\jna1348819289547376096.dll
C:\Users\Owner\AppData\Local\Temp\jna1378459675680451388.dll
C:\Users\Owner\AppData\Local\Temp\jna1408599061591347508.dll
C:\Users\Owner\AppData\Local\Temp\jna1413721975258181491.dll
C:\Users\Owner\AppData\Local\Temp\jna141657952164498110.dll
C:\Users\Owner\AppData\Local\Temp\jna1496030830005005658.dll
C:\Users\Owner\AppData\Local\Temp\jna1513459348249238754.dll
C:\Users\Owner\AppData\Local\Temp\jna1524673651164537592.dll
C:\Users\Owner\AppData\Local\Temp\jna1574467497722601740.dll
C:\Users\Owner\AppData\Local\Temp\jna1580603678852781161.dll
C:\Users\Owner\AppData\Local\Temp\jna1645965475949323265.dll
C:\Users\Owner\AppData\Local\Temp\jna1656081241826479993.dll
C:\Users\Owner\AppData\Local\Temp\jna1716538426897664777.dll
C:\Users\Owner\AppData\Local\Temp\jna1767313942489924967.dll
C:\Users\Owner\AppData\Local\Temp\jna1801867979433279340.dll
C:\Users\Owner\AppData\Local\Temp\jna1815283812764045204.dll
C:\Users\Owner\AppData\Local\Temp\jna1850960933250293754.dll
C:\Users\Owner\AppData\Local\Temp\jna1867679894263075910.dll
C:\Users\Owner\AppData\Local\Temp\jna191067944006807078.dll
C:\Users\Owner\AppData\Local\Temp\jna1927289825285467540.dll
C:\Users\Owner\AppData\Local\Temp\jna1940589474289515165.dll
C:\Users\Owner\AppData\Local\Temp\jna1944614066371134996.dll
C:\Users\Owner\AppData\Local\Temp\jna1970087269113460155.dll
C:\Users\Owner\AppData\Local\Temp\jna2017633721869759595.dll
C:\Users\Owner\AppData\Local\Temp\jna2020028590486784553.dll
C:\Users\Owner\AppData\Local\Temp\jna2113559705531056055.dll
C:\Users\Owner\AppData\Local\Temp\jna2137104367701114191.dll
C:\Users\Owner\AppData\Local\Temp\jna2161722131168684103.dll
C:\Users\Owner\AppData\Local\Temp\jna2199971991625516488.dll
C:\Users\Owner\AppData\Local\Temp\jna2217530275308812001.dll
C:\Users\Owner\AppData\Local\Temp\jna2229348768420652440.dll
C:\Users\Owner\AppData\Local\Temp\jna2253567609384023264.dll
C:\Users\Owner\AppData\Local\Temp\jna228318510833324664.dll
C:\Users\Owner\AppData\Local\Temp\jna2328577765330815347.dll
C:\Users\Owner\AppData\Local\Temp\jna2369314371924235151.dll
C:\Users\Owner\AppData\Local\Temp\jna240548302079600137.dll
C:\Users\Owner\AppData\Local\Temp\jna2418233799951787796.dll
C:\Users\Owner\AppData\Local\Temp\jna2428935791446865617.dll
C:\Users\Owner\AppData\Local\Temp\jna2435946527542576318.dll
C:\Users\Owner\AppData\Local\Temp\jna2469959920894865431.dll
C:\Users\Owner\AppData\Local\Temp\jna2509831631061981279.dll
C:\Users\Owner\AppData\Local\Temp\jna2523271446376508757.dll
C:\Users\Owner\AppData\Local\Temp\jna2537927882792538420.dll
C:\Users\Owner\AppData\Local\Temp\jna2586768692225817985.dll
C:\Users\Owner\AppData\Local\Temp\jna2594697291461913147.dll
C:\Users\Owner\AppData\Local\Temp\jna2645571677015151069.dll
C:\Users\Owner\AppData\Local\Temp\jna2735680648981203359.dll
C:\Users\Owner\AppData\Local\Temp\jna2756681175888537788.dll
C:\Users\Owner\AppData\Local\Temp\jna2827810566949453595.dll
C:\Users\Owner\AppData\Local\Temp\jna2828391036122740736.dll
C:\Users\Owner\AppData\Local\Temp\jna2892295468781768602.dll
C:\Users\Owner\AppData\Local\Temp\jna2895870575592223102.dll
C:\Users\Owner\AppData\Local\Temp\jna2895918678797225321.dll
C:\Users\Owner\AppData\Local\Temp\jna2961393520522305924.dll
C:\Users\Owner\AppData\Local\Temp\jna2985928321593966527.dll
C:\Users\Owner\AppData\Local\Temp\jna3005641893859355318.dll
C:\Users\Owner\AppData\Local\Temp\jna3027016499894709429.dll
C:\Users\Owner\AppData\Local\Temp\jna3037078456381388547.dll
C:\Users\Owner\AppData\Local\Temp\jna3062853685403050728.dll
C:\Users\Owner\AppData\Local\Temp\jna3065867243328222421.dll
C:\Users\Owner\AppData\Local\Temp\jna3069752364008478534.dll
C:\Users\Owner\AppData\Local\Temp\jna307014461172785669.dll
C:\Users\Owner\AppData\Local\Temp\jna3084295233232255021.dll
C:\Users\Owner\AppData\Local\Temp\jna313228452834760646.dll
C:\Users\Owner\AppData\Local\Temp\jna3142072920121137858.dll
C:\Users\Owner\AppData\Local\Temp\jna3155038133243808512.dll
C:\Users\Owner\AppData\Local\Temp\jna3164243799987185683.dll
C:\Users\Owner\AppData\Local\Temp\jna3211549616934451642.dll
C:\Users\Owner\AppData\Local\Temp\jna3267813023899180579.dll
C:\Users\Owner\AppData\Local\Temp\jna3312013678864753244.dll
C:\Users\Owner\AppData\Local\Temp\jna3396728693287280950.dll
C:\Users\Owner\AppData\Local\Temp\jna3444654096113666702.dll
C:\Users\Owner\AppData\Local\Temp\jna3478357878487589399.dll
C:\Users\Owner\AppData\Local\Temp\jna3500833888180731504.dll
C:\Users\Owner\AppData\Local\Temp\jna350130323847786012.dll
C:\Users\Owner\AppData\Local\Temp\jna3577215428375015529.dll
C:\Users\Owner\AppData\Local\Temp\jna3604327406098135628.dll
C:\Users\Owner\AppData\Local\Temp\jna3615022425425878832.dll
C:\Users\Owner\AppData\Local\Temp\jna361732402473682.dll
C:\Users\Owner\AppData\Local\Temp\jna3654440175839414689.dll
C:\Users\Owner\AppData\Local\Temp\jna3656584616937356981.dll
C:\Users\Owner\AppData\Local\Temp\jna3709897726718360039.dll
C:\Users\Owner\AppData\Local\Temp\jna3713905840728048779.dll
C:\Users\Owner\AppData\Local\Temp\jna3750481549795837144.dll
C:\Users\Owner\AppData\Local\Temp\jna3764312008363231733.dll
C:\Users\Owner\AppData\Local\Temp\jna3772982672578239795.dll
C:\Users\Owner\AppData\Local\Temp\jna3801742426493493225.dll
C:\Users\Owner\AppData\Local\Temp\jna382629137699713869.dll
C:\Users\Owner\AppData\Local\Temp\jna3841594382398555998.dll
C:\Users\Owner\AppData\Local\Temp\jna3914893796064694303.dll
C:\Users\Owner\AppData\Local\Temp\jna4022637142825171109.dll
C:\Users\Owner\AppData\Local\Temp\jna4041414395083187497.dll
C:\Users\Owner\AppData\Local\Temp\jna4082859652863286553.dll
C:\Users\Owner\AppData\Local\Temp\jna4129255236051890007.dll
C:\Users\Owner\AppData\Local\Temp\jna4134260619350896236.dll
C:\Users\Owner\AppData\Local\Temp\jna4143303086466086913.dll
C:\Users\Owner\AppData\Local\Temp\jna4149463184019568982.dll
C:\Users\Owner\AppData\Local\Temp\jna4196481678644158245.dll
C:\Users\Owner\AppData\Local\Temp\jna4199565959882591509.dll
C:\Users\Owner\AppData\Local\Temp\jna4220374977280582286.dll
C:\Users\Owner\AppData\Local\Temp\jna4253135213975081978.dll
C:\Users\Owner\AppData\Local\Temp\jna4253400650983658442.dll
C:\Users\Owner\AppData\Local\Temp\jna4268522948304728567.dll
C:\Users\Owner\AppData\Local\Temp\jna4284877007224748757.dll
C:\Users\Owner\AppData\Local\Temp\jna4304093955072418001.dll
C:\Users\Owner\AppData\Local\Temp\jna4312919535713411569.dll
C:\Users\Owner\AppData\Local\Temp\jna4324095293115301064.dll
C:\Users\Owner\AppData\Local\Temp\jna4362261550043755591.dll
C:\Users\Owner\AppData\Local\Temp\jna4411779524320667613.dll
C:\Users\Owner\AppData\Local\Temp\jna4414700258781765186.dll
C:\Users\Owner\AppData\Local\Temp\jna4428026053115852264.dll
C:\Users\Owner\AppData\Local\Temp\jna4432179026936031362.dll
C:\Users\Owner\AppData\Local\Temp\jna4483270876263442655.dll
C:\Users\Owner\AppData\Local\Temp\jna4497347906593145865.dll
C:\Users\Owner\AppData\Local\Temp\jna45577432389619273.dll
C:\Users\Owner\AppData\Local\Temp\jna4561348944493028065.dll
C:\Users\Owner\AppData\Local\Temp\jna4584910649214283505.dll
C:\Users\Owner\AppData\Local\Temp\jna477492906712338995.dll
C:\Users\Owner\AppData\Local\Temp\jna4779856219341661400.dll
C:\Users\Owner\AppData\Local\Temp\jna4800010619957898710.dll
C:\Users\Owner\AppData\Local\Temp\jna4835326447777631659.dll
C:\Users\Owner\AppData\Local\Temp\jna4860029119200075466.dll
C:\Users\Owner\AppData\Local\Temp\jna4861363463722171465.dll
C:\Users\Owner\AppData\Local\Temp\jna4886612317329354315.dll
C:\Users\Owner\AppData\Local\Temp\jna4912277343437799050.dll
C:\Users\Owner\AppData\Local\Temp\jna4931909810819809028.dll
C:\Users\Owner\AppData\Local\Temp\jna4945229504155667943.dll
C:\Users\Owner\AppData\Local\Temp\jna5021525203642597194.dll
C:\Users\Owner\AppData\Local\Temp\jna5034256790370779110.dll
C:\Users\Owner\AppData\Local\Temp\jna5065008735481289.dll
C:\Users\Owner\AppData\Local\Temp\jna5078127617711254055.dll
C:\Users\Owner\AppData\Local\Temp\jna5083836432665435381.dll
C:\Users\Owner\AppData\Local\Temp\jna51438985191536595.dll
C:\Users\Owner\AppData\Local\Temp\jna5272732618646975287.dll
C:\Users\Owner\AppData\Local\Temp\jna5302560956159052006.dll
C:\Users\Owner\AppData\Local\Temp\jna5331773368275542884.dll
C:\Users\Owner\AppData\Local\Temp\jna5336873960719145873.dll
C:\Users\Owner\AppData\Local\Temp\jna5341790792077835722.dll
C:\Users\Owner\AppData\Local\Temp\jna5344666149690115126.dll
C:\Users\Owner\AppData\Local\Temp\jna5345684084140583143.dll
C:\Users\Owner\AppData\Local\Temp\jna5379865247257532819.dll
C:\Users\Owner\AppData\Local\Temp\jna5410436458805809943.dll
C:\Users\Owner\AppData\Local\Temp\jna5516488020769079650.dll
C:\Users\Owner\AppData\Local\Temp\jna558010010997087494.dll
C:\Users\Owner\AppData\Local\Temp\jna5653542993109469013.dll
C:\Users\Owner\AppData\Local\Temp\jna5695151716466104724.dll
C:\Users\Owner\AppData\Local\Temp\jna5851357491536793185.dll
C:\Users\Owner\AppData\Local\Temp\jna586920566669692761.dll
C:\Users\Owner\AppData\Local\Temp\jna5884016690907365101.dll
C:\Users\Owner\AppData\Local\Temp\jna5898300810310006489.dll
C:\Users\Owner\AppData\Local\Temp\jna595793160003884214.dll
C:\Users\Owner\AppData\Local\Temp\jna6053173396507301516.dll
C:\Users\Owner\AppData\Local\Temp\jna6108004408687073315.dll
C:\Users\Owner\AppData\Local\Temp\jna6108203511628226254.dll
C:\Users\Owner\AppData\Local\Temp\jna6226894827182579394.dll
C:\Users\Owner\AppData\Local\Temp\jna6229511218587484758.dll
C:\Users\Owner\AppData\Local\Temp\jna6285616861569946725.dll
C:\Users\Owner\AppData\Local\Temp\jna6291850023169026054.dll
C:\Users\Owner\AppData\Local\Temp\jna6295035365988348052.dll
C:\Users\Owner\AppData\Local\Temp\jna6334046092770322968.dll
C:\Users\Owner\AppData\Local\Temp\jna635663741139323603.dll
C:\Users\Owner\AppData\Local\Temp\jna6379538355747710084.dll
C:\Users\Owner\AppData\Local\Temp\jna645814274414356079.dll
C:\Users\Owner\AppData\Local\Temp\jna6515816975864405405.dll
C:\Users\Owner\AppData\Local\Temp\jna6525045410228419854.dll
C:\Users\Owner\AppData\Local\Temp\jna654588678970475635.dll
C:\Users\Owner\AppData\Local\Temp\jna6566616626067555484.dll
C:\Users\Owner\AppData\Local\Temp\jna6632756193070054768.dll
C:\Users\Owner\AppData\Local\Temp\jna6667856229689338824.dll
C:\Users\Owner\AppData\Local\Temp\jna6669023402398644127.dll
C:\Users\Owner\AppData\Local\Temp\jna6779784740513243803.dll
C:\Users\Owner\AppData\Local\Temp\jna6786850965707728957.dll
C:\Users\Owner\AppData\Local\Temp\jna6821461349221561943.dll
C:\Users\Owner\AppData\Local\Temp\jna6836203555943423326.dll
C:\Users\Owner\AppData\Local\Temp\jna6852748717023617129.dll
C:\Users\Owner\AppData\Local\Temp\jna685353392993797960.dll
C:\Users\Owner\AppData\Local\Temp\jna6884692819980808954.dll
C:\Users\Owner\AppData\Local\Temp\jna6921397778676949556.dll
C:\Users\Owner\AppData\Local\Temp\jna694301182309012124.dll
C:\Users\Owner\AppData\Local\Temp\jna6957268513071175047.dll
C:\Users\Owner\AppData\Local\Temp\jna6963944392577325395.dll
C:\Users\Owner\AppData\Local\Temp\jna6978106619197228332.dll
C:\Users\Owner\AppData\Local\Temp\jna6988108271621434392.dll
C:\Users\Owner\AppData\Local\Temp\jna7007860799504926931.dll
C:\Users\Owner\AppData\Local\Temp\jna7008241526921378853.dll
C:\Users\Owner\AppData\Local\Temp\jna7034558343969092770.dll
C:\Users\Owner\AppData\Local\Temp\jna7060563050487800505.dll
C:\Users\Owner\AppData\Local\Temp\jna7120220566127010029.dll
C:\Users\Owner\AppData\Local\Temp\jna7249906907525416813.dll
C:\Users\Owner\AppData\Local\Temp\jna7258860542351408454.dll
C:\Users\Owner\AppData\Local\Temp\jna7296635038863415624.dll
C:\Users\Owner\AppData\Local\Temp\jna731502063672682196.dll
C:\Users\Owner\AppData\Local\Temp\jna7365726896964739441.dll
C:\Users\Owner\AppData\Local\Temp\jna7376634990843928982.dll
C:\Users\Owner\AppData\Local\Temp\jna7409958990271372215.dll
C:\Users\Owner\AppData\Local\Temp\jna7410128475298463746.dll
C:\Users\Owner\AppData\Local\Temp\jna7430430455485643715.dll
C:\Users\Owner\AppData\Local\Temp\jna7442427099195692757.dll
C:\Users\Owner\AppData\Local\Temp\jna7444490974465043941.dll
C:\Users\Owner\AppData\Local\Temp\jna7467896732558879212.dll
C:\Users\Owner\AppData\Local\Temp\jna7477276558307117706.dll
C:\Users\Owner\AppData\Local\Temp\jna7506651533749795515.dll
C:\Users\Owner\AppData\Local\Temp\jna7537813807773465182.dll
C:\Users\Owner\AppData\Local\Temp\jna754422110778155529.dll
C:\Users\Owner\AppData\Local\Temp\jna7551202998778283700.dll
C:\Users\Owner\AppData\Local\Temp\jna7572465817287009577.dll
C:\Users\Owner\AppData\Local\Temp\jna7582005285413423908.dll
C:\Users\Owner\AppData\Local\Temp\jna7690641367319228898.dll
C:\Users\Owner\AppData\Local\Temp\jna7698100106532435214.dll
C:\Users\Owner\AppData\Local\Temp\jna7700193672020811743.dll
C:\Users\Owner\AppData\Local\Temp\jna7705564435606168316.dll
C:\Users\Owner\AppData\Local\Temp\jna7725289901829707056.dll
C:\Users\Owner\AppData\Local\Temp\jna7734671901369106244.dll
C:\Users\Owner\AppData\Local\Temp\jna7759497930355525751.dll
C:\Users\Owner\AppData\Local\Temp\jna7768841162359542638.dll
C:\Users\Owner\AppData\Local\Temp\jna7803515674203191796.dll
C:\Users\Owner\AppData\Local\Temp\jna7807397126480674840.dll
C:\Users\Owner\AppData\Local\Temp\jna7936408840488875699.dll
C:\Users\Owner\AppData\Local\Temp\jna7986096234774717324.dll
C:\Users\Owner\AppData\Local\Temp\jna8000422898631349852.dll
C:\Users\Owner\AppData\Local\Temp\jna8067162821282140300.dll
C:\Users\Owner\AppData\Local\Temp\jna8071555603912291741.dll
C:\Users\Owner\AppData\Local\Temp\jna8133324460145535223.dll
C:\Users\Owner\AppData\Local\Temp\jna8182213396677485942.dll
C:\Users\Owner\AppData\Local\Temp\jna8210959633176675751.dll
C:\Users\Owner\AppData\Local\Temp\jna8271523404728139759.dll
C:\Users\Owner\AppData\Local\Temp\jna8284235807254542459.dll
C:\Users\Owner\AppData\Local\Temp\jna8297680020154361726.dll
C:\Users\Owner\AppData\Local\Temp\jna8316540396313167892.dll
C:\Users\Owner\AppData\Local\Temp\jna833555766385676975.dll
C:\Users\Owner\AppData\Local\Temp\jna8339046905114866762.dll
C:\Users\Owner\AppData\Local\Temp\jna8390166455458190193.dll
C:\Users\Owner\AppData\Local\Temp\jna8393855062354365697.dll
C:\Users\Owner\AppData\Local\Temp\jna8396234797334622748.dll
C:\Users\Owner\AppData\Local\Temp\jna8416022480737296104.dll
C:\Users\Owner\AppData\Local\Temp\jna8426056621742441602.dll
C:\Users\Owner\AppData\Local\Temp\jna8476986077385241060.dll
C:\Users\Owner\AppData\Local\Temp\jna8484502264119813862.dll
C:\Users\Owner\AppData\Local\Temp\jna8486329879967238906.dll
C:\Users\Owner\AppData\Local\Temp\jna8493114186821050151.dll
C:\Users\Owner\AppData\Local\Temp\jna8528085553503596366.dll
C:\Users\Owner\AppData\Local\Temp\jna8531787249759903430.dll
C:\Users\Owner\AppData\Local\Temp\jna8570130788753002254.dll
C:\Users\Owner\AppData\Local\Temp\jna8578705908199298278.dll
C:\Users\Owner\AppData\Local\Temp\jna8608661622661301450.dll
C:\Users\Owner\AppData\Local\Temp\jna8617431188968661086.dll
C:\Users\Owner\AppData\Local\Temp\jna8628100531392644011.dll
C:\Users\Owner\AppData\Local\Temp\jna863793844727574835.dll
C:\Users\Owner\AppData\Local\Temp\jna8657076799159017766.dll
C:\Users\Owner\AppData\Local\Temp\jna8713991559301363775.dll
C:\Users\Owner\AppData\Local\Temp\jna8716098565859953792.dll
C:\Users\Owner\AppData\Local\Temp\jna8776122699420467089.dll
C:\Users\Owner\AppData\Local\Temp\jna8825971730381371969.dll
C:\Users\Owner\AppData\Local\Temp\jna8871640359453611492.dll
C:\Users\Owner\AppData\Local\Temp\jna8875762002979259583.dll
C:\Users\Owner\AppData\Local\Temp\jna8881592656392740922.dll
C:\Users\Owner\AppData\Local\Temp\jna8935842394902348670.dll
C:\Users\Owner\AppData\Local\Temp\jna9000047029031431415.dll
C:\Users\Owner\AppData\Local\Temp\jna9015740863254145876.dll
C:\Users\Owner\AppData\Local\Temp\jna9018805451120928554.dll
C:\Users\Owner\AppData\Local\Temp\jna9190108094731004652.dll
C:\Users\Owner\AppData\Local\Temp\jna9212377506602501615.dll
C:\Users\Owner\AppData\Local\Temp\jna9217790140952977226.dll
C:\Users\Owner\AppData\Local\Temp\jna947411726773802395.dll
C:\Users\Owner\AppData\Local\Temp\jna949072021451394907.dll
C:\Users\Owner\AppData\Local\Temp\jna979046585045349411.dll
C:\Users\Owner\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Owner\AppData\Local\Temp\MotoCast_Installer_1.2.8.exe
C:\Users\Owner\AppData\Local\Temp\oi_{E252F3E3-9D7A-4BF8-9187-B50066F28CF9}.exe
C:\Users\Owner\AppData\Local\Temp\qdxnuzeg.dll
C:\Users\Owner\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Owner\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Owner\AppData\Local\Temp\SendMsg.dll
C:\Users\Owner\AppData\Local\Temp\Setup.exe
C:\Users\Owner\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite10193.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite11484.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite11837.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite15498.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite17534.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite18767.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite23106.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite23774.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite29779.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite29985.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite32388.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite33533.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite37381.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite40506.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite43636.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite44268.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite46417.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite48242.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite48871.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite50378.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite50762.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite54897.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite55076.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite55208.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite58610.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite61463.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite62121.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite62176.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite66573.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite66840.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite68968.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite69936.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite70486.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite73246.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite76176.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite77068.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite77210.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite79026.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite79189.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite82277.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite83159.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite83789.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite84913.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite86192.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite90391.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite90848.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite93473.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite94787.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95414.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95823.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95949.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96420.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96669.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96914.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite98487.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite98756.dll
C:\Users\Owner\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
C:\Users\Owner\AppData\Local\Temp\zclneq8h.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 21:40
 
==================== End Of Log ============================
Link to post
Share on other sites

 

chrome.exe*32 other processes .exe*32

 

Hi,

why do you think this is malware?

 

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

Step 2

 

 

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Our computer was running super slow and when I pulled up the Task Manager, about half of the processes had the .exe*32 ending, which looked very odd to me. Also, each time I used Google Chrome, about 6 or 7 versions of "chrome.exe*32" would show up in Task Manager even if I only had one window open. I googled about it and ended up seeing several folks with similar problems that had a virus and/or malware. I downloaded AVG anti virus which found a worm and several other things and then Malwarebytes which also found things, but the problem has not cleared up. The internet is still extremely slow so I think there is something running in the background. I will complete the above directions as soon as I get home tonite and repost. Thank you for all your help!

Link to post
Share on other sites

AdwCleaner:

 

# AdwCleaner v3.216 - Report created 22/07/2014 at 19:41:23
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : APNMCP
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\Local\Browsersafeguard
Folder Deleted : C:\Users\Owner\AppData\Local\emaze
Folder Deleted : C:\Users\Owner\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Owner\AppData\Local\PackageAware
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Owner\Documents\Mobogenie
Folder Deleted : C:\Users\Owner\Documents\Optimizer Pro
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
File Deleted : C:\Users\Owner\daemonprocess.txt
File Deleted : C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default\searchplugins\safeguard-secure-search.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\visualbee
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://www.stubhub.com/search/doSearch?searchStr={searchTerms}&pageNumber=1&resultsPerPage=50&searchMode=event&start=0&rows=50&geo_exp=1
Deleted [search Provider] : hxxp://www.govdelivery.com/search-results?cx=002978347262224789446%3Apgkhjhnf6gu&cof=FORID%3A10&ie=UTF-8&q={searchTerms}
Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [search Provider] : hxxp://www.wayfair.com/keyword.php?keyword={searchTerms}&ust=&command=dosearch&new_keyword_search=true
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [7203 octets] - [22/07/2014 19:39:54]
AdwCleaner[s0].txt - [6954 octets] - [22/07/2014 19:41:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7014 octets] ##########
Link to post
Share on other sites

I'm not sure how to start FRST with administrator privileges. I started the same way as yesterday and here is the log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Owner (administrator) on OWNER-PC on 22-07-2014 19:51:01
Running from C:\Users\Owner\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
( ) C:\Windows\System32\lxczcoms.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
() C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILBE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)
HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-04-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" 
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-19] (Google Inc.)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Amazon Cloud Player] => C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: H - H:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {2b93059a-6353-11e1-b05a-60eb693fb36f} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {3e725b56-9181-11e1-b0c8-60eb693fb36f} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {85334b43-42e2-11e0-bb1a-60eb693fb36f} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {b58712ed-e7e6-11e1-8a36-60eb693fb36f} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {b65e6f9d-5b0e-11e2-8603-60eb693fb36f} - F:\iLinker.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {dcb488a7-49a1-11e3-82cc-60eb693fb36f} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\MountPoints2: {df07aa66-244c-11e2-adb1-60eb693fb36f} - E:\TL-Bootstrap.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKCU - {B70C8C06-E07D-4550-9D57-FBE5D6A57401} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\xfinity.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp
CHR StartupUrls: "https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: AVG Secure Search
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-05]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]
CHR Extension: (Hangouts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-14]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [aaaakabcghbhlohjjnonbaadlhlkhaob] - C:\ProgramData\AskPartnerNetwork\Toolbar\EPNV64\CRX\ToolbarCR.crx [2013-10-05]
 
==================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxcz_device; C:\windows\system32\lxczcoms.exe [566192 2007-04-19] ( )
R2 lxcz_device; C:\windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [361472 2011-06-13] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [441344 2011-06-13] (Alcatel-Lucent) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]
R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [3872776 2010-09-22] (Webroot Software, Inc. (www.webroot.com))
S2 vToolbarUpdater3.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-07-17] (AVG Technologies)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-07-05] (LeapFrog)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 ssfmonm; C:\Windows\System32\DRIVERS\ssfmonm.sys [55360 2010-06-17] (Webroot Software, Inc. (www.webroot.com))
R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [136224 2010-06-17] (Webroot Software, Inc. (www.webroot.com))
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-22 19:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-22 19:39 - 2014-07-22 19:41 - 00000000 ____D () C:\AdwCleaner
2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}
2014-07-21 19:41 - 2014-07-21 19:42 - 00038865 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-07-21 19:40 - 2014-07-21 19:40 - 02090496 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-07-21 19:36 - 2014-07-22 19:51 - 00024287 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-07-21 19:35 - 2014-07-22 19:51 - 00000000 ____D () C:\FRST
2014-07-21 19:34 - 2014-07-21 19:34 - 01080320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-07-20 22:34 - 2014-07-20 22:35 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip
2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip
2014-07-17 20:18 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp
2014-07-17 20:18 - 2014-07-17 20:16 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-07-17 20:17 - 2014-07-17 20:18 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-07-16 22:13 - 2014-07-17 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-16 22:12 - 2014-07-17 00:13 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-16 22:11 - 2014-07-16 22:12 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe
2014-07-16 22:09 - 2014-07-16 22:10 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe
2014-07-16 20:42 - 2014-07-16 21:50 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 20:40 - 2014-07-17 20:12 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-16 20:40 - 2014-07-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-16 20:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-16 20:39 - 2014-07-16 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-16 20:38 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014
2014-07-15 22:14 - 2014-07-15 22:15 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ___HD () C:\$AVG
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-15 22:04 - 2014-07-15 22:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014
2014-07-15 22:03 - 2014-07-15 22:04 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx
2014-07-11 23:54 - 2014-07-11 23:56 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip
2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip
2014-07-10 22:54 - 2014-07-10 22:55 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip
2014-07-10 21:28 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-10 21:28 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-10 21:28 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-10 21:28 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-10 21:28 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-10 21:28 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 21:28 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-10 21:28 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-10 21:28 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-10 21:28 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-10 21:28 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-10 21:28 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-10 21:28 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-10 21:28 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 21:28 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-10 21:28 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-10 21:28 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-10 21:28 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-10 21:28 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-10 21:27 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-10 21:27 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-10 21:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-10 21:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-10 21:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-10 21:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-10 21:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-10 21:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-10 21:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-10 21:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-10 21:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-10 21:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-10 21:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-10 21:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-10 21:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-10 21:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-10 21:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-10 21:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-10 21:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-10 21:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-10 21:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-10 21:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-10 21:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-10 21:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-10 21:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-10 21:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-10 21:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-10 21:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-10 21:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-10 21:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-10 21:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-10 21:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-10 21:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-10 21:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-10 21:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-10 21:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-10 21:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-10 21:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-10 21:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-10 21:27 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-10 21:27 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-10 21:27 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-10 21:27 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-10 21:27 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-10 21:27 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-10 21:27 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-10 21:27 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-10 21:23 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-10 21:23 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-10 21:23 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-09 00:33 - 2014-07-09 00:34 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip
2014-07-08 23:41 - 2014-07-08 23:52 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe
2014-07-08 23:37 - 2014-07-08 23:38 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe
2014-07-08 21:19 - 2014-07-08 21:20 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip
2014-07-06 22:26 - 2014-07-06 22:27 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip
2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip
2014-07-05 22:28 - 2014-07-05 22:29 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip
2014-07-03 18:24 - 2014-07-03 18:25 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip
2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip
2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip
2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip
2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip
2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip
2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4
2014-06-25 21:04 - 2014-06-25 21:13 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014
2014-06-25 20:59 - 2014-06-25 21:27 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning
2014-06-23 22:32 - 2014-06-23 22:33 - 03669818 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (10).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 ____N () C:\Users\Owner\Downloads\IBC14_0622 (1).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 _____ () C:\Users\Owner\Downloads\IBC14_0622.zip
2014-06-22 14:50 - 2014-07-08 19:58 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos
 
==================== One Month Modified Files and Folders =======
 
2014-07-22 19:53 - 2014-07-21 19:36 - 00024287 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-07-22 19:52 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 19:52 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 19:51 - 2014-07-21 19:35 - 00000000 ____D () C:\FRST
2014-07-22 19:44 - 2011-02-28 00:17 - 00000000 ____D () C:\Temp
2014-07-22 19:44 - 2010-07-18 21:36 - 00343152 _____ () C:\windows\PFRO.log
2014-07-22 19:44 - 2010-07-18 21:28 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 19:44 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-22 19:44 - 2009-07-14 00:51 - 00119886 _____ () C:\windows\setupact.log
2014-07-22 19:42 - 2010-09-10 07:29 - 01475906 _____ () C:\windows\WindowsUpdate.log
2014-07-22 19:41 - 2014-07-22 19:39 - 00000000 ____D () C:\AdwCleaner
2014-07-22 19:41 - 2010-11-20 22:45 - 00000000 ____D () C:\Users\Owner
2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-07-22 19:36 - 2012-09-03 19:34 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job
2014-07-22 19:36 - 2010-07-18 21:28 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 19:35 - 2012-03-30 19:36 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 18:55 - 2014-03-03 22:55 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job
2014-07-22 18:55 - 2014-03-03 22:55 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job
2014-07-22 18:55 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-07-22 18:54 - 2012-10-10 22:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-22 18:44 - 2013-12-13 22:44 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job
2014-07-22 18:44 - 2013-12-13 22:44 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job
2014-07-22 00:30 - 2010-11-29 23:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2014-07-21 23:46 - 2012-01-29 22:43 - 00000000 ____D () C:\dmb10
2014-07-21 22:22 - 2012-09-03 19:34 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job
2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}
2014-07-21 20:31 - 2009-07-14 01:13 - 00006454 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-21 19:42 - 2014-07-21 19:41 - 00038865 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-07-21 19:40 - 2014-07-21 19:40 - 02090496 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-07-21 19:34 - 2014-07-21 19:34 - 01080320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-07-20 22:35 - 2014-07-20 22:34 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip
2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip
2014-07-18 21:38 - 2014-07-17 20:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp
2014-07-17 20:18 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-07-17 20:16 - 2014-07-17 20:18 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-07-17 20:12 - 2014-07-16 20:40 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-17 00:13 - 2014-07-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-17 00:13 - 2014-07-16 22:12 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-16 22:12 - 2014-07-16 22:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe
2014-07-16 22:10 - 2014-07-16 22:09 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe
2014-07-16 21:50 - 2014-07-16 20:42 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 21:49 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2014-07-16 21:24 - 2010-07-18 21:30 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 20:41 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 20:40 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-16 20:39 - 2014-07-16 20:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 20:30 - 2009-07-14 01:08 - 00032610 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-15 22:55 - 2014-07-15 22:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014
2014-07-15 22:15 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ___HD () C:\$AVG
2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-15 22:04 - 2014-07-15 22:03 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx
2014-07-11 23:56 - 2014-07-11 23:54 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip
2014-07-11 22:56 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip
2014-07-11 20:36 - 2009-07-14 00:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-11 20:34 - 2014-05-07 00:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-11 20:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism
2014-07-10 23:54 - 2013-07-21 10:43 - 00000000 ____D () C:\windows\system32\MRT
2014-07-10 23:52 - 2010-11-20 23:02 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-10 22:55 - 2014-07-10 22:54 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip
2014-07-09 00:34 - 2014-07-09 00:33 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip
2014-07-08 23:52 - 2014-07-08 23:41 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe
2014-07-08 23:38 - 2014-07-08 23:37 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe
2014-07-08 21:20 - 2014-07-08 21:19 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip
2014-07-08 21:07 - 2012-03-30 19:36 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 21:07 - 2012-03-30 19:35 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 21:07 - 2011-09-23 22:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 19:58 - 2014-06-22 14:50 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos
2014-07-06 22:27 - 2014-07-06 22:26 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip
2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip
2014-07-05 22:29 - 2014-07-05 22:28 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip
2014-07-03 18:25 - 2014-07-03 18:24 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip
2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip
2014-06-29 22:09 - 2014-07-10 21:27 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-10 21:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip
2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip
2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip
2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip
2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4
2014-06-25 21:27 - 2014-06-25 20:59 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning
2014-06-25 21:13 - 2014-06-25 21:04 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014
2014-06-23 22:33 - 2014-06-23 22:32 - 03669818 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (10).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 ____N () C:\Users\Owner\Downloads\IBC14_0622 (1).zip
2014-06-22 20:56 - 2014-06-22 20:56 - 01646446 _____ () C:\Users\Owner\Downloads\IBC14_0622.zip
2014-06-22 00:14 - 2010-07-18 21:28 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 00:14 - 2010-07-18 21:28 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\avguidx.dll
C:\Users\Owner\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Owner\AppData\Local\Temp\contentDATs.exe
C:\Users\Owner\AppData\Local\Temp\jna1055410394220127404.dll
C:\Users\Owner\AppData\Local\Temp\jna1073645731335081262.dll
C:\Users\Owner\AppData\Local\Temp\jna1089234737564245298.dll
C:\Users\Owner\AppData\Local\Temp\jna1265585676370952990.dll
C:\Users\Owner\AppData\Local\Temp\jna127990445597468992.dll
C:\Users\Owner\AppData\Local\Temp\jna1301368914540418725.dll
C:\Users\Owner\AppData\Local\Temp\jna1338255137550711605.dll
C:\Users\Owner\AppData\Local\Temp\jna1345494521560818300.dll
C:\Users\Owner\AppData\Local\Temp\jna1348819289547376096.dll
C:\Users\Owner\AppData\Local\Temp\jna1378459675680451388.dll
C:\Users\Owner\AppData\Local\Temp\jna1408599061591347508.dll
C:\Users\Owner\AppData\Local\Temp\jna1413721975258181491.dll
C:\Users\Owner\AppData\Local\Temp\jna141657952164498110.dll
C:\Users\Owner\AppData\Local\Temp\jna1496030830005005658.dll
C:\Users\Owner\AppData\Local\Temp\jna1513459348249238754.dll
C:\Users\Owner\AppData\Local\Temp\jna1524673651164537592.dll
C:\Users\Owner\AppData\Local\Temp\jna1574467497722601740.dll
C:\Users\Owner\AppData\Local\Temp\jna1580603678852781161.dll
C:\Users\Owner\AppData\Local\Temp\jna1645965475949323265.dll
C:\Users\Owner\AppData\Local\Temp\jna1656081241826479993.dll
C:\Users\Owner\AppData\Local\Temp\jna1716538426897664777.dll
C:\Users\Owner\AppData\Local\Temp\jna1767313942489924967.dll
C:\Users\Owner\AppData\Local\Temp\jna1801867979433279340.dll
C:\Users\Owner\AppData\Local\Temp\jna1815283812764045204.dll
C:\Users\Owner\AppData\Local\Temp\jna1850960933250293754.dll
C:\Users\Owner\AppData\Local\Temp\jna1867679894263075910.dll
C:\Users\Owner\AppData\Local\Temp\jna191067944006807078.dll
C:\Users\Owner\AppData\Local\Temp\jna1927289825285467540.dll
C:\Users\Owner\AppData\Local\Temp\jna1940589474289515165.dll
C:\Users\Owner\AppData\Local\Temp\jna1944614066371134996.dll
C:\Users\Owner\AppData\Local\Temp\jna1970087269113460155.dll
C:\Users\Owner\AppData\Local\Temp\jna2017633721869759595.dll
C:\Users\Owner\AppData\Local\Temp\jna2020028590486784553.dll
C:\Users\Owner\AppData\Local\Temp\jna2113559705531056055.dll
C:\Users\Owner\AppData\Local\Temp\jna2137104367701114191.dll
C:\Users\Owner\AppData\Local\Temp\jna2161722131168684103.dll
C:\Users\Owner\AppData\Local\Temp\jna2199971991625516488.dll
C:\Users\Owner\AppData\Local\Temp\jna2217530275308812001.dll
C:\Users\Owner\AppData\Local\Temp\jna2229348768420652440.dll
C:\Users\Owner\AppData\Local\Temp\jna2253567609384023264.dll
C:\Users\Owner\AppData\Local\Temp\jna228318510833324664.dll
C:\Users\Owner\AppData\Local\Temp\jna2328577765330815347.dll
C:\Users\Owner\AppData\Local\Temp\jna2369314371924235151.dll
C:\Users\Owner\AppData\Local\Temp\jna240548302079600137.dll
C:\Users\Owner\AppData\Local\Temp\jna2418233799951787796.dll
C:\Users\Owner\AppData\Local\Temp\jna2428935791446865617.dll
C:\Users\Owner\AppData\Local\Temp\jna2435946527542576318.dll
C:\Users\Owner\AppData\Local\Temp\jna2469959920894865431.dll
C:\Users\Owner\AppData\Local\Temp\jna2509831631061981279.dll
C:\Users\Owner\AppData\Local\Temp\jna2523271446376508757.dll
C:\Users\Owner\AppData\Local\Temp\jna2537927882792538420.dll
C:\Users\Owner\AppData\Local\Temp\jna2586768692225817985.dll
C:\Users\Owner\AppData\Local\Temp\jna2594697291461913147.dll
C:\Users\Owner\AppData\Local\Temp\jna2645571677015151069.dll
C:\Users\Owner\AppData\Local\Temp\jna2735680648981203359.dll
C:\Users\Owner\AppData\Local\Temp\jna2756681175888537788.dll
C:\Users\Owner\AppData\Local\Temp\jna2827810566949453595.dll
C:\Users\Owner\AppData\Local\Temp\jna2828391036122740736.dll
C:\Users\Owner\AppData\Local\Temp\jna2892295468781768602.dll
C:\Users\Owner\AppData\Local\Temp\jna2895870575592223102.dll
C:\Users\Owner\AppData\Local\Temp\jna2895918678797225321.dll
C:\Users\Owner\AppData\Local\Temp\jna2961393520522305924.dll
C:\Users\Owner\AppData\Local\Temp\jna2985928321593966527.dll
C:\Users\Owner\AppData\Local\Temp\jna3005641893859355318.dll
C:\Users\Owner\AppData\Local\Temp\jna3027016499894709429.dll
C:\Users\Owner\AppData\Local\Temp\jna3037078456381388547.dll
C:\Users\Owner\AppData\Local\Temp\jna3062853685403050728.dll
C:\Users\Owner\AppData\Local\Temp\jna3065867243328222421.dll
C:\Users\Owner\AppData\Local\Temp\jna3069752364008478534.dll
C:\Users\Owner\AppData\Local\Temp\jna307014461172785669.dll
C:\Users\Owner\AppData\Local\Temp\jna3084295233232255021.dll
C:\Users\Owner\AppData\Local\Temp\jna313228452834760646.dll
C:\Users\Owner\AppData\Local\Temp\jna3142072920121137858.dll
C:\Users\Owner\AppData\Local\Temp\jna3155038133243808512.dll
C:\Users\Owner\AppData\Local\Temp\jna3164243799987185683.dll
C:\Users\Owner\AppData\Local\Temp\jna3211549616934451642.dll
C:\Users\Owner\AppData\Local\Temp\jna3267813023899180579.dll
C:\Users\Owner\AppData\Local\Temp\jna3312013678864753244.dll
C:\Users\Owner\AppData\Local\Temp\jna3396728693287280950.dll
C:\Users\Owner\AppData\Local\Temp\jna3444654096113666702.dll
C:\Users\Owner\AppData\Local\Temp\jna3478357878487589399.dll
C:\Users\Owner\AppData\Local\Temp\jna3500833888180731504.dll
C:\Users\Owner\AppData\Local\Temp\jna350130323847786012.dll
C:\Users\Owner\AppData\Local\Temp\jna3577215428375015529.dll
C:\Users\Owner\AppData\Local\Temp\jna3604327406098135628.dll
C:\Users\Owner\AppData\Local\Temp\jna3615022425425878832.dll
C:\Users\Owner\AppData\Local\Temp\jna361732402473682.dll
C:\Users\Owner\AppData\Local\Temp\jna3654440175839414689.dll
C:\Users\Owner\AppData\Local\Temp\jna3656584616937356981.dll
C:\Users\Owner\AppData\Local\Temp\jna3709897726718360039.dll
C:\Users\Owner\AppData\Local\Temp\jna3713905840728048779.dll
C:\Users\Owner\AppData\Local\Temp\jna3750481549795837144.dll
C:\Users\Owner\AppData\Local\Temp\jna3764312008363231733.dll
C:\Users\Owner\AppData\Local\Temp\jna3772982672578239795.dll
C:\Users\Owner\AppData\Local\Temp\jna3801742426493493225.dll
C:\Users\Owner\AppData\Local\Temp\jna382629137699713869.dll
C:\Users\Owner\AppData\Local\Temp\jna3841594382398555998.dll
C:\Users\Owner\AppData\Local\Temp\jna3914893796064694303.dll
C:\Users\Owner\AppData\Local\Temp\jna4022637142825171109.dll
C:\Users\Owner\AppData\Local\Temp\jna4041414395083187497.dll
C:\Users\Owner\AppData\Local\Temp\jna4082859652863286553.dll
C:\Users\Owner\AppData\Local\Temp\jna4129255236051890007.dll
C:\Users\Owner\AppData\Local\Temp\jna4134260619350896236.dll
C:\Users\Owner\AppData\Local\Temp\jna4143303086466086913.dll
C:\Users\Owner\AppData\Local\Temp\jna4149463184019568982.dll
C:\Users\Owner\AppData\Local\Temp\jna4196481678644158245.dll
C:\Users\Owner\AppData\Local\Temp\jna4199565959882591509.dll
C:\Users\Owner\AppData\Local\Temp\jna4220374977280582286.dll
C:\Users\Owner\AppData\Local\Temp\jna4253135213975081978.dll
C:\Users\Owner\AppData\Local\Temp\jna4253400650983658442.dll
C:\Users\Owner\AppData\Local\Temp\jna4268522948304728567.dll
C:\Users\Owner\AppData\Local\Temp\jna4284877007224748757.dll
C:\Users\Owner\AppData\Local\Temp\jna4304093955072418001.dll
C:\Users\Owner\AppData\Local\Temp\jna4312919535713411569.dll
C:\Users\Owner\AppData\Local\Temp\jna4324095293115301064.dll
C:\Users\Owner\AppData\Local\Temp\jna4362261550043755591.dll
C:\Users\Owner\AppData\Local\Temp\jna4411779524320667613.dll
C:\Users\Owner\AppData\Local\Temp\jna4414700258781765186.dll
C:\Users\Owner\AppData\Local\Temp\jna4428026053115852264.dll
C:\Users\Owner\AppData\Local\Temp\jna4432179026936031362.dll
C:\Users\Owner\AppData\Local\Temp\jna4483270876263442655.dll
C:\Users\Owner\AppData\Local\Temp\jna4497347906593145865.dll
C:\Users\Owner\AppData\Local\Temp\jna45577432389619273.dll
C:\Users\Owner\AppData\Local\Temp\jna4561348944493028065.dll
C:\Users\Owner\AppData\Local\Temp\jna4584910649214283505.dll
C:\Users\Owner\AppData\Local\Temp\jna477492906712338995.dll
C:\Users\Owner\AppData\Local\Temp\jna4779856219341661400.dll
C:\Users\Owner\AppData\Local\Temp\jna4800010619957898710.dll
C:\Users\Owner\AppData\Local\Temp\jna4835326447777631659.dll
C:\Users\Owner\AppData\Local\Temp\jna4860029119200075466.dll
C:\Users\Owner\AppData\Local\Temp\jna4861363463722171465.dll
C:\Users\Owner\AppData\Local\Temp\jna4886612317329354315.dll
C:\Users\Owner\AppData\Local\Temp\jna4912277343437799050.dll
C:\Users\Owner\AppData\Local\Temp\jna4931909810819809028.dll
C:\Users\Owner\AppData\Local\Temp\jna4945229504155667943.dll
C:\Users\Owner\AppData\Local\Temp\jna5021525203642597194.dll
C:\Users\Owner\AppData\Local\Temp\jna5034256790370779110.dll
C:\Users\Owner\AppData\Local\Temp\jna5065008735481289.dll
C:\Users\Owner\AppData\Local\Temp\jna5078127617711254055.dll
C:\Users\Owner\AppData\Local\Temp\jna5083836432665435381.dll
C:\Users\Owner\AppData\Local\Temp\jna51438985191536595.dll
C:\Users\Owner\AppData\Local\Temp\jna5272732618646975287.dll
C:\Users\Owner\AppData\Local\Temp\jna5302560956159052006.dll
C:\Users\Owner\AppData\Local\Temp\jna5331773368275542884.dll
C:\Users\Owner\AppData\Local\Temp\jna5336873960719145873.dll
C:\Users\Owner\AppData\Local\Temp\jna5341790792077835722.dll
C:\Users\Owner\AppData\Local\Temp\jna5344666149690115126.dll
C:\Users\Owner\AppData\Local\Temp\jna5345684084140583143.dll
C:\Users\Owner\AppData\Local\Temp\jna5379865247257532819.dll
C:\Users\Owner\AppData\Local\Temp\jna5410436458805809943.dll
C:\Users\Owner\AppData\Local\Temp\jna5516488020769079650.dll
C:\Users\Owner\AppData\Local\Temp\jna558010010997087494.dll
C:\Users\Owner\AppData\Local\Temp\jna5653542993109469013.dll
C:\Users\Owner\AppData\Local\Temp\jna5695151716466104724.dll
C:\Users\Owner\AppData\Local\Temp\jna5851357491536793185.dll
C:\Users\Owner\AppData\Local\Temp\jna586920566669692761.dll
C:\Users\Owner\AppData\Local\Temp\jna5884016690907365101.dll
C:\Users\Owner\AppData\Local\Temp\jna5898300810310006489.dll
C:\Users\Owner\AppData\Local\Temp\jna595793160003884214.dll
C:\Users\Owner\AppData\Local\Temp\jna6053173396507301516.dll
C:\Users\Owner\AppData\Local\Temp\jna6108004408687073315.dll
C:\Users\Owner\AppData\Local\Temp\jna6108203511628226254.dll
C:\Users\Owner\AppData\Local\Temp\jna6226894827182579394.dll
C:\Users\Owner\AppData\Local\Temp\jna6229511218587484758.dll
C:\Users\Owner\AppData\Local\Temp\jna6285616861569946725.dll
C:\Users\Owner\AppData\Local\Temp\jna6291850023169026054.dll
C:\Users\Owner\AppData\Local\Temp\jna6295035365988348052.dll
C:\Users\Owner\AppData\Local\Temp\jna6334046092770322968.dll
C:\Users\Owner\AppData\Local\Temp\jna635663741139323603.dll
C:\Users\Owner\AppData\Local\Temp\jna6379538355747710084.dll
C:\Users\Owner\AppData\Local\Temp\jna645814274414356079.dll
C:\Users\Owner\AppData\Local\Temp\jna6515816975864405405.dll
C:\Users\Owner\AppData\Local\Temp\jna6525045410228419854.dll
C:\Users\Owner\AppData\Local\Temp\jna654588678970475635.dll
C:\Users\Owner\AppData\Local\Temp\jna6566616626067555484.dll
C:\Users\Owner\AppData\Local\Temp\jna6632756193070054768.dll
C:\Users\Owner\AppData\Local\Temp\jna6667856229689338824.dll
C:\Users\Owner\AppData\Local\Temp\jna6669023402398644127.dll
C:\Users\Owner\AppData\Local\Temp\jna6779784740513243803.dll
C:\Users\Owner\AppData\Local\Temp\jna6786850965707728957.dll
C:\Users\Owner\AppData\Local\Temp\jna6821461349221561943.dll
C:\Users\Owner\AppData\Local\Temp\jna6836203555943423326.dll
C:\Users\Owner\AppData\Local\Temp\jna6852748717023617129.dll
C:\Users\Owner\AppData\Local\Temp\jna685353392993797960.dll
C:\Users\Owner\AppData\Local\Temp\jna6884692819980808954.dll
C:\Users\Owner\AppData\Local\Temp\jna6921397778676949556.dll
C:\Users\Owner\AppData\Local\Temp\jna694301182309012124.dll
C:\Users\Owner\AppData\Local\Temp\jna6957268513071175047.dll
C:\Users\Owner\AppData\Local\Temp\jna6963944392577325395.dll
C:\Users\Owner\AppData\Local\Temp\jna6978106619197228332.dll
C:\Users\Owner\AppData\Local\Temp\jna6988108271621434392.dll
C:\Users\Owner\AppData\Local\Temp\jna7007860799504926931.dll
C:\Users\Owner\AppData\Local\Temp\jna7008241526921378853.dll
C:\Users\Owner\AppData\Local\Temp\jna7034558343969092770.dll
C:\Users\Owner\AppData\Local\Temp\jna7060563050487800505.dll
C:\Users\Owner\AppData\Local\Temp\jna7120220566127010029.dll
C:\Users\Owner\AppData\Local\Temp\jna7249906907525416813.dll
C:\Users\Owner\AppData\Local\Temp\jna7258860542351408454.dll
C:\Users\Owner\AppData\Local\Temp\jna7296635038863415624.dll
C:\Users\Owner\AppData\Local\Temp\jna731502063672682196.dll
C:\Users\Owner\AppData\Local\Temp\jna7365726896964739441.dll
C:\Users\Owner\AppData\Local\Temp\jna7376634990843928982.dll
C:\Users\Owner\AppData\Local\Temp\jna7409958990271372215.dll
C:\Users\Owner\AppData\Local\Temp\jna7410128475298463746.dll
C:\Users\Owner\AppData\Local\Temp\jna7430430455485643715.dll
C:\Users\Owner\AppData\Local\Temp\jna7442427099195692757.dll
C:\Users\Owner\AppData\Local\Temp\jna7444490974465043941.dll
C:\Users\Owner\AppData\Local\Temp\jna7467896732558879212.dll
C:\Users\Owner\AppData\Local\Temp\jna7477276558307117706.dll
C:\Users\Owner\AppData\Local\Temp\jna7506651533749795515.dll
C:\Users\Owner\AppData\Local\Temp\jna7537813807773465182.dll
C:\Users\Owner\AppData\Local\Temp\jna754422110778155529.dll
C:\Users\Owner\AppData\Local\Temp\jna7551202998778283700.dll
C:\Users\Owner\AppData\Local\Temp\jna7572465817287009577.dll
C:\Users\Owner\AppData\Local\Temp\jna7582005285413423908.dll
C:\Users\Owner\AppData\Local\Temp\jna7690641367319228898.dll
C:\Users\Owner\AppData\Local\Temp\jna7698100106532435214.dll
C:\Users\Owner\AppData\Local\Temp\jna7700193672020811743.dll
C:\Users\Owner\AppData\Local\Temp\jna7705564435606168316.dll
C:\Users\Owner\AppData\Local\Temp\jna7725289901829707056.dll
C:\Users\Owner\AppData\Local\Temp\jna7734671901369106244.dll
C:\Users\Owner\AppData\Local\Temp\jna7759497930355525751.dll
C:\Users\Owner\AppData\Local\Temp\jna7768841162359542638.dll
C:\Users\Owner\AppData\Local\Temp\jna7803515674203191796.dll
C:\Users\Owner\AppData\Local\Temp\jna7807397126480674840.dll
C:\Users\Owner\AppData\Local\Temp\jna7936408840488875699.dll
C:\Users\Owner\AppData\Local\Temp\jna7986096234774717324.dll
C:\Users\Owner\AppData\Local\Temp\jna8000422898631349852.dll
C:\Users\Owner\AppData\Local\Temp\jna8067162821282140300.dll
C:\Users\Owner\AppData\Local\Temp\jna8071555603912291741.dll
C:\Users\Owner\AppData\Local\Temp\jna8133324460145535223.dll
C:\Users\Owner\AppData\Local\Temp\jna8182213396677485942.dll
C:\Users\Owner\AppData\Local\Temp\jna8210959633176675751.dll
C:\Users\Owner\AppData\Local\Temp\jna8271523404728139759.dll
C:\Users\Owner\AppData\Local\Temp\jna8284235807254542459.dll
C:\Users\Owner\AppData\Local\Temp\jna8297680020154361726.dll
C:\Users\Owner\AppData\Local\Temp\jna8316540396313167892.dll
C:\Users\Owner\AppData\Local\Temp\jna833555766385676975.dll
C:\Users\Owner\AppData\Local\Temp\jna8339046905114866762.dll
C:\Users\Owner\AppData\Local\Temp\jna8390166455458190193.dll
C:\Users\Owner\AppData\Local\Temp\jna8393855062354365697.dll
C:\Users\Owner\AppData\Local\Temp\jna8396234797334622748.dll
C:\Users\Owner\AppData\Local\Temp\jna8416022480737296104.dll
C:\Users\Owner\AppData\Local\Temp\jna8426056621742441602.dll
C:\Users\Owner\AppData\Local\Temp\jna8476986077385241060.dll
C:\Users\Owner\AppData\Local\Temp\jna8484502264119813862.dll
C:\Users\Owner\AppData\Local\Temp\jna8486329879967238906.dll
C:\Users\Owner\AppData\Local\Temp\jna8493114186821050151.dll
C:\Users\Owner\AppData\Local\Temp\jna8528085553503596366.dll
C:\Users\Owner\AppData\Local\Temp\jna8531787249759903430.dll
C:\Users\Owner\AppData\Local\Temp\jna8570130788753002254.dll
C:\Users\Owner\AppData\Local\Temp\jna8578705908199298278.dll
C:\Users\Owner\AppData\Local\Temp\jna8608661622661301450.dll
C:\Users\Owner\AppData\Local\Temp\jna8617431188968661086.dll
C:\Users\Owner\AppData\Local\Temp\jna8628100531392644011.dll
C:\Users\Owner\AppData\Local\Temp\jna863793844727574835.dll
C:\Users\Owner\AppData\Local\Temp\jna8657076799159017766.dll
C:\Users\Owner\AppData\Local\Temp\jna8713991559301363775.dll
C:\Users\Owner\AppData\Local\Temp\jna8716098565859953792.dll
C:\Users\Owner\AppData\Local\Temp\jna8776122699420467089.dll
C:\Users\Owner\AppData\Local\Temp\jna8825971730381371969.dll
C:\Users\Owner\AppData\Local\Temp\jna8871640359453611492.dll
C:\Users\Owner\AppData\Local\Temp\jna8875762002979259583.dll
C:\Users\Owner\AppData\Local\Temp\jna8881592656392740922.dll
C:\Users\Owner\AppData\Local\Temp\jna8935842394902348670.dll
C:\Users\Owner\AppData\Local\Temp\jna9000047029031431415.dll
C:\Users\Owner\AppData\Local\Temp\jna9015740863254145876.dll
C:\Users\Owner\AppData\Local\Temp\jna9018805451120928554.dll
C:\Users\Owner\AppData\Local\Temp\jna9190108094731004652.dll
C:\Users\Owner\AppData\Local\Temp\jna9212377506602501615.dll
C:\Users\Owner\AppData\Local\Temp\jna9217790140952977226.dll
C:\Users\Owner\AppData\Local\Temp\jna947411726773802395.dll
C:\Users\Owner\AppData\Local\Temp\jna949072021451394907.dll
C:\Users\Owner\AppData\Local\Temp\jna979046585045349411.dll
C:\Users\Owner\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Owner\AppData\Local\Temp\MotoCast_Installer_1.2.8.exe
C:\Users\Owner\AppData\Local\Temp\oi_{E252F3E3-9D7A-4BF8-9187-B50066F28CF9}.exe
C:\Users\Owner\AppData\Local\Temp\qdxnuzeg.dll
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Owner\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Owner\AppData\Local\Temp\SendMsg.dll
C:\Users\Owner\AppData\Local\Temp\Setup.exe
C:\Users\Owner\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite10193.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite11484.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite11837.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite15498.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite17534.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite18767.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite23106.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite23774.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite29779.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite29985.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite32388.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite33533.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite37381.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite40506.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite43636.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite44268.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite46417.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite48242.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite48871.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite50378.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite50762.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite54897.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite55076.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite55208.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite58610.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite61463.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite62121.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite62176.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite66573.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite66840.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite68968.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite69936.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite70486.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite73246.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite76176.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite77068.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite77210.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite79026.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite79189.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite82277.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite83159.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite83789.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite84913.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite86192.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite90391.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite90848.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite93473.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite94787.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95414.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95823.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite95949.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96420.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96669.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite96914.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite98487.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite98756.dll
C:\Users\Owner\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Owner\AppData\Local\Temp\zclneq8h.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 21:40
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

Ran by Owner (administrator) on OWNER-PC on 22-07-2014 19:51:01

Running from C:\Users\Owner\Downloads

 

it is OK. But please run the next tool from Desktop (copy from Download to Desktop).

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).

    Please copy and paste the contents of this file into your next post.

Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.

(You can find more detailed instructions in this guide on using Combofix.)

Link to post
Share on other sites

ComboFix 14-07-22.01 - Owner 07/23/2014  18:44:36.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2811.816 [GMT -4:00]

Running from: c:\users\Owner\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((   Files Created from 2014-06-23 to 2014-07-23  )))))))))))))))))))))))))))))))

.

.

2014-07-23 22:59 . 2014-07-23 22:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-07-22 23:41 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll

2014-07-22 23:39 . 2014-07-22 23:41 -------- d-----w- C:\AdwCleaner

2014-07-21 23:35 . 2014-07-22 23:54 -------- d-----w- C:\FRST

2014-07-18 00:18 . 2014-07-19 01:38 -------- d-----w- c:\users\Owner\AppData\Local\AVG Web TuneUp

2014-07-18 00:18 . 2014-07-18 00:16 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2014-07-18 00:17 . 2014-07-18 00:18 -------- d-----w- c:\programdata\AVG Web TuneUp

2014-07-18 00:17 . 2014-07-18 00:17 -------- d-----w- c:\program files (x86)\AVG Web TuneUp

2014-07-17 02:13 . 2014-07-17 04:13 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2014-07-17 00:42 . 2014-07-23 22:39 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-07-17 00:40 . 2014-07-18 00:12 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-07-17 00:40 . 2014-07-17 00:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2014-07-17 00:40 . 2014-07-17 00:40 -------- d-----w- c:\programdata\Malwarebytes

2014-07-17 00:40 . 2014-05-12 11:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-07-17 00:40 . 2014-05-12 11:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-07-16 02:15 . 2014-07-16 02:15 -------- d-----w- c:\users\Owner\AppData\Roaming\AVG2014

2014-07-16 02:14 . 2014-07-16 02:15 -------- d-----w- c:\programdata\AVG2014

2014-07-16 02:14 . 2014-07-16 02:14 -------- d-----w- C:\$AVG

2014-07-16 02:12 . 2014-07-16 02:12 -------- d-----w- c:\program files (x86)\AVG

2014-07-16 02:04 . 2014-07-16 02:55 -------- d-----w- c:\users\Owner\AppData\Local\Avg2014

2014-07-12 00:45 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37965C92-145D-464E-BDC1-309D436CEE70}\mpengine.dll

2014-07-11 01:23 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll

2014-07-11 01:23 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2014-07-11 01:23 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2014-06-30 16:43 . 2014-06-30 16:43 152344 ----a-w- c:\windows\system32\drivers\avgdiska.sys

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-07-11 03:52 . 2010-11-21 03:02 96441528 ----a-w- c:\windows\system32\MRT.exe

2014-07-09 01:07 . 2012-03-30 23:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-07-09 01:07 . 2011-09-24 02:52 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-06-17 20:21 . 2014-06-17 20:21 235800 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2014-06-17 20:07 . 2014-06-17 20:07 328984 ----a-w- c:\windows\system32\drivers\avgloga.sys

2014-06-17 20:06 . 2014-06-17 20:06 269080 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2014-06-17 20:06 . 2014-06-17 20:06 190744 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2014-06-17 20:06 . 2014-06-17 20:06 242968 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2014-06-17 20:06 . 2014-06-17 20:06 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2014-06-17 20:06 . 2014-06-17 20:06 31512 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

2014-04-25 02:34 . 2014-06-15 02:14 801280 ----a-w- c:\windows\system32\usp10.dll

2014-04-25 02:06 . 2014-06-15 02:14 626688 ----a-w- c:\windows\SysWow64\usp10.dll

2011-11-11 02:31 . 2011-11-11 02:29 13282121 ----a-w- c:\program files\War2Combat305.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Amazon Cloud Player"="c:\users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-11-24 3139072]

"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE" [2013-01-24 297024]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]

"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-27 421160]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2013-03-28 1058880]

"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-07-10 5187088]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe "c:\programdata\Best Buy pc app\Best Buy pc app.application" [2010-6-24 9216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ   kerberos msv1_0 schannel wdigest tspkg pku2u wsauth livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

@=""

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [x]

R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]

R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x]

R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]

R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]

R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]

S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]

S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe;c:\program files\Common Files\Motive\McciCMService.exe [x]

S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [x]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]

S2 ssfmonm;ssfmonm;c:\windows\system32\DRIVERS\ssfmonm.sys;c:\windows\SYSNATIVE\DRIVERS\ssfmonm.sys [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [x]

S2 wsnm_usbctrl;VMware View USB Control;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]

S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]

S3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]

S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys;c:\windows\SYSNATIVE\Drivers\vmwvusb.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-07-19 02:20 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 01:07]

.

2014-07-23 c:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-12-13 06:20]

.

2014-07-23 c:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-12-13 06:20]

.

2014-07-23 c:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-12-13 06:20]

.

2014-07-23 c:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-12-13 06:20]

.

2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 01:28]

.

2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 01:28]

.

2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job

- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-03 23:20]

.

2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job

- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-03 23:20]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]

"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]

"lxczbmgr.exe"="c:\program files (x86)\Lexmark 1200 Series\lxczbmgr.exe" [2009-04-27 74408]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <-loopback>;192.168.*.*

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4C93EEAE-8387-4A74-B63C-9CE870BF98E8}: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4C93EEAE-8387-4A74-B63C-9CE870BF98E8}\84453463532353C46575026393022403: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4C93EEAE-8387-4A74-B63C-9CE870BF98E8}\94E647562777562605F6274716C6: DhcpNameServer = 75.75.75.75 75.75.76.76

FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default\

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-TomTomHOME.exe - c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe

HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe

HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe

HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

   27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

   ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

   ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{F3C88694-EFFA-4D78-B409-54B7B2535B14}"=hex:51,66,7a,6c,4c,1d,38,12,fa,85,db,

   f7,c8,a1,16,08,cb,1f,17,f7,b7,0d,1f,00

"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,

   36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d

"{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}"=hex:51,66,7a,6c,4c,1d,38,12,c3,8a,99,

   0a,e5,db,85,05,f2,8b,4b,7e,f2,58,2e,15

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:61,6a,e3,28,07,29,ce,01

.

[HKEY_USERS\S-1-5-21-1990790332-1153374141-1900704237-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1990790332-1153374141-1900704237-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.14"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2014-07-23  19:03:57

ComboFix-quarantined-files.txt  2014-07-23 23:03

.

Pre-Run: 197,828,497,408 bytes free

Post-Run: 200,285,528,064 bytes free

.

- - End Of File - - 3DB4756D3D2F357CDC2BEE924269F26A

5B5E648D12FCADC244C1EC30318E1EB9
Link to post
Share on other sites

Hi,

Step 1

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 2

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please copy and paste these logs in your next reply.

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 7/24/2014
Scan Time: 7:48:58 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.24.09
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342984
Time Elapsed: 50 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir Win32/Bundled.Toolbar.Ask.E potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\EPNV64\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.5.zip.vir a variant of Win32/Mobogenie.A potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir a variant of Android/Mobserv.A potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application

C:\Users\Owner\AppData\Local\Mozilla\Firefox\Profiles\l260stbr.default\Cache\9\3B\E1C0Ad01 JS/Toolbar.Crossrider.A potentially unwanted application

C:\Users\Owner\Documents\APNSetup.exe Win32/Bundled.Toolbar.Ask.E potentially unsafe application

C:\Users\Owner\Downloads\DownloadSetup.exe Win32/InstallMate.A potentially unwanted application

C:\Users\Owner\Downloads\epson15216.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-EPNV64[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01

Ran by Owner (administrator) on OWNER-PC on 25-07-2014 07:57:00

Running from C:\Users\Owner\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

( ) C:\Windows\System32\lxczcoms.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe

() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe

(Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe

(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe

() C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILBE.EXE

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Silverlight_x64.exe

(Microsoft Corporation) C:\ec9d78b80df147fc7bc1501fb0\install.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(Microsoft Corporation) C:\Windows\Installer\MSID5A8.tmp

(Microsoft Corporation) C:\Program Files\Microsoft Silverlight\5.1.30514.0\coregen.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)

HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)

HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)

HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)

HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-04-27] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Amazon Cloud Player] => C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe


SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


SearchScopes: HKLM-x32 - DefaultScope value is missing.


SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}


SearchScopes: HKCU - {B70C8C06-E07D-4550-9D57-FBE5D6A57401} URL = 


BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

 

FireFox:

========

FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\xfinity.xml

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

 

Chrome: 

=======

CHR HomePage: https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp

CHR StartupUrls: "https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp"

CHR DefaultSearchKeyword: mysearch.avg.com

CHR DefaultSearchProvider: AVG Secure Search

CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}

CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-05]

CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]

CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]

CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]

CHR Extension: (Hangouts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-14]

CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]

CHR HKLM-x32\...\Chrome\Extension: [aaaakabcghbhlohjjnonbaadlhlkhaob] - C:\ProgramData\AskPartnerNetwork\Toolbar\EPNV64\CRX\ToolbarCR.crx [2013-10-05]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)

R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 lxcz_device; C:\windows\system32\lxczcoms.exe [566192 2007-04-19] ( )

R2 lxcz_device; C:\windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )

R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [361472 2011-06-13] (Alcatel-Lucent) [File not signed]

R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [441344 2011-06-13] (Alcatel-Lucent) [File not signed]

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()

R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]

R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [3872776 2010-09-22] (Webroot Software, Inc. (www.webroot.com))

S2 vToolbarUpdater3.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-07-17] (AVG Technologies)

S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-07-05] (LeapFrog)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)

S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

R2 ssfmonm; C:\Windows\System32\DRIVERS\ssfmonm.sys [55360 2010-06-17] (Webroot Software, Inc. (www.webroot.com))

R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [136224 2010-06-17] (Webroot Software, Inc. (www.webroot.com))

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-25 07:56 - 2014-07-25 07:56 - 00013314 _____ () C:\Users\Owner\Desktop\FRST64 - Shortcut.lnk

2014-07-25 07:56 - 2014-07-25 07:56 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion

2014-07-24 22:50 - 2014-07-24 22:50 - 02030424 ____N () C:\Users\Owner\Downloads\IBC14_0724.zip

2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 21:31 - 2014-07-24 21:31 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu (1).exe

2014-07-24 21:30 - 2014-07-24 21:30 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

2014-07-23 22:57 - 2014-07-23 22:57 - 00003009 _____ () C:\windows\baseball.INI

2014-07-23 19:03 - 2014-07-23 19:03 - 00025907 _____ () C:\ComboFix.txt

2014-07-23 18:41 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe

2014-07-23 18:41 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe

2014-07-23 18:41 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe

2014-07-23 18:40 - 2014-07-23 19:04 - 00000000 ____D () C:\Qoobox

2014-07-23 18:39 - 2014-07-23 19:01 - 00000000 ____D () C:\windows\erdnt

2014-07-23 18:36 - 2014-07-23 18:37 - 05562024 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe

2014-07-22 23:20 - 2014-07-22 23:20 - 04046619 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (20).zip

2014-07-22 19:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll

2014-07-22 19:39 - 2014-07-22 19:41 - 00000000 ____D () C:\AdwCleaner

2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe

2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}

2014-07-21 19:41 - 2014-07-21 19:42 - 00038865 _____ () C:\Users\Owner\Downloads\Addition.txt

2014-07-21 19:40 - 2014-07-25 07:56 - 02093568 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe

2014-07-21 19:36 - 2014-07-25 07:59 - 00023915 _____ () C:\Users\Owner\Downloads\FRST.txt

2014-07-21 19:35 - 2014-07-25 07:57 - 00000000 ____D () C:\FRST

2014-07-20 22:34 - 2014-07-20 22:35 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip

2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip

2014-07-17 20:18 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp

2014-07-17 20:18 - 2014-07-17 20:16 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys

2014-07-17 20:17 - 2014-07-17 20:18 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

2014-07-16 22:13 - 2014-07-17 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-16 22:12 - 2014-07-17 00:13 - 00000000 ____D () C:\Users\Owner\Desktop\mbar

2014-07-16 22:11 - 2014-07-16 22:12 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-16 22:09 - 2014-07-16 22:10 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe

2014-07-16 20:42 - 2014-07-24 19:48 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-16 20:40 - 2014-07-17 20:12 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-07-16 20:40 - 2014-07-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-07-16 20:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-07-16 20:39 - 2014-07-16 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-16 20:38 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014

2014-07-15 22:14 - 2014-07-15 22:15 - 00000000 ____D () C:\ProgramData\AVG2014

2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\$AVG

2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-07-15 22:04 - 2014-07-15 22:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014

2014-07-15 22:03 - 2014-07-15 22:04 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx

2014-07-11 23:54 - 2014-07-11 23:56 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip

2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip

2014-07-10 22:54 - 2014-07-10 22:55 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip

2014-07-10 21:28 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-10 21:28 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-07-10 21:28 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-07-10 21:28 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-07-10 21:28 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-10 21:28 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-07-10 21:28 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-07-10 21:28 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-07-10 21:28 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-07-10 21:28 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-10 21:28 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-07-10 21:28 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-07-10 21:28 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-10 21:28 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-10 21:28 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-10 21:28 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-10 21:28 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-10 21:28 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-10 21:28 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-10 21:27 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-07-10 21:27 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-07-10 21:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-10 21:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-10 21:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-07-10 21:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-10 21:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-07-10 21:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-07-10 21:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-07-10 21:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-07-10 21:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-07-10 21:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-07-10 21:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-07-10 21:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-07-10 21:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-07-10 21:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-10 21:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-07-10 21:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-10 21:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-10 21:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-10 21:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-10 21:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-07-10 21:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-07-10 21:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-10 21:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-07-10 21:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-10 21:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-07-10 21:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-07-10 21:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-07-10 21:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-07-10 21:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-10 21:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-10 21:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-10 21:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-10 21:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-07-10 21:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-10 21:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-10 21:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-10 21:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-10 21:27 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe

2014-07-10 21:27 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe

2014-07-10 21:27 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-07-10 21:27 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2014-07-10 21:27 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll

2014-07-10 21:27 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys

2014-07-10 21:23 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-07-10 21:23 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll

2014-07-10 21:23 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll

2014-07-09 00:33 - 2014-07-09 00:34 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip

2014-07-08 23:41 - 2014-07-08 23:52 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe

2014-07-08 23:37 - 2014-07-08 23:38 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe

2014-07-08 21:19 - 2014-07-08 21:20 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip

2014-07-06 22:26 - 2014-07-06 22:27 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip

2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip

2014-07-05 22:28 - 2014-07-05 22:29 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip

2014-07-03 18:24 - 2014-07-03 18:25 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip

2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip

2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip

2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip

2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip

2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip

2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip

2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4

2014-06-25 21:04 - 2014-06-25 21:13 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014

2014-06-25 20:59 - 2014-06-25 21:27 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-25 07:59 - 2014-07-21 19:36 - 00023915 _____ () C:\Users\Owner\Downloads\FRST.txt

2014-07-25 07:58 - 2012-05-11 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-25 07:58 - 2010-09-10 07:29 - 01580447 _____ () C:\windows\WindowsUpdate.log

2014-07-25 07:57 - 2014-07-21 19:35 - 00000000 ____D () C:\FRST

2014-07-25 07:56 - 2014-07-25 07:56 - 00013314 _____ () C:\Users\Owner\Desktop\FRST64 - Shortcut.lnk

2014-07-25 07:56 - 2014-07-25 07:56 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion

2014-07-25 07:56 - 2014-07-21 19:40 - 02093568 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe

2014-07-25 07:56 - 2009-07-14 01:13 - 00006454 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-25 07:55 - 2014-03-03 22:55 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

2014-07-25 07:55 - 2014-03-03 22:55 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

2014-07-25 07:55 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-25 07:55 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-25 07:55 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\FxsTmp

2014-07-25 07:53 - 2012-09-03 19:34 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job

2014-07-25 07:53 - 2010-07-18 21:28 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-25 07:52 - 2013-12-13 22:44 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

2014-07-25 07:52 - 2013-12-13 22:44 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

2014-07-25 07:52 - 2012-03-30 19:36 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-07-25 00:19 - 2010-07-18 21:28 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-25 00:14 - 2012-01-29 22:43 - 00000000 ____D () C:\dmb10

2014-07-24 22:50 - 2014-07-24 22:50 - 02030424 ____N () C:\Users\Owner\Downloads\IBC14_0724.zip

2014-07-24 22:22 - 2012-09-03 19:34 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job

2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 21:31 - 2014-07-24 21:31 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu (1).exe

2014-07-24 21:30 - 2014-07-24 21:30 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

2014-07-24 19:50 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-24 19:50 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-24 19:48 - 2014-07-16 20:42 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-24 19:48 - 2012-10-10 22:04 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-24 19:42 - 2011-02-28 00:17 - 00000000 ____D () C:\Temp

2014-07-24 19:42 - 2010-07-18 21:36 - 00343704 _____ () C:\windows\PFRO.log

2014-07-24 19:42 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-24 19:42 - 2009-07-14 00:51 - 00119998 _____ () C:\windows\setupact.log

2014-07-23 22:57 - 2014-07-23 22:57 - 00003009 _____ () C:\windows\baseball.INI

2014-07-23 19:04 - 2014-07-23 18:40 - 00000000 ____D () C:\Qoobox

2014-07-23 19:03 - 2014-07-23 19:03 - 00025907 _____ () C:\ComboFix.txt

2014-07-23 19:03 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default

2014-07-23 19:01 - 2014-07-23 18:39 - 00000000 ____D () C:\windows\erdnt

2014-07-23 19:00 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini

2014-07-23 18:37 - 2014-07-23 18:36 - 05562024 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe

2014-07-22 23:20 - 2014-07-22 23:20 - 04046619 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (20).zip

2014-07-22 19:41 - 2014-07-22 19:39 - 00000000 ____D () C:\AdwCleaner

2014-07-22 19:41 - 2010-11-20 22:45 - 00000000 ____D () C:\Users\Owner

2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe

2014-07-22 00:30 - 2010-11-29 23:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client

2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}

2014-07-21 19:42 - 2014-07-21 19:41 - 00038865 _____ () C:\Users\Owner\Downloads\Addition.txt

2014-07-20 22:35 - 2014-07-20 22:34 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip

2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip

2014-07-18 21:38 - 2014-07-17 20:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp

2014-07-17 20:18 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

2014-07-17 20:16 - 2014-07-17 20:18 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys

2014-07-17 20:12 - 2014-07-16 20:40 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-07-17 00:13 - 2014-07-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-17 00:13 - 2014-07-16 22:12 - 00000000 ____D () C:\Users\Owner\Desktop\mbar

2014-07-16 22:12 - 2014-07-16 22:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-16 22:10 - 2014-07-16 22:09 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe

2014-07-16 21:49 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF

2014-07-16 21:24 - 2010-07-18 21:30 - 00000000 ____D () C:\windows\PCHEALTH

2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-16 20:41 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-16 20:39 - 2014-07-16 20:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-16 20:30 - 2009-07-14 01:08 - 00032610 _____ () C:\windows\Tasks\SCHEDLGU.TXT

2014-07-15 22:55 - 2014-07-15 22:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014

2014-07-15 22:15 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\AVG2014

2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\$AVG

2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-07-15 22:04 - 2014-07-15 22:03 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx

2014-07-11 23:56 - 2014-07-11 23:54 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip

2014-07-11 22:56 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache

2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip

2014-07-11 20:36 - 2009-07-14 00:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT

2014-07-11 20:34 - 2014-05-07 00:07 - 00000000 ___SD () C:\windows\system32\CompatTel

2014-07-11 20:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism

2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism

2014-07-10 23:54 - 2013-07-21 10:43 - 00000000 ____D () C:\windows\system32\MRT

2014-07-10 23:52 - 2010-11-20 23:02 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-07-10 22:55 - 2014-07-10 22:54 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip

2014-07-09 00:34 - 2014-07-09 00:33 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip

2014-07-08 23:52 - 2014-07-08 23:41 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe

2014-07-08 23:38 - 2014-07-08 23:37 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe

2014-07-08 21:20 - 2014-07-08 21:19 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip

2014-07-08 21:07 - 2012-03-30 19:36 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

2014-07-08 21:07 - 2012-03-30 19:35 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-07-08 21:07 - 2011-09-23 22:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-08 19:58 - 2014-06-22 14:50 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos

2014-07-06 22:27 - 2014-07-06 22:26 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip

2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip

2014-07-05 22:29 - 2014-07-05 22:28 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip

2014-07-03 18:25 - 2014-07-03 18:24 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip

2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip

2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip

2014-06-29 22:09 - 2014-07-10 21:27 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-06-29 22:04 - 2014-07-10 21:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip

2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip

2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip

2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip

2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4

2014-06-25 21:27 - 2014-06-25 20:59 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning

2014-06-25 21:13 - 2014-06-25 21:04 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014

 

Some content of TEMP:

====================

C:\Users\Owner\AppData\Local\Temp\rtdrvmon.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-18 21:40

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 01

Ran by Owner at 2014-07-25 08:00:59

Running from C:\Users\Owner\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)

Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)

Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)

Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)

Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden

Apple Application Support (HKLM-x32\...\{853A4763-6643-4604-8D64-28BDD8925F4C}) (Version: 1.5.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{8F473675-D702-45F9-8EBC-342B40C17BF5}) (Version: 3.4.0.25 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)

Ask Toolbar for Epson (HKLM-x32\...\{45504E56-3634-006A-76A7-A758B70C0A06}) (Version: 12.10.6.5424 - APN, LLC) <==== ATTENTION

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)

ATI Catalyst Install Manager (HKLM\...\{5792CD64-61B4-C448-0D22-3C51DD73AB2A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)

AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.1.0.6 - AVG Technologies)

Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden

Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Core Implementation (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center Graphics Full New (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center Graphics Light (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2010.0315.1050.17562 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Czech (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Danish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Dutch (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help English (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Finnish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help French (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help German (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Greek (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Italian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Japanese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Korean (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Polish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Russian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Spanish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Swedish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Thai (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

CCC Help Turkish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden

ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden

ccc-utility64 (Version: 2010.0315.1050.17562 - ATI) Hidden

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Diamond Mind Baseball version 10 (HKLM-x32\...\Diamond Mind Baseball version 10) (Version: 10 - Diamond Mind, Inc.)

DMB version 10a patch (HKLM-x32\...\DMB version 10a patch) (Version: 10a - Diamond Mind, Inc.)

Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version:  - SEIKO EPSON Corporation)

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

iTunes (HKLM\...\{18155797-EF2E-4699-9A16-FE787C4C10DB}) (Version: 10.2.2.14 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)

LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)

LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden

LeapFrog My Pals Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden

LeapFrog Tag Junior Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden

Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MotoHelper 2.1.40 Driver 5.5.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.40 - Motorola)

MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden

Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0 - Motorola Inc.) Hidden

Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)

Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)

Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)

Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)

TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)

TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)

Toshiba Book Place (HKLM-x32\...\{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}) (Version: 2.0.3977.0 - K-NFB Reading Technology, Inc.)

TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)

TOSHIBA Bulletin Board (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)

TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.7.64 - TOSHIBA Corporation)

TOSHIBA eco Utility (Version: 1.2.7.64 - TOSHIBA Corporation) Hidden

TOSHIBA eco Utility (x32 Version: 1.2.7.64 - TOSHIBA Corporation) Hidden

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)

TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - )

TOSHIBA Hardware Setup (Version: 4.03.02.00 - TOSHIBA) Hidden

TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)

TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden

TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden

TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)

TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)

TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)

TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)

TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation)

TOSHIBA ReelTime (Version: 1.6.05.64 - TOSHIBA Corporation) Hidden

TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - )

TOSHIBA Supervisor Password (Version: 4.03.02.00 - TOSHIBA) Hidden

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.2.64 - TOSHIBA Corporation)

TOSHIBA Value Added Package (Version: 1.3.2.64 - TOSHIBA Corporation) Hidden

TOSHIBA Value Added Package (x32 Version: 1.3.2.64 - TOSHIBA Corporation) Hidden

TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)

ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VMware View Client (HKLM\...\{70C29540-5625-443D-BC4F-6D0C763F44C8}) (Version: 4.6.0.366101 - VMware, Inc.)

War2Combat version 3.15 (HKLM-x32\...\War2Combat_is1) (Version: 3.15 - War2 RU Admins)

Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.7 - HTC)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-1990790332-1153374141-1900704237-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1990790332-1153374141-1900704237-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1990790332-1153374141-1900704237-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1990790332-1153374141-1900704237-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

13-07-2014 21:17:23 Windows Update

14-07-2014 04:15:32 Windows Update

15-07-2014 04:38:48 Windows Update

16-07-2014 01:04:02 Windows Update

16-07-2014 02:12:14 Installed AVG 2014

16-07-2014 02:12:57 Installed AVG 2014

16-07-2014 04:53:11 Windows Update

17-07-2014 04:14:32 Windows Update

19-07-2014 01:39:41 Windows Update

19-07-2014 02:52:42 Windows Update

20-07-2014 05:34:22 Windows Update

21-07-2014 04:30:38 Windows Update

22-07-2014 04:31:50 Windows Update

23-07-2014 03:59:13 Windows Update

24-07-2014 03:51:40 Windows Update

25-07-2014 11:53:11 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2011-05-22 17:05 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0409A1E2-BA6C-4984-A381-A3C11819B00F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)

Task: {17D15337-C682-45C1-8CF4-F854DB3D8155} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)

Task: {2651E268-08E9-40E0-81E6-3DA7A21737B9} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()

Task: {3702F7EB-6DA3-41FE-A05D-BB46C1DC5E12} - System32\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {3A1B607A-5A60-4E97-B856-1E516335CAAF} - System32\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {460A3B3F-80BA-44B7-9A6E-15377179A22C} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()

Task: {6F676728-0A6D-4512-B4AD-95E5426FF69D} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()

Task: {70036A4B-A5E3-4584-BE0E-A492CD5324BC} - System32\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {85AD9731-CA23-4080-B1B0-E5A7F83722A1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {86EF6F4E-C5EE-4642-8098-68B98D001686} - System32\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {A142736D-435A-4730-A8E0-F3F7BF2D290E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-18] (Google Inc.)

Task: {A46E0F6D-CAFB-4C8C-BC23-F5FDC74EA0F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-18] (Google Inc.)

Task: {D24E8ED2-CF1C-49CA-B723-2018802C22CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE

Task: C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE

Task: C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE

Task: C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-02-01 17:55 - 2012-02-01 17:55 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

2012-02-01 17:55 - 2012-02-01 17:55 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

2010-03-03 17:15 - 2010-03-03 17:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll

2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll

2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll

2010-07-18 21:25 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll

2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll

2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

2013-12-08 18:30 - 2013-11-24 13:56 - 03139072 _____ () C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

2009-10-13 13:00 - 2009-10-13 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-09-10 07:30 - 2010-09-10 07:30 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

2010-11-21 15:07 - 2010-09-22 14:41 - 00539744 _____ () C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\ziptv06.dll

2010-11-21 15:07 - 2010-09-22 14:41 - 00419192 _____ () C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\LockBox.dll

2011-03-21 17:30 - 2011-03-21 17:30 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-18 22:24 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-18 22:24 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-18 22:24 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-18 22:24 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-18 22:24 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Owner\Downloads\noname (1).eml:OECustomProperty

AlternateDataStreams: C:\Users\Owner\Downloads\noname.eml:OECustomProperty

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/25/2014 07:55:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (07/25/2014 07:55:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (07/25/2014 07:55:56 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (07/25/2014 07:55:14 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: SHELL32.dll, version: 6.1.7601.18429, time stamp: 0x5330ecd9

Exception code: 0xc0000005

Fault offset: 0x000000000028d142

Faulting process id: 0x79c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (07/25/2014 02:02:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (07/25/2014 02:02:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (07/25/2014 01:22:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (07/25/2014 01:22:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (07/24/2014 09:33:19 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (07/24/2014 09:33:13 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

 

System errors:

=============

Error: (07/25/2014 07:53:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).

 

Error: (07/24/2014 07:42:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater3.1.0 service failed to start due to the following error: 

%%2

 

Error: (07/23/2014 11:52:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).

 

Error: (07/23/2014 07:41:24 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

Error: (07/23/2014 07:00:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (07/23/2014 06:54:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (07/23/2014 06:32:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater3.1.0 service failed to start due to the following error: 

%%2

 

Error: (07/23/2014 00:00:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB2813430).

 

Error: (07/22/2014 07:44:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater3.1.0 service failed to start due to the following error: 

%%2

 

Error: (07/22/2014 07:35:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WebrootSpySweeperService service.

 

 

Microsoft Office Sessions:

=========================

Error: (07/25/2014 07:55:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (07/25/2014 07:55:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (07/25/2014 07:55:56 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

 

Error: (07/25/2014 07:55:14 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.184295330ecd9c0000005000000000028d14279c01cfa798f8af0475C:\windows\Explorer.EXEC:\windows\system32\SHELL32.dll8946eda3-13f2-11e4-869d-60eb693fb36f

 

Error: (07/25/2014 02:02:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (07/25/2014 02:02:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (07/25/2014 01:22:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (07/25/2014 01:22:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (07/24/2014 09:33:19 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

 

Error: (07/24/2014 09:33:13 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-11-03 15:53:09.231

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 15:53:09.227

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 15:53:09.222

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 15:53:09.193

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 15:53:09.189

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 15:53:09.184

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 14:29:46.942

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 14:29:46.872

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 14:29:46.807

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-03 14:29:46.554

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 69%

Total physical RAM: 2810.9 MB

Available physical RAM: 845.73 MB

Total Pagefile: 5619.98 MB

Available Pagefile: 2564.21 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (TI105949W0C) (Fixed) (Total:286.57 GB) (Free:186.74 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4A473AB0)

Partition 1: (Active) - (Size=1 GB) - (Type=27)

Partition 2: (Not Active) - (Size=287 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=10 GB) - (Type=17)

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

Step 1

Please download tfc.pngTFC (by Oldtimer) and save it to your Desktop.

  • Start TFC.exe with administrator privileges.
  • Close all other running programs.
  • Click on Start.
  • Allow a reboot if one is requested.
Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Didn't know if you wanted the TFC log as well so just in case:

 

Getting user folders.
 
Stopping running processes.
 
Emptying Temp folders.
 
 
User: Administrator
->Temp folder emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Owner
->Temp folder emptied: 80552 bytes
->Temporary Internet Files folder emptied: 1703785368 bytes
->Java cache emptied: 1095386 bytes
->FireFox cache emptied: 445210001 bytes
->Google Chrome cache emptied: 418419618 bytes
->Flash cache emptied: 1276254 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 1245239 bytes
%systemroot% .tmp files removed: 2781737 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3788586 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 13176806 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 522225 bytes
 
Emptying RecycleBin. Do not interrupt.
 
RecycleBin emptied: 171 bytes
Process complete!
 
Total Files Cleaned = 2,471.00 mb
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01

Ran by Owner (administrator) on OWNER-PC on 25-07-2014 19:57:20

Running from C:\Users\Owner\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

( ) C:\Windows\System32\lxczcoms.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe

() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILBE.EXE

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)

HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)

HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)

HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)

HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-04-27] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [Amazon Cloud Player] => C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1990790332-1153374141-1900704237-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe


SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


SearchScopes: HKLM-x32 - DefaultScope value is missing.


SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}


SearchScopes: HKCU - {B70C8C06-E07D-4550-9D57-FBE5D6A57401} URL = 


BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

 

FireFox:

========

FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\l260stbr.default

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\xfinity.xml

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

 

Chrome: 

=======

CHR HomePage: https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp

CHR StartupUrls: "https://mysearch.avg.com?cid={3596CAB4-F10B-454E-B783-355EEC571130}&mid=29f321c6055a47d0ae35b1a22fdb5a9c-be6688d8e3549667a3ad7bbd768f912983e1116d〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-17 20:18:21&v=3.1.0.6&pid=wtu&sg=&sap=hp"

CHR DefaultSearchKeyword: mysearch.avg.com

CHR DefaultNewTabURL: 

CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-05]

CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]

CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]

CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]

CHR Extension: (Hangouts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-14]

CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]

CHR HKLM-x32\...\Chrome\Extension: [aaaakabcghbhlohjjnonbaadlhlkhaob] - C:\ProgramData\AskPartnerNetwork\Toolbar\EPNV64\CRX\ToolbarCR.crx [2013-10-05]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)

R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 lxcz_device; C:\windows\system32\lxczcoms.exe [566192 2007-04-19] ( )

R2 lxcz_device; C:\windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )

R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [361472 2011-06-13] (Alcatel-Lucent) [File not signed]

R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [441344 2011-06-13] (Alcatel-Lucent) [File not signed]

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()

R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]

R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [3872776 2010-09-22] (Webroot Software, Inc. (www.webroot.com))

S2 vToolbarUpdater3.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-07-17] (AVG Technologies)

S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-07-05] (LeapFrog)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)

S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-12-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

R2 ssfmonm; C:\Windows\System32\DRIVERS\ssfmonm.sys [55360 2010-06-17] (Webroot Software, Inc. (www.webroot.com))

R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [136224 2010-06-17] (Webroot Software, Inc. (www.webroot.com))

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-25 19:33 - 2014-07-25 19:33 - 00448512 _____ (OldTimer Tools) C:\Users\Owner\Downloads\TFC (1).exe

2014-07-25 19:33 - 2014-07-25 19:33 - 00001466 _____ () C:\Users\Owner\Desktop\TFC (1) - Shortcut.lnk

2014-07-25 19:32 - 2014-07-25 19:32 - 00448512 _____ (OldTimer Tools) C:\Users\Owner\Downloads\TFC.exe

2014-07-25 07:56 - 2014-07-25 07:56 - 00013314 _____ () C:\Users\Owner\Desktop\FRST64 - Shortcut.lnk

2014-07-25 07:56 - 2014-07-25 07:56 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion

2014-07-24 22:50 - 2014-07-24 22:50 - 02030424 ____N () C:\Users\Owner\Downloads\IBC14_0724.zip

2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 21:31 - 2014-07-24 21:31 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu (1).exe

2014-07-24 21:30 - 2014-07-24 21:30 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

2014-07-23 22:57 - 2014-07-23 22:57 - 00003009 _____ () C:\windows\baseball.INI

2014-07-23 19:03 - 2014-07-23 19:03 - 00025907 _____ () C:\ComboFix.txt

2014-07-23 18:41 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe

2014-07-23 18:41 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe

2014-07-23 18:41 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe

2014-07-23 18:41 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe

2014-07-23 18:40 - 2014-07-23 19:04 - 00000000 ____D () C:\Qoobox

2014-07-23 18:39 - 2014-07-23 19:01 - 00000000 ____D () C:\windows\erdnt

2014-07-23 18:36 - 2014-07-23 18:37 - 05562024 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe

2014-07-22 23:20 - 2014-07-22 23:20 - 04046619 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (20).zip

2014-07-22 19:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll

2014-07-22 19:39 - 2014-07-22 19:41 - 00000000 ____D () C:\AdwCleaner

2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe

2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}

2014-07-21 19:41 - 2014-07-25 08:02 - 00043032 _____ () C:\Users\Owner\Downloads\Addition.txt

2014-07-21 19:40 - 2014-07-25 07:56 - 02093568 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe

2014-07-21 19:36 - 2014-07-25 19:57 - 00022651 _____ () C:\Users\Owner\Downloads\FRST.txt

2014-07-21 19:35 - 2014-07-25 19:57 - 00000000 ____D () C:\FRST

2014-07-20 22:34 - 2014-07-20 22:35 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip

2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip

2014-07-17 20:18 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp

2014-07-17 20:18 - 2014-07-17 20:16 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys

2014-07-17 20:17 - 2014-07-17 20:18 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

2014-07-16 22:13 - 2014-07-17 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-16 22:12 - 2014-07-17 00:13 - 00000000 ____D () C:\Users\Owner\Desktop\mbar

2014-07-16 22:11 - 2014-07-16 22:12 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-16 22:09 - 2014-07-16 22:10 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe

2014-07-16 20:42 - 2014-07-24 19:48 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-16 20:40 - 2014-07-17 20:12 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-07-16 20:40 - 2014-07-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-07-16 20:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-07-16 20:39 - 2014-07-16 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-16 20:38 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014

2014-07-15 22:14 - 2014-07-15 22:15 - 00000000 ____D () C:\ProgramData\AVG2014

2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\$AVG

2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-07-15 22:04 - 2014-07-15 22:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014

2014-07-15 22:03 - 2014-07-15 22:04 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx

2014-07-11 23:54 - 2014-07-11 23:56 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip

2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip

2014-07-10 22:54 - 2014-07-10 22:55 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip

2014-07-10 21:28 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-10 21:28 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-07-10 21:28 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-07-10 21:28 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-07-10 21:28 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-10 21:28 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-07-10 21:28 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-07-10 21:28 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-07-10 21:28 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-07-10 21:28 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-10 21:28 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-07-10 21:28 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-07-10 21:28 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-10 21:28 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-10 21:28 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-10 21:28 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-10 21:28 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-10 21:28 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-10 21:28 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-10 21:27 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-07-10 21:27 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-07-10 21:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-10 21:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-10 21:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-07-10 21:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-10 21:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-07-10 21:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-07-10 21:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-07-10 21:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-07-10 21:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-07-10 21:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-07-10 21:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-07-10 21:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-07-10 21:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-07-10 21:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-10 21:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-07-10 21:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-10 21:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-10 21:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-10 21:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-10 21:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-07-10 21:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-07-10 21:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-10 21:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-07-10 21:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-10 21:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-07-10 21:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-07-10 21:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-07-10 21:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-07-10 21:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-10 21:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-10 21:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-10 21:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-10 21:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-07-10 21:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-10 21:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-10 21:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-10 21:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-10 21:27 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe

2014-07-10 21:27 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe

2014-07-10 21:27 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-07-10 21:27 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2014-07-10 21:27 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll

2014-07-10 21:27 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll

2014-07-10 21:27 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll

2014-07-10 21:27 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys

2014-07-10 21:23 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-07-10 21:23 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll

2014-07-10 21:23 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll

2014-07-09 00:33 - 2014-07-09 00:34 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip

2014-07-08 23:41 - 2014-07-08 23:52 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe

2014-07-08 23:37 - 2014-07-08 23:38 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe

2014-07-08 21:19 - 2014-07-08 21:20 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip

2014-07-06 22:26 - 2014-07-06 22:27 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip

2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip

2014-07-05 22:28 - 2014-07-05 22:29 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip

2014-07-03 18:24 - 2014-07-03 18:25 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip

2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip

2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip

2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip

2014-06-28 23:43 - 2014-06-28 23:44 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip

2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip

2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip

2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4

2014-06-25 21:04 - 2014-06-25 21:13 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014

2014-06-25 20:59 - 2014-06-25 21:27 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-25 19:59 - 2014-07-21 19:36 - 00022651 _____ () C:\Users\Owner\Downloads\FRST.txt

2014-07-25 19:57 - 2014-07-21 19:35 - 00000000 ____D () C:\FRST

2014-07-25 19:55 - 2014-03-03 22:55 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

2014-07-25 19:55 - 2014-03-03 22:55 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {7DEBD26C-7DEA-40C3-B495-0CAD00B3EA12}.job

2014-07-25 19:55 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\FxsTmp

2014-07-25 19:44 - 2013-12-13 22:44 - 00000911 _____ () C:\windows\Tasks\EPSON XP-310 Series Update {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

2014-07-25 19:44 - 2013-12-13 22:44 - 00000725 _____ () C:\windows\Tasks\EPSON XP-310 Series Invitation {0B27C824-AF46-476A-B592-12B2DD9EAFF4}.job

2014-07-25 19:34 - 2011-02-28 00:17 - 00000000 ____D () C:\Temp

2014-07-25 19:33 - 2014-07-25 19:33 - 00448512 _____ (OldTimer Tools) C:\Users\Owner\Downloads\TFC (1).exe

2014-07-25 19:33 - 2014-07-25 19:33 - 00001466 _____ () C:\Users\Owner\Desktop\TFC (1) - Shortcut.lnk

2014-07-25 19:32 - 2014-07-25 19:32 - 00448512 _____ (OldTimer Tools) C:\Users\Owner\Downloads\TFC.exe

2014-07-25 19:31 - 2012-09-03 19:34 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000UA.job

2014-07-25 19:31 - 2012-03-30 19:36 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-07-25 19:31 - 2010-07-18 21:28 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-25 18:19 - 2009-07-14 01:13 - 00006454 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-25 18:16 - 2010-09-10 07:29 - 01614441 _____ () C:\windows\WindowsUpdate.log

2014-07-25 17:55 - 2012-10-10 22:04 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-25 16:57 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-25 16:57 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-25 16:49 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-25 16:49 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-25 16:49 - 2010-07-18 21:28 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-25 16:49 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-25 16:49 - 2009-07-14 00:51 - 00120054 _____ () C:\windows\setupact.log

2014-07-25 08:02 - 2014-07-21 19:41 - 00043032 _____ () C:\Users\Owner\Downloads\Addition.txt

2014-07-25 07:58 - 2012-05-11 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-25 07:56 - 2014-07-25 07:56 - 00013314 _____ () C:\Users\Owner\Desktop\FRST64 - Shortcut.lnk

2014-07-25 07:56 - 2014-07-25 07:56 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion

2014-07-25 07:56 - 2014-07-21 19:40 - 02093568 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe

2014-07-25 00:14 - 2012-01-29 22:43 - 00000000 ____D () C:\dmb10

2014-07-24 22:50 - 2014-07-24 22:50 - 02030424 ____N () C:\Users\Owner\Downloads\IBC14_0724.zip

2014-07-24 22:22 - 2012-09-03 19:34 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990790332-1153374141-1900704237-1000Core.job

2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 21:31 - 2014-07-24 21:31 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu (1).exe

2014-07-24 21:30 - 2014-07-24 21:30 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

2014-07-24 19:48 - 2014-07-16 20:42 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-24 19:42 - 2010-07-18 21:36 - 00343704 _____ () C:\windows\PFRO.log

2014-07-23 22:57 - 2014-07-23 22:57 - 00003009 _____ () C:\windows\baseball.INI

2014-07-23 19:04 - 2014-07-23 18:40 - 00000000 ____D () C:\Qoobox

2014-07-23 19:03 - 2014-07-23 19:03 - 00025907 _____ () C:\ComboFix.txt

2014-07-23 19:03 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default

2014-07-23 19:01 - 2014-07-23 18:39 - 00000000 ____D () C:\windows\erdnt

2014-07-23 19:00 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini

2014-07-23 18:37 - 2014-07-23 18:36 - 05562024 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe

2014-07-22 23:20 - 2014-07-22 23:20 - 04046619 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (20).zip

2014-07-22 19:41 - 2014-07-22 19:39 - 00000000 ____D () C:\AdwCleaner

2014-07-22 19:41 - 2010-11-20 22:45 - 00000000 ____D () C:\Users\Owner

2014-07-22 19:38 - 2014-07-22 19:38 - 01354223 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe

2014-07-22 00:30 - 2010-11-29 23:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client

2014-07-21 21:15 - 2014-07-21 21:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D54AAA1-D7E5-404E-9205-936F0AB5320B}

2014-07-20 22:35 - 2014-07-20 22:34 - 01813321 ____N () C:\Users\Owner\Downloads\IBC14_0720.zip

2014-07-18 22:05 - 2014-07-18 22:05 - 01780442 ____N () C:\Users\Owner\Downloads\IBC14_0717.zip

2014-07-18 21:38 - 2014-07-17 20:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\AVG Web TuneUp

2014-07-17 20:18 - 2014-07-17 20:17 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

2014-07-17 20:17 - 2014-07-17 20:17 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

2014-07-17 20:16 - 2014-07-17 20:18 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys

2014-07-17 20:12 - 2014-07-16 20:40 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-07-17 00:13 - 2014-07-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-17 00:13 - 2014-07-16 22:12 - 00000000 ____D () C:\Users\Owner\Desktop\mbar

2014-07-16 22:12 - 2014-07-16 22:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-16 22:10 - 2014-07-16 22:09 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1012.exe

2014-07-16 21:49 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF

2014-07-16 21:24 - 2010-07-18 21:30 - 00000000 ____D () C:\windows\PCHEALTH

2014-07-16 20:41 - 2014-07-16 20:41 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-16 20:41 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-16 20:40 - 2014-07-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-16 20:40 - 2014-07-16 20:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-16 20:39 - 2014-07-16 20:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-16 20:30 - 2009-07-14 01:08 - 00032610 _____ () C:\windows\Tasks\SCHEDLGU.TXT

2014-07-15 22:55 - 2014-07-15 22:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Avg2014

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVG2014

2014-07-15 22:15 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\AVG2014

2014-07-15 22:14 - 2014-07-15 22:14 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-15 22:14 - 2014-07-15 22:14 - 00000000 ____D () C:\$AVG

2014-07-15 22:12 - 2014-07-15 22:12 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-07-15 22:04 - 2014-07-15 22:03 - 04755832 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-07-15 20:42 - 2014-07-15 20:42 - 00119558 _____ () C:\Users\Owner\Downloads\PB Hispanic Chamber FEF Presentation.pptx

2014-07-11 23:56 - 2014-07-11 23:54 - 03932522 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (19).zip

2014-07-11 22:56 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache

2014-07-11 21:19 - 2014-07-11 21:19 - 01910719 ____N () C:\Users\Owner\Downloads\IBC14_0710.zip

2014-07-11 20:36 - 2009-07-14 00:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT

2014-07-11 20:34 - 2014-05-07 00:07 - 00000000 ___SD () C:\windows\system32\CompatTel

2014-07-11 20:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism

2014-07-11 20:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism

2014-07-10 23:54 - 2013-07-21 10:43 - 00000000 ____D () C:\windows\system32\MRT

2014-07-10 23:52 - 2010-11-20 23:02 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-07-10 22:55 - 2014-07-10 22:54 - 03915260 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (18).zip

2014-07-09 00:34 - 2014-07-09 00:33 - 03842754 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (17).zip

2014-07-08 23:52 - 2014-07-08 23:41 - 46306576 _____ (Installation Program) C:\Users\Owner\Downloads\bapinstaller.exe

2014-07-08 23:38 - 2014-07-08 23:37 - 02402624 _____ () C:\Users\Owner\Downloads\VerizonWindowsInstaller.exe

2014-07-08 21:20 - 2014-07-08 21:19 - 03841323 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (16).zip

2014-07-08 21:07 - 2012-03-30 19:36 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

2014-07-08 21:07 - 2012-03-30 19:35 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-07-08 21:07 - 2011-09-23 22:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-08 19:58 - 2014-06-22 14:50 - 00000000 ____D () C:\Users\Owner\Desktop\htconem8photos

2014-07-06 22:27 - 2014-07-06 22:26 - 01785194 ____N () C:\Users\Owner\Downloads\IBC14_0706.zip

2014-07-05 22:29 - 2014-07-05 22:29 - 03796636 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (15).zip

2014-07-05 22:29 - 2014-07-05 22:28 - 01664392 ____N () C:\Users\Owner\Downloads\America_censored_Yeah.zip

2014-07-03 18:25 - 2014-07-03 18:24 - 03799185 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (14).zip

2014-07-01 23:01 - 2014-07-01 23:01 - 00015000 _____ () C:\Users\Owner\Downloads\astigersseries.zip

2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-29 23:09 - 2014-06-29 23:09 - 01734337 ____N () C:\Users\Owner\Downloads\IBC14_0629.zip

2014-06-29 22:09 - 2014-07-10 21:27 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-06-29 22:04 - 2014-07-10 21:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (13).zip

2014-06-28 23:44 - 2014-06-28 23:43 - 03752791 _____ () C:\Users\Owner\Downloads\BCMBL-2014 (12).zip

2014-06-26 23:12 - 2014-06-26 23:12 - 03716525 ____N () C:\Users\Owner\Downloads\BCMBL-2014 (11).zip

2014-06-26 21:19 - 2014-06-26 21:19 - 01709209 ____N () C:\Users\Owner\Downloads\IBC14_0626.zip

2014-06-26 19:03 - 2014-06-26 19:03 - 21579918 _____ () C:\Users\Owner\Downloads\VIDEO0016.mp4

2014-06-25 21:27 - 2014-06-25 20:59 - 00000000 ____D () C:\Users\Owner\Desktop\Lily beginning

2014-06-25 21:13 - 2014-06-25 21:04 - 00000000 ____D () C:\Users\Owner\Desktop\erin htc One 2014

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-18 21:40

 

==================== End Of Log ============================

Link to post
Share on other sites