Jump to content

Recommended Posts

I was surfing the web when i was prompted to download JAVA to open the website and my computer got infected. I own Malwarebytes PRO and have ran it several times and still cant remove it... PLEASE HELP.

 

 

FIRST LOG ---

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014
Ran by Ken (administrator) on KEN-HP on 09-08-2014 01:52:05
Running from C:\Users\Ken\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Silicondust USA Inc) C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Samsung Electronics) C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
() C:\Users\Nicole\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Samsung Electronics) C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Google Inc.) C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Popcorn Time                                                ) C:\Windows\Temp\set4177.tmp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [setDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-20] (IDT, Inc.)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-02-21] (Samsung Electronics)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [295304 2012-07-05] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe [61440 2007-06-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2561560 2014-05-08] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-04-22] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1406720394-1802764852-2631895018-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1406720394-1802764852-2631895018-1001\...\Run: [Google Update] => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-27] (Google Inc.)
HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Google Update] => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-27] (Google Inc.)
HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Plex Media Server] => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Amazon Cloud Player] => C:\Users\Nicole\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [browser Infrastructure Helper] => C:\Users\Nicole\AppData\Local\Smartbar\Application\Shopop.exe startup
HKU\S-1-5-21-1406720394-1802764852-2631895018-1005\...\Run: [Plex Media Server] => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
HKU\S-1-5-21-1406720394-1802764852-2631895018-1005\...\MountPoints2: {8913f29c-b033-11e1-baea-806e6f6e6963} - F:\Autorun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ywnmon32.exe.lnk
ShortcutTarget: ywnmon32.exe.lnk -> C:\Program Files (x86)\Open JDK Explorer\ywnmon32.exe (No File)
Startup: C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = 
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Shopop WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Shopop Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopop Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ken\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-26]
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Google Drive) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-11]
CHR Extension: (YouTube) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-16]
CHR Extension: (Google Search) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-16]
CHR Extension: (Website Logon) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-07-11]
CHR Extension: (Gmail) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-16]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]
CHR HKCU\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)
R2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-02-21] (Copyright 2013 SAMSUNG)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HDHomeRun Service; C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe [18432 2013-03-28] (Silicondust USA Inc) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 Popcorn Time Updater; C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe [211968 2014-05-22] (Popcorn Time) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2658664 2014-07-17] (Search Module Ltd.)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-03] (AVG Secure Search)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-03] (AVG Technologies)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41320 2014-07-17] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-09 01:52 - 2014-08-09 01:53 - 00031735 _____ () C:\Users\Ken\Downloads\FRST.txt
2014-08-09 01:52 - 2014-08-09 01:52 - 00000000 ____D () C:\FRST
2014-08-09 01:51 - 2014-08-09 01:52 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64 (1).exe
2014-08-09 01:51 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64.exe
2014-08-09 01:07 - 2014-08-09 01:07 - 01151963 _____ (Popcorn Time ) C:\Users\Ken\Downloads\Popcorn-Time.exe
2014-08-09 01:07 - 2014-08-09 01:07 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2014-08-05 12:43 - 2014-08-06 17:10 - 00000000 ____D () C:\Users\Nicole\Desktop\Pitts zoo 2014 (tan)
2014-08-05 12:42 - 2014-08-06 13:35 - 00001973 _____ () C:\Users\Nicole\Desktop\Sync Folder.lnk
2014-08-02 16:09 - 2014-08-02 16:09 - 00000000 _____ () C:\Users\Ken\AppData\Local\{208C145F-1C66-4DE5-BEC9-10EA702BB00C}
2014-08-01 00:32 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 00:32 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 00:32 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 00:32 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 00:32 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 00:32 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 00:32 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 00:32 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 00:32 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 00:32 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 00:32 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 00:32 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 00:32 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 00:32 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 00:27 - 2014-08-01 00:27 - 00000476 _____ () C:\Windows\Tasks\SMW_UpdateTask_Time_3931363635333736342d3237575a236c6c3255342a41.job
2014-07-23 15:46 - 2014-08-05 14:50 - 00000000 ____D () C:\Users\Nicole\Desktop\Horn
2014-07-18 18:12 - 2014-07-18 18:13 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{7BF6943A-7B76-4C6B-A90A-F8C8C74C9E69}
2014-07-17 15:44 - 2014-07-23 15:59 - 00000000 ____D () C:\Users\Nicole\AppData\Local\Windows Live
2014-07-17 15:43 - 2014-07-17 15:44 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{F30607F5-C73D-4FFB-B239-2D1835841886}
2014-07-15 12:56 - 2014-03-04 12:17 - 00122880 _____ () C:\Users\Nicole\AppData\Local\ChromeHitoryDB
2014-07-15 11:20 - 2014-07-20 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-15 11:20 - 2014-07-20 02:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-15 11:20 - 2014-07-15 13:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-15 11:20 - 2014-07-15 11:20 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-15 11:20 - 2014-07-15 11:20 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-07-15 11:20 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-07-15 11:18 - 2014-07-15 11:23 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4 (1).exe
2014-07-15 11:16 - 2014-07-15 11:24 - 57330680 _____ (PortableApps.com) C:\Users\Ken\Downloads\SpybotPortable_2.2.paf.exe
2014-07-15 11:14 - 2014-07-15 11:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4.exe
2014-07-11 10:32 - 2014-08-06 12:04 - 00000560 _____ () C:\Windows\setupact.log
2014-07-11 10:32 - 2014-07-11 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-11 10:29 - 2014-08-06 12:04 - 00017526 _____ () C:\Windows\PFRO.log
2014-07-11 01:24 - 2014-07-21 00:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-11 01:24 - 2014-07-21 00:42 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-07-11 01:24 - 2014-07-20 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-11 01:23 - 2014-08-09 01:28 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4.job
2014-07-11 01:23 - 2014-08-09 01:28 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1.job
2014-07-11 01:23 - 2014-07-11 01:23 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4
2014-07-11 01:23 - 2014-07-11 01:23 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1
2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieUserList
2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieSiteList
2014-07-10 10:39 - 2014-07-10 10:39 - 00001176 _____ () C:\Users\Ken\Documents\nicoles profile.reg
2014-07-10 01:52 - 2014-07-10 01:52 - 00410624 _____ () C:\Users\Ken\AppData\Local\CompTmp.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-09 01:53 - 2014-08-09 01:52 - 00031735 _____ () C:\Users\Ken\Downloads\FRST.txt
2014-08-09 01:52 - 2014-08-09 01:52 - 00000000 ____D () C:\FRST
2014-08-09 01:52 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64 (1).exe
2014-08-09 01:51 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64.exe
2014-08-09 01:39 - 2012-03-16 03:46 - 01087326 _____ () C:\Windows\WindowsUpdate.log
2014-08-09 01:36 - 2014-04-27 01:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001UA.job
2014-08-09 01:28 - 2014-07-11 01:23 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4.job
2014-08-09 01:28 - 2014-07-11 01:23 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1.job
2014-08-09 01:20 - 2012-06-06 12:58 - 00001575 _____ () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-09 01:16 - 2014-04-10 23:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-09 01:07 - 2014-08-09 01:07 - 01151963 _____ (Popcorn Time ) C:\Users\Ken\Downloads\Popcorn-Time.exe
2014-08-09 01:07 - 2014-08-09 01:07 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2014-08-09 01:06 - 2013-04-23 12:12 - 00000000 ____D () C:\AllShare Play
2014-08-09 01:05 - 2014-04-27 01:02 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001Core.job
2014-08-09 01:05 - 2014-03-15 23:43 - 00003088 _____ () C:\Windows\Tasks\Information-chromeinstaller.job
2014-08-09 01:05 - 2014-03-15 23:43 - 00002346 _____ () C:\Windows\Tasks\Information-firefoxinstaller.job
2014-08-09 01:05 - 2014-03-15 23:43 - 00001580 _____ () C:\Windows\Tasks\Information-updater.job
2014-08-09 01:05 - 2014-03-15 23:43 - 00001542 _____ () C:\Windows\Tasks\Information-codedownloader.job
2014-08-09 01:05 - 2014-03-15 23:43 - 00001420 _____ () C:\Windows\Tasks\Information-enabler.job
2014-08-09 01:05 - 2014-02-14 13:01 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job
2014-08-09 01:05 - 2013-05-26 14:01 - 00000278 _____ () C:\Windows\Tasks\DSite.job
2014-08-09 01:05 - 2013-04-11 09:59 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForKen.job
2014-08-07 11:23 - 2012-06-11 20:08 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\SoftGrid Client
2014-08-06 19:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-06 17:10 - 2014-08-05 12:43 - 00000000 ____D () C:\Users\Nicole\Desktop\Pitts zoo 2014 (tan)
2014-08-06 16:45 - 2012-12-12 16:04 - 00000000 ____D () C:\Users\Nicole\Desktop\Flowers
2014-08-06 13:35 - 2014-08-05 12:42 - 00001973 _____ () C:\Users\Nicole\Desktop\Sync Folder.lnk
2014-08-06 12:12 - 2009-07-14 00:45 - 00036320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-06 12:12 - 2009-07-14 00:45 - 00036320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-06 12:04 - 2014-07-11 10:32 - 00000560 _____ () C:\Windows\setupact.log
2014-08-06 12:04 - 2014-07-11 10:29 - 00017526 _____ () C:\Windows\PFRO.log
2014-08-06 12:04 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 12:03 - 2013-05-26 14:01 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\DSite
2014-08-06 09:48 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-05 17:35 - 2014-01-24 21:33 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNicole
2014-08-05 17:35 - 2014-01-24 21:33 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForNicole.job
2014-08-05 14:50 - 2014-07-23 15:46 - 00000000 ____D () C:\Users\Nicole\Desktop\Horn
2014-08-05 12:43 - 2012-12-12 15:59 - 00000000 ____D () C:\Users\Nicole\Desktop\My Pix
2014-08-05 12:41 - 2013-11-21 12:11 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-08-05 12:39 - 2012-11-02 09:57 - 00000000 ____D () C:\Users\C&C
2014-08-05 12:39 - 2012-06-26 13:57 - 00000000 ____D () C:\Users\Nicole
2014-08-02 16:09 - 2014-08-02 16:09 - 00000000 _____ () C:\Users\Ken\AppData\Local\{208C145F-1C66-4DE5-BEC9-10EA702BB00C}
2014-08-01 00:39 - 2013-04-11 09:59 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKen
2014-08-01 00:27 - 2014-08-01 00:27 - 00000476 _____ () C:\Windows\Tasks\SMW_UpdateTask_Time_3931363635333736342d3237575a236c6c3255342a41.job
2014-08-01 00:27 - 2009-07-14 01:08 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-29 23:44 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-29 23:42 - 2013-03-13 22:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 23:42 - 2013-03-13 22:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 10:42 - 2012-09-18 02:02 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-07-24 03:02 - 2013-03-13 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 15:59 - 2014-07-17 15:44 - 00000000 ____D () C:\Users\Nicole\AppData\Local\Windows Live
2014-07-23 15:44 - 2009-07-14 01:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 00:42 - 2014-07-11 01:24 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-21 00:42 - 2014-07-11 01:24 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-07-20 02:22 - 2014-07-09 18:22 - 00000000 ____D () C:\Users\TEMP
2014-07-20 02:22 - 2014-01-29 12:51 - 00000000 ____D () C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-07-20 02:21 - 2014-07-15 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-20 02:21 - 2014-07-15 11:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-20 02:21 - 2014-07-11 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-20 02:21 - 2014-07-08 01:19 - 00000000 ____D () C:\ProgramData\SearchModule
2014-07-20 02:21 - 2014-03-15 23:41 - 00000000 ____D () C:\Program Files (x86)\W3i
2014-07-20 02:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-07-20 02:19 - 2013-05-30 12:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-20 02:19 - 2012-06-06 15:49 - 00000000 ____D () C:\Users\Ken\AppData\Local\Google
2014-07-20 00:44 - 2014-01-29 12:51 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-07-19 23:58 - 2014-07-08 01:24 - 00118784 _____ () C:\Users\Ken\AppData\Local\ChromeHitoryDB
2014-07-19 22:23 - 2012-06-06 12:54 - 00000000 ____D () C:\Users\Ken
2014-07-18 18:13 - 2014-07-18 18:12 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{7BF6943A-7B76-4C6B-A90A-F8C8C74C9E69}
2014-07-17 15:44 - 2014-07-17 15:43 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{F30607F5-C73D-4FFB-B239-2D1835841886}
2014-07-17 15:43 - 2012-06-26 13:59 - 00063280 _____ () C:\Users\Nicole\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 13:09 - 2014-07-15 11:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-15 11:24 - 2014-07-15 11:16 - 57330680 _____ (PortableApps.com) C:\Users\Ken\Downloads\SpybotPortable_2.2.paf.exe
2014-07-15 11:23 - 2014-07-15 11:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4 (1).exe
2014-07-15 11:20 - 2014-07-15 11:20 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-15 11:20 - 2014-07-15 11:20 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-07-15 11:18 - 2014-07-15 11:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4.exe
2014-07-12 11:18 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-12 11:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 11:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 10:32 - 2014-07-11 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-11 10:32 - 2009-07-14 00:45 - 00289432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 09:36 - 2013-08-15 12:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 09:33 - 2013-02-17 16:31 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 09:31 - 2014-04-10 23:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-11 09:31 - 2012-06-07 21:23 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 09:31 - 2011-11-09 13:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 01:23 - 2014-07-11 01:23 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4
2014-07-11 01:23 - 2014-07-11 01:23 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1
2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieUserList
2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieSiteList
2014-07-11 01:19 - 2014-03-05 20:01 - 00000000 ____D () C:\Users\Ken\AppData\Local\Opera Software
2014-07-11 01:19 - 2014-03-05 20:00 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Opera Software
2014-07-11 01:19 - 2012-06-07 21:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-10 10:39 - 2014-07-10 10:39 - 00001176 _____ () C:\Users\Ken\Documents\nicoles profile.reg
2014-07-10 01:52 - 2014-07-10 01:52 - 00410624 _____ () C:\Users\Ken\AppData\Local\CompTmp.exe
 
Some content of TEMP:
====================
C:\Users\Ken\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Nicole\AppData\Local\Temp\6_Offer_16.exe
C:\Users\Nicole\AppData\Local\Temp\BackupSetup.exe
C:\Users\Nicole\AppData\Local\Temp\dcraw.exe
C:\Users\Nicole\AppData\Local\Temp\Extract.exe
C:\Users\Nicole\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Nicole\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nicole\AppData\Local\Temp\px.dll
C:\Users\Nicole\AppData\Local\Temp\pxafs.dll
C:\Users\Nicole\AppData\Local\Temp\PxCpyA64.exe
C:\Users\Nicole\AppData\Local\Temp\PxCpyI64.exe
C:\Users\Nicole\AppData\Local\Temp\pxdrv.dll
C:\Users\Nicole\AppData\Local\Temp\pxhpinst.exe
C:\Users\Nicole\AppData\Local\Temp\PxInsA64.exe
C:\Users\Nicole\AppData\Local\Temp\PxInsI64.exe
C:\Users\Nicole\AppData\Local\Temp\pxmas.dll
C:\Users\Nicole\AppData\Local\Temp\pxsetup.exe
C:\Users\Nicole\AppData\Local\Temp\pxsfs.dll
C:\Users\Nicole\AppData\Local\Temp\pxwave.dll
C:\Users\Nicole\AppData\Local\Temp\Resource.exe
C:\Users\Nicole\AppData\Local\Temp\SP57232.exe
C:\Users\Nicole\AppData\Local\Temp\SP58131.exe
C:\Users\Nicole\AppData\Local\Temp\sp58915.exe
C:\Users\Nicole\AppData\Local\Temp\SP58986.exe
C:\Users\Nicole\AppData\Local\Temp\sp64126.exe
C:\Users\Nicole\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Nicole\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Nicole\AppData\Local\Temp\vlc.exe
C:\Users\Nicole\AppData\Local\Temp\vxblock.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-07 00:35
 
==================== End Of Log ============================
 
 
Link to post
Share on other sites

SECOND LOG---

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014

Ran by Ken at 2014-08-09 01:53:52

Running from C:\Users\Ken\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)

Adobe Photoshop Lightroom (HKLM-x32\...\{EED085D5-A3FA-4FB2-BC93-48C1194E6E26}) (Version: 1.10.0000 - Adobe)

Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)

AllShare Framework DMS (HKLM\...\{1ABC9BD2-7E06-4D70-929B-AC1B6461A8B2}) (Version: 1.3.06 - Samsung)

AllShare Play 1.5.0.1302211905 (HKLM\...\8474-7877-9059-0204) (Version: 1.5.0.1302211905 - Copyright 2013 SAMSUNG)

AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)

AMD Fuel (Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In  (Version: 1.00.0000 - AMD) Hidden

AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)

AMD VISION Engine Control Center (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden

AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies)

Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - )

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)

ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version:  - ) <==== ATTENTION

Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)

CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )

Digital Cable Advisor (HKLM\...\{07ECF9FC-BB47-4325-8345-7BFEC708DDD7}) (Version: 1.0.0.0 - Microsoft Corporation)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)

ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)

Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Music Player (HKLM-x32\...\{C3C7E0B9-6870-4FB5-9883-0BD970F98418}) (Version: 1.0.0 - ExtenDev)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )

HDHomeRun (HKLM\...\{DBB4E17D-09D8-47A6-96B9-876093092284}) (Version: 1.0.12225.0 - Silicondust)

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden

Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)

HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{F2C07BE3-0F88-4D0C-957B-3557699981E9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)

HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)

HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)

HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Documentation (HKLM-x32\...\{54F0ED3B-BD05-4B41-BCFC-E03FE2DDFF1D}) (Version: 1.1.0.0 - Hewlett-Packard)

HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)

HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)

HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)

HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden

HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)

HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)

HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)

HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden

HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)

HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)

HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)

HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.0.33.15045 - LeapFrog)

LeapFrog Connect (x32 Version: 4.0.33.15045 - LeapFrog) Hidden

LeapFrog My Pals Plugin (x32 Version: 4.0.33.15045 - LeapFrog) Hidden

Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION

Nero 11 (HKLM-x32\...\{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}) (Version: 11.0.11200 - Nero AG)

Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden

Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden

Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden

Nero BackItUp 11 (x32 Version: 6.0.18000.19.100 - Nero AG) Hidden

Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden

Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)

Nero Burning ROM 11 (x32 Version: 11.0.12500.24.100 - Nero AG) Hidden

Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden

Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Core Components 11 (x32 Version: 11.0.15600.1.17 - Nero AG) Hidden

Nero CoverDesigner 11 (x32 Version: 6.0.10800.11.100 - Nero AG) Hidden

Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Express 11 (x32 Version: 11.0.11900.24.100 - Nero AG) Hidden

Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Kwik Media (x32 Version: 1.10.24000.138.100 - Nero AG) Hidden

Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden

Nero Recode 11 (x32 Version: 5.0.13600.34.100 - Nero AG) Hidden

Nero Recode 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden

Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden

Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden

Nero Video 11 (x32 Version: 8.0.14600.27.100 - Nero AG) Hidden

Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero WaveEditor 11 (x32 Version: 6.0.11100.7.100 - Nero AG) Hidden

Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden

NetAssistant (x32 Version: 3.8.3 - W3i) Hidden

NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version:  - NCH Software)

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Plex (HKCU\...\Plex) (Version: 0.9.504 - Plex, Inc)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)

RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden

SaveShare 1.74 (HKLM-x32\...\SP_703c874a) (Version:  - )

Search module (HKLM-x32\...\Search module) (Version:  - Search Module)

Shopop (HKLM-x32\...\{3DF474D5-1D41-43B5-BEA7-7E320542FD61}) (Version: 10.203.68.14274 - My Pop Shop Ltd.) <==== ATTENTION

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)

The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden

Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden

Unified Remote (HKLM-x32\...\{0E04AD66-9C5A-46DF-836B-29BD26194820}) (Version: 2.8.1.0 - Unified Remote)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)

Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

W3i NetAssistant (HKCU\...\NetAssistant 3.8.3) (Version: 3.8.3 - Freeze.com)

WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)

welcome (x32 Version: 11.0.21500.0.4 - Nero AG) Hidden

WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden

WILLPower v6 (HKLM-x32\...\WILLPower) (Version: 2.1.0.0 - H&R Block)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Winrar 4.20 Beta 3(64 bit) (HKLM\...\{102E68BF-1C68-42BC-8213-98D95B017052}_is1) (Version: 4.20 Beta 3 - Winrar)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Restore Points  =========================

 

12-07-2014 15:15:52 Windows Update

15-07-2014 15:25:21 Windows Update

20-07-2014 02:31:18 Windows Update

23-07-2014 04:26:09 Windows Update

24-07-2014 07:00:30 Windows Update

01-08-2014 04:31:24 Windows Update

01-08-2014 04:37:46 Windows Update

05-08-2014 16:46:05 Windows Update

09-08-2014 05:17:31 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0BD651FF-9274-490C-9591-80C6D6236E0D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {0EE5A570-F088-4ECA-9297-8C4C8E72AD72} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)

Task: {0F04A03C-3673-41C2-8905-A1AD3106ECFA} - System32\Tasks\Information-codedownloader => C:\Program Files (x86)\Information\Information-codedownloader.exe

Task: {18D7D48C-E2F6-4051-86C6-CC9EE69EAF4F} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe [2014-07-09] ()

Task: {25919CD3-3D51-4772-9DED-699D94C0D8E3} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {320D9B7F-26DC-4818-BBA5-33365631B3B7} - System32\Tasks\HPCeeScheduleForNicole => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {350BA221-D42B-4987-8E27-B0830210BADE} - System32\Tasks\{13FBB5D8-E269-406B-A9CF-967E75D459F2} => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21] (Samsung Electronics)

Task: {393CD331-DB23-49B9-91A7-DCFB070E4251} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {41628A67-2BFA-41EC-A7E1-2E37864B3EEF} - System32\Tasks\{A985D611-CD54-4461-9BFE-6792F52B81CD} => c:\program files (x86)\opera\opera.exe

Task: {56AFDCC7-10BA-476A-BCB6-6D5649BF5A07} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {649CAE24-2108-4AA8-9DBF-8B826FFF7CA0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {6CFA9E5B-85AF-4196-914C-482C5CDD6709} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001Core => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)

Task: {6EE190CD-0429-445E-AC32-EBFA539FCC2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001UA => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)

Task: {85DF78FA-6906-4BAD-BEDF-416898C56270} - System32\Tasks\HPCeeScheduleForKen => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {8B5723D0-96E5-4E0D-BBD5-090DD9D51414} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)

Task: {95C72B0F-1A0D-480E-B85D-3D65EBCD789B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {BD329CDD-E602-4DA6-9926-651414ECD797} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)

Task: {C2D7E103-E37F-4181-9528-7904F4BBBCA1} - System32\Tasks\Digital Sites => C:\Users\Ken\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {D879086F-DEE3-480A-A5E1-D9CBB773B19C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)

Task: {D945D720-8F90-4E3B-BE67-D35215E220F0} - System32\Tasks\Information-chromeinstaller => C:\Program Files (x86)\Information\Information-chromeinstaller.exe

Task: {D9F77D78-C16B-4F83-818E-45CA7625F46E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {DDD511B3-1F7E-4491-BBF9-6A5453BB39CF} - System32\Tasks\{822C2AA7-3DD5-4255-B0D1-72B066C67B2F} => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21] (Samsung Electronics)

Task: {DDD8C254-4570-4F90-8F83-D268825F029E} - System32\Tasks\DSite => C:\Users\Ken\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {E043796D-4554-483A-91EC-A3897026C25C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {E1285EA3-F286-4F7E-91BB-53722877BE07} - System32\Tasks\Information-updater => C:\Program Files (x86)\Information\Information-updater.exe

Task: {E6EBC63E-86C4-4945-A3FD-D6384AC9AC4A} - System32\Tasks\Information-firefoxinstaller => C:\Program Files (x86)\Information\Information-firefoxinstaller.exe

Task: {F0EFF594-2612-4365-AE0E-9467FED2F84F} - System32\Tasks\{812FB8F3-BA2F-475F-88E4-A36C50EA9D8D} => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21] (Samsung Electronics)

Task: {F3A032A2-FADF-4DB4-BE7C-994A9A56F0E8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: {F43DC09C-CBC4-408F-832D-2C05F7D684C4} - System32\Tasks\Information-enabler => C:\Program Files (x86)\Information\Information-enabler.exe

Task: {FF77DECE-26F0-4B89-ABF4-AE0B59502FC7} - System32\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Ken\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\Windows\Tasks\DSite.job => C:\Users\Ken\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001Core.job => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001UA.job => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForKen.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForNicole.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\Information-chromeinstaller.job => C:\Program Files (x86)\Information\Information-chromeinstaller.exe

Task: C:\Windows\Tasks\Information-codedownloader.job => C:\Program Files (x86)\Information\Information-codedownloader.exe

Task: C:\Windows\Tasks\Information-enabler.job => C:\Program Files (x86)\Information\Information-enabler.exe

Task: C:\Windows\Tasks\Information-firefoxinstaller.job => C:\Program Files (x86)\Information\Information-firefoxinstaller.exe

Task: C:\Windows\Tasks\Information-updater.job => C:\Program Files (x86)\Information\Information-updater.exe

Task: C:\Windows\Tasks\SMW_UpdateTask_Time_3931363635333736342d3237575a236c6c3255342a41.job => C:\ProgramData\SearchModule\smhe.js" smu.exe

 

==================== Loaded Modules (whitelisted) =============

 

2011-09-28 09:19 - 2011-09-28 09:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2014-01-27 11:05 - 2014-01-27 11:05 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll

2011-03-09 12:41 - 2011-03-09 12:41 - 01066896 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

2014-06-03 15:42 - 2014-06-03 15:41 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe

2011-03-09 12:41 - 2011-03-09 12:41 - 00491920 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

2014-01-27 14:25 - 2014-01-14 15:46 - 03140608 _____ () C:\Users\Nicole\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

2014-01-27 11:23 - 2014-01-27 11:23 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll

2013-05-26 14:01 - 2014-05-08 10:10 - 02561560 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe

2013-02-12 22:37 - 2013-02-12 22:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2011-09-28 09:19 - 2011-09-28 09:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-09-28 09:06 - 2011-09-28 09:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

2013-04-23 12:13 - 2013-02-21 20:06 - 01226752 _____ () C:\Program Files\Samsung\AllShare Play\SecLibJNI.dll

2013-04-23 14:38 - 2013-04-23 14:38 - 00515584 ____N () C:\Users\Ken\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

2013-04-23 12:13 - 2013-02-21 20:06 - 00011264 _____ () C:\Program Files\Samsung\AllShare Play\JniSys.dll

2012-10-23 09:10 - 2012-10-23 09:10 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\64bit\JNIInterface.dll

2012-10-22 20:02 - 2012-10-22 20:02 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\64bit\ASFAPI.dll

2012-10-23 09:09 - 2012-10-23 09:09 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\64bit\MediaDB_Manager.dll

2012-08-21 19:06 - 2012-08-21 19:06 - 00030720 _____ () C:\Windows\system32\MediaDB64.dll

2012-10-05 17:27 - 2012-10-05 17:27 - 00905216 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll

2012-10-23 09:10 - 2012-10-23 09:10 - 00522240 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\64bit\DMS_Manager.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll

2011-06-17 16:42 - 2011-06-17 16:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2012-10-22 16:55 - 2012-10-22 16:55 - 01113600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DMSManager.dll

2012-10-05 17:27 - 2012-10-05 17:27 - 00704000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ContentDirectoryPresenter.dll

2012-08-21 19:06 - 2012-08-21 19:06 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMCDP.dll

2012-08-21 19:06 - 2012-08-21 19:06 - 00101376 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\FolderCDP.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MetadataFramework.dll

2012-08-14 11:13 - 2012-08-14 11:13 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\sqlite3.dll

2012-08-14 11:13 - 2012-08-14 11:13 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MoodExtractor.dll

2012-08-14 11:43 - 2012-08-14 11:43 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMImgExtractor.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AutoChaptering.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexpat.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoThumb.dll

2012-08-14 11:43 - 2012-08-14 11:43 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avcodec-52.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avutil-50.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avformat-52.dll

2012-08-14 11:43 - 2012-08-14 11:43 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\swscale-0.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AudioExtractor.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00063488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ID3Driver.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\tag.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libThumbnail.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RichInfoDriver.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoExtractor.dll

2012-10-22 16:55 - 2012-10-22 16:55 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ThumbnailMaker.dll

2012-10-22 16:55 - 2012-10-22 16:55 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageMagickWrapper.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00133120 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoMetadataDriver.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libKeyFrame.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\SECMetaDriver.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageExtractor.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\photoDriver.dll

2012-08-14 11:43 - 2012-08-14 11:43 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexif-12.dll.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\TextExtractor.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\Autobackup.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RosettaAllShare.dll

2012-08-21 11:25 - 2012-08-21 11:25 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_serialization-vc90-mt-1_47.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_date_time-vc90-mt-1_47.dll

2012-08-21 11:25 - 2012-08-21 11:25 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_system-vc90-mt-1_47.dll

2012-08-21 11:26 - 2012-08-21 11:26 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_thread-vc90-mt-1_47.dll

2012-08-14 11:42 - 2012-08-14 11:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\us.dll

2014-05-14 12:45 - 2014-05-14 12:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll

2014-07-15 11:20 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2014-07-15 11:20 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2014-07-15 11:20 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2014-07-15 11:20 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2014-07-15 11:20 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll

2014-06-03 15:42 - 2014-06-03 15:41 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll

2013-02-12 22:38 - 2013-02-12 22:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2014-07-21 00:42 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-21 00:42 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-21 00:42 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-21 00:42 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-21 00:42 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/09/2014 01:17:31 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1406720394-1802764852-2631895018-1004.bak).  hr = 0x80070539, The security ID structure is invalid.

.

 

 

Operation:

   OnIdentify event

   Gathering Writer Data

 

Context:

   Execution Context: Shadow Copy Optimization Writer

   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}

   Writer Name: Shadow Copy Optimization Writer

   Writer Instance ID: {7f7293e5-ffd2-4d6c-bf03-ed9509a88d73}

 

Error: (08/07/2014 11:02:57 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a

Exception code: 0x80004004

Fault offset: 0x000000000000940d

Faulting process id: 0x1ce4

Faulting application start time: 0xLogonUI.exe0

Faulting application path: LogonUI.exe1

Faulting module path: LogonUI.exe2

Report Id: LogonUI.exe3

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1938889

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1938889

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1138

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1138

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (08/06/2014 00:05:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/06/2014 00:04:45 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )

Description: AllShare Framework DMSSvcInit started failed with 0

 

 

System errors:

=============

Error: (08/05/2014 00:40:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 

%%1053

 

Error: (08/05/2014 00:40:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

 

Error: (08/05/2014 00:39:47 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 4:09:07 PM on ‎8/‎2/‎2014 was unexpected.

 

Error: (08/01/2014 00:29:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: 

%%1056

 

Error: (08/01/2014 00:29:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: 

%%1056

 

Error: (08/01/2014 00:29:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: 

%%1056

 

Error: (08/01/2014 00:28:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: 

%%1056

 

Error: (08/01/2014 00:28:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Shell Hardware Detection service, but this action failed with the following error: 

%%1056

 

Error: (08/01/2014 00:27:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

Error: (08/01/2014 00:27:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

 

Microsoft Office Sessions:

=========================

Error: (08/09/2014 01:17:31 AM) (Source: VSS) (EventID: 8193) (User: )

Description: ConvertStringSidToSid(S-1-5-21-1406720394-1802764852-2631895018-1004.bak)0x80070539, The security ID structure is invalid.

 

 

Operation:

   OnIdentify event

   Gathering Writer Data

 

Context:

   Execution Context: Shadow Copy Optimization Writer

   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}

   Writer Name: Shadow Copy Optimization Writer

   Writer Instance ID: {7f7293e5-ffd2-4d6c-bf03-ed9509a88d73}

 

Error: (08/07/2014 11:02:57 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: LogonUI.exe6.1.7601.175144ce79f70KERNELBASE.dll6.1.7601.184095315a05a80004004000000000000940d1ce401cfb1d7c60961eaC:\Windows\system32\LogonUI.exeC:\Windows\system32\KERNELBASE.dllea0fcbb4-1e43-11e4-94da-082e5f971bf6

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1938889

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1938889

 

Error: (08/06/2014 06:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1138

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1138

 

Error: (08/06/2014 05:37:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (08/06/2014 00:05:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/06/2014 00:04:45 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )

Description: AllShare Framework DMSSvcInit started failed with 0

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 59%

Total physical RAM: 5609.91 MB

Available physical RAM: 2246.86 MB

Total Pagefile: 11217.99 MB

Available Pagefile: 6634.84 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:672.88 GB) (Free:324.55 GB) NTFS

Drive d: (Recovery) (Fixed) (Total:21.6 GB) (Free:2.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 2EE1C775)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=673 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=22 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

 

==================== End Of Log ============================

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
    
 
    
Before we start please read and note the following:
    
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.
Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
 
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

 

FRST.gif Fix with Farbar Recovery Scan Tool
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.
 
 
 
 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

fixlist.txt

Link to post
Share on other sites

I couldn't get the attachment to work...

 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.08.09.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.17207

Ken :: KEN-HP [administrator]

 

Protection: Enabled

 

8/9/2014 8:28:14 AM

mbam-log-2014-08-09 (08-28-14).txt

 

Scan type: Full scan (C:\|D:\|E:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 606736

Time elapsed: 1 hour(s), 33 minute(s), 14 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

Link to post
Share on other sites

This is it.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014

Ran by Ken (administrator) on KEN-HP on 09-08-2014 01:52:05

Running from C:\Users\Ken\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe

(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe

() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Silicondust USA Inc) C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Samsung Electronics) C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe

() C:\Users\Nicole\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe

() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE

() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(AMD) C:\Windows\System32\atieclxx.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Samsung Electronics) C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe

(Google Inc.) C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe

(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe

() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Popcorn Time) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Popcorn Time                                                ) C:\Windows\Temp\set4177.tmp.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)

HKLM\...\Run: [setDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-20] (IDT, Inc.)

HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-02-21] (Samsung Electronics)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)

HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [295304 2012-07-05] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe [61440 2007-06-26] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2561560 2014-05-08] ()

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)

HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-04-22] (Hewlett-Packard)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-1406720394-1802764852-2631895018-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1406720394-1802764852-2631895018-1001\...\Run: [Google Update] => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-27] (Google Inc.)

HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Google Update] => C:\Users\Ken\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-27] (Google Inc.)

HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Plex Media Server] => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [Amazon Cloud Player] => C:\Users\Nicole\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()

HKU\S-1-5-21-1406720394-1802764852-2631895018-1004\...\Run: [browser Infrastructure Helper] => C:\Users\Nicole\AppData\Local\Smartbar\Application\Shopop.exe startup

HKU\S-1-5-21-1406720394-1802764852-2631895018-1005\...\Run: [Plex Media Server] => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

HKU\S-1-5-21-1406720394-1802764852-2631895018-1005\...\MountPoints2: {8913f29c-b033-11e1-baea-806e6f6e6963} - F:\Autorun.exe

AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk

ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ywnmon32.exe.lnk

ShortcutTarget: ywnmon32.exe.lnk -> C:\Program Files (x86)\Open JDK Explorer\ywnmon32.exe (No File)

Startup: C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

BootExecute: autocheck autochk * sdnclean64.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF


SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}



SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}


SearchScopes: HKCU - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = 

SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}



BHO: Shopop WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)

BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM - Shopop Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - Shopop Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File

FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ken\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-26]

 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]

CHR Extension: (Google Drive) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-16]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-11]

CHR Extension: (YouTube) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-16]

CHR Extension: (Google Search) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-16]

CHR Extension: (Website Logon) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-07-11]

CHR Extension: (Google Wallet) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-07-11]

CHR Extension: (Gmail) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-16]

CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]

CHR HKCU\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]

CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Ken\AppData\Local\newhb2.crx [2013-10-04]

CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)

R2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-02-21] (Copyright 2013 SAMSUNG)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)

R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)

R2 HDHomeRun Service; C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe [18432 2013-03-28] (Silicondust USA Inc) [File not signed]

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]

R2 Popcorn Time Updater; C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe [211968 2014-05-22] (Popcorn Time) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2658664 2014-07-17] (Search Module Ltd.)

R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-03] (AVG Secure Search)

R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]

R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()

R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-03] (AVG Technologies)

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()

S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()

S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()

S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41320 2014-07-17] ()

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-09 01:52 - 2014-08-09 01:53 - 00031735 _____ () C:\Users\Ken\Downloads\FRST.txt

2014-08-09 01:52 - 2014-08-09 01:52 - 00000000 ____D () C:\FRST

2014-08-09 01:51 - 2014-08-09 01:52 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64 (1).exe

2014-08-09 01:51 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64.exe

2014-08-09 01:07 - 2014-08-09 01:07 - 01151963 _____ (Popcorn Time ) C:\Users\Ken\Downloads\Popcorn-Time.exe

2014-08-09 01:07 - 2014-08-09 01:07 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time

2014-08-05 12:43 - 2014-08-06 17:10 - 00000000 ____D () C:\Users\Nicole\Desktop\Pitts zoo 2014 (tan)

2014-08-05 12:42 - 2014-08-06 13:35 - 00001973 _____ () C:\Users\Nicole\Desktop\Sync Folder.lnk

2014-08-02 16:09 - 2014-08-02 16:09 - 00000000 _____ () C:\Users\Ken\AppData\Local\{208C145F-1C66-4DE5-BEC9-10EA702BB00C}

2014-08-01 00:32 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-08-01 00:32 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-08-01 00:32 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-08-01 00:32 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-08-01 00:32 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-08-01 00:32 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-08-01 00:32 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-08-01 00:32 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-08-01 00:32 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-08-01 00:32 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-08-01 00:32 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-08-01 00:32 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-08-01 00:32 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-08-01 00:32 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-08-01 00:27 - 2014-08-01 00:27 - 00000476 _____ () C:\Windows\Tasks\SMW_UpdateTask_Time_3931363635333736342d3237575a236c6c3255342a41.job

2014-07-23 15:46 - 2014-08-05 14:50 - 00000000 ____D () C:\Users\Nicole\Desktop\Horn

2014-07-18 18:12 - 2014-07-18 18:13 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{7BF6943A-7B76-4C6B-A90A-F8C8C74C9E69}

2014-07-17 15:44 - 2014-07-23 15:59 - 00000000 ____D () C:\Users\Nicole\AppData\Local\Windows Live

2014-07-17 15:43 - 2014-07-17 15:44 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{F30607F5-C73D-4FFB-B239-2D1835841886}

2014-07-15 12:56 - 2014-03-04 12:17 - 00122880 _____ () C:\Users\Nicole\AppData\Local\ChromeHitoryDB

2014-07-15 11:20 - 2014-07-20 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-07-15 11:20 - 2014-07-20 02:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-07-15 11:20 - 2014-07-15 13:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-07-15 11:20 - 2014-07-15 11:20 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2014-07-15 11:20 - 2014-07-15 11:20 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-07-15 11:20 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2014-07-15 11:18 - 2014-07-15 11:23 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4 (1).exe

2014-07-15 11:16 - 2014-07-15 11:24 - 57330680 _____ (PortableApps.com) C:\Users\Ken\Downloads\SpybotPortable_2.2.paf.exe

2014-07-15 11:14 - 2014-07-15 11:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4.exe

2014-07-11 10:32 - 2014-08-06 12:04 - 00000560 _____ () C:\Windows\setupact.log

2014-07-11 10:32 - 2014-07-11 10:32 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-11 10:29 - 2014-08-06 12:04 - 00017526 _____ () C:\Windows\PFRO.log

2014-07-11 01:24 - 2014-07-21 00:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-11 01:24 - 2014-07-21 00:42 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk

2014-07-11 01:24 - 2014-07-20 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-11 01:23 - 2014-08-09 01:28 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4.job

2014-07-11 01:23 - 2014-08-09 01:28 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1.job

2014-07-11 01:23 - 2014-07-11 01:23 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4

2014-07-11 01:23 - 2014-07-11 01:23 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1

2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieUserList

2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieSiteList

2014-07-10 10:39 - 2014-07-10 10:39 - 00001176 _____ () C:\Users\Ken\Documents\nicoles profile.reg

2014-07-10 01:52 - 2014-07-10 01:52 - 00410624 _____ () C:\Users\Ken\AppData\Local\CompTmp.exe

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-09 01:53 - 2014-08-09 01:52 - 00031735 _____ () C:\Users\Ken\Downloads\FRST.txt

2014-08-09 01:52 - 2014-08-09 01:52 - 00000000 ____D () C:\FRST

2014-08-09 01:52 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64 (1).exe

2014-08-09 01:51 - 2014-08-09 01:51 - 02094080 _____ (Farbar) C:\Users\Ken\Downloads\FRST64.exe

2014-08-09 01:39 - 2012-03-16 03:46 - 01087326 _____ () C:\Windows\WindowsUpdate.log

2014-08-09 01:36 - 2014-04-27 01:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001UA.job

2014-08-09 01:28 - 2014-07-11 01:23 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4.job

2014-08-09 01:28 - 2014-07-11 01:23 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1.job

2014-08-09 01:20 - 2012-06-06 12:58 - 00001575 _____ () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-08-09 01:16 - 2014-04-10 23:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-09 01:07 - 2014-08-09 01:07 - 01151963 _____ (Popcorn Time ) C:\Users\Ken\Downloads\Popcorn-Time.exe

2014-08-09 01:07 - 2014-08-09 01:07 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time

2014-08-09 01:06 - 2013-04-23 12:12 - 00000000 ____D () C:\AllShare Play

2014-08-09 01:05 - 2014-04-27 01:02 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406720394-1802764852-2631895018-1001Core.job

2014-08-09 01:05 - 2014-03-15 23:43 - 00003088 _____ () C:\Windows\Tasks\Information-chromeinstaller.job

2014-08-09 01:05 - 2014-03-15 23:43 - 00002346 _____ () C:\Windows\Tasks\Information-firefoxinstaller.job

2014-08-09 01:05 - 2014-03-15 23:43 - 00001580 _____ () C:\Windows\Tasks\Information-updater.job

2014-08-09 01:05 - 2014-03-15 23:43 - 00001542 _____ () C:\Windows\Tasks\Information-codedownloader.job

2014-08-09 01:05 - 2014-03-15 23:43 - 00001420 _____ () C:\Windows\Tasks\Information-enabler.job

2014-08-09 01:05 - 2014-02-14 13:01 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job

2014-08-09 01:05 - 2013-05-26 14:01 - 00000278 _____ () C:\Windows\Tasks\DSite.job

2014-08-09 01:05 - 2013-04-11 09:59 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForKen.job

2014-08-07 11:23 - 2012-06-11 20:08 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\SoftGrid Client

2014-08-06 19:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-08-06 17:10 - 2014-08-05 12:43 - 00000000 ____D () C:\Users\Nicole\Desktop\Pitts zoo 2014 (tan)

2014-08-06 16:45 - 2012-12-12 16:04 - 00000000 ____D () C:\Users\Nicole\Desktop\Flowers

2014-08-06 13:35 - 2014-08-05 12:42 - 00001973 _____ () C:\Users\Nicole\Desktop\Sync Folder.lnk

2014-08-06 12:12 - 2009-07-14 00:45 - 00036320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-06 12:12 - 2009-07-14 00:45 - 00036320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-06 12:04 - 2014-07-11 10:32 - 00000560 _____ () C:\Windows\setupact.log

2014-08-06 12:04 - 2014-07-11 10:29 - 00017526 _____ () C:\Windows\PFRO.log

2014-08-06 12:04 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-06 12:03 - 2013-05-26 14:01 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\DSite

2014-08-06 09:48 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-08-05 17:35 - 2014-01-24 21:33 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNicole

2014-08-05 17:35 - 2014-01-24 21:33 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForNicole.job

2014-08-05 14:50 - 2014-07-23 15:46 - 00000000 ____D () C:\Users\Nicole\Desktop\Horn

2014-08-05 12:43 - 2012-12-12 15:59 - 00000000 ____D () C:\Users\Nicole\Desktop\My Pix

2014-08-05 12:41 - 2013-11-21 12:11 - 00000000 ____D () C:\Program Files (x86)\PasswordBox

2014-08-05 12:39 - 2012-11-02 09:57 - 00000000 ____D () C:\Users\C&C

2014-08-05 12:39 - 2012-06-26 13:57 - 00000000 ____D () C:\Users\Nicole

2014-08-02 16:09 - 2014-08-02 16:09 - 00000000 _____ () C:\Users\Ken\AppData\Local\{208C145F-1C66-4DE5-BEC9-10EA702BB00C}

2014-08-01 00:39 - 2013-04-11 09:59 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKen

2014-08-01 00:27 - 2014-08-01 00:27 - 00000476 _____ () C:\Windows\Tasks\SMW_UpdateTask_Time_3931363635333736342d3237575a236c6c3255342a41.job

2014-08-01 00:27 - 2009-07-14 01:08 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-29 23:44 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-07-29 23:42 - 2013-03-13 22:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-29 23:42 - 2013-03-13 22:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-24 10:42 - 2012-09-18 02:02 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2014-07-24 03:02 - 2013-03-13 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-23 15:59 - 2014-07-17 15:44 - 00000000 ____D () C:\Users\Nicole\AppData\Local\Windows Live

2014-07-23 15:44 - 2009-07-14 01:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-21 00:42 - 2014-07-11 01:24 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-21 00:42 - 2014-07-11 01:24 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk

2014-07-20 02:22 - 2014-07-09 18:22 - 00000000 ____D () C:\Users\TEMP

2014-07-20 02:22 - 2014-01-29 12:51 - 00000000 ____D () C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

2014-07-20 02:21 - 2014-07-15 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-07-20 02:21 - 2014-07-15 11:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-07-20 02:21 - 2014-07-11 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-20 02:21 - 2014-07-08 01:19 - 00000000 ____D () C:\ProgramData\SearchModule

2014-07-20 02:21 - 2014-03-15 23:41 - 00000000 ____D () C:\Program Files (x86)\W3i

2014-07-20 02:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration

2014-07-20 02:19 - 2013-05-30 12:52 - 00000000 ____D () C:\Program Files (x86)\Google

2014-07-20 02:19 - 2012-06-06 15:49 - 00000000 ____D () C:\Users\Ken\AppData\Local\Google

2014-07-20 00:44 - 2014-01-29 12:51 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup

2014-07-19 23:58 - 2014-07-08 01:24 - 00118784 _____ () C:\Users\Ken\AppData\Local\ChromeHitoryDB

2014-07-19 22:23 - 2012-06-06 12:54 - 00000000 ____D () C:\Users\Ken

2014-07-18 18:13 - 2014-07-18 18:12 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{7BF6943A-7B76-4C6B-A90A-F8C8C74C9E69}

2014-07-17 15:44 - 2014-07-17 15:43 - 00000000 ____D () C:\Users\Nicole\AppData\Local\{F30607F5-C73D-4FFB-B239-2D1835841886}

2014-07-17 15:43 - 2012-06-26 13:59 - 00063280 _____ () C:\Users\Nicole\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-15 13:09 - 2014-07-15 11:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-07-15 11:24 - 2014-07-15 11:16 - 57330680 _____ (PortableApps.com) C:\Users\Ken\Downloads\SpybotPortable_2.2.paf.exe

2014-07-15 11:23 - 2014-07-15 11:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4 (1).exe

2014-07-15 11:20 - 2014-07-15 11:20 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2014-07-15 11:20 - 2014-07-15 11:20 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-07-15 11:18 - 2014-07-15 11:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken\Downloads\spybot-2.4.exe

2014-07-12 11:18 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-12 11:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-12 11:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-11 10:32 - 2014-07-11 10:32 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-11 10:32 - 2009-07-14 00:45 - 00289432 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-11 09:36 - 2013-08-15 12:45 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-11 09:33 - 2013-02-17 16:31 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-11 09:31 - 2014-04-10 23:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-11 09:31 - 2012-06-07 21:23 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-11 09:31 - 2011-11-09 13:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-11 01:23 - 2014-07-11 01:23 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf9cc83a10f0f4

2014-07-11 01:23 - 2014-07-11 01:23 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9cc8396a50a1

2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieUserList

2014-07-11 01:19 - 2014-07-11 01:19 - 00000000 __SHD () C:\Users\Ken\AppData\Local\EmieSiteList

2014-07-11 01:19 - 2014-03-05 20:01 - 00000000 ____D () C:\Users\Ken\AppData\Local\Opera Software

2014-07-11 01:19 - 2014-03-05 20:00 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Opera Software

2014-07-11 01:19 - 2012-06-07 21:09 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-07-10 10:39 - 2014-07-10 10:39 - 00001176 _____ () C:\Users\Ken\Documents\nicoles profile.reg

2014-07-10 01:52 - 2014-07-10 01:52 - 00410624 _____ () C:\Users\Ken\AppData\Local\CompTmp.exe

 

Some content of TEMP:

====================

C:\Users\Ken\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Nicole\AppData\Local\Temp\6_Offer_16.exe

C:\Users\Nicole\AppData\Local\Temp\BackupSetup.exe

C:\Users\Nicole\AppData\Local\Temp\dcraw.exe

C:\Users\Nicole\AppData\Local\Temp\Extract.exe

C:\Users\Nicole\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\Nicole\AppData\Local\Temp\i4jdel0.exe

C:\Users\Nicole\AppData\Local\Temp\px.dll

C:\Users\Nicole\AppData\Local\Temp\pxafs.dll

C:\Users\Nicole\AppData\Local\Temp\PxCpyA64.exe

C:\Users\Nicole\AppData\Local\Temp\PxCpyI64.exe

C:\Users\Nicole\AppData\Local\Temp\pxdrv.dll

C:\Users\Nicole\AppData\Local\Temp\pxhpinst.exe

C:\Users\Nicole\AppData\Local\Temp\PxInsA64.exe

C:\Users\Nicole\AppData\Local\Temp\PxInsI64.exe

C:\Users\Nicole\AppData\Local\Temp\pxmas.dll

C:\Users\Nicole\AppData\Local\Temp\pxsetup.exe

C:\Users\Nicole\AppData\Local\Temp\pxsfs.dll

C:\Users\Nicole\AppData\Local\Temp\pxwave.dll

C:\Users\Nicole\AppData\Local\Temp\Resource.exe

C:\Users\Nicole\AppData\Local\Temp\SP57232.exe

C:\Users\Nicole\AppData\Local\Temp\SP58131.exe

C:\Users\Nicole\AppData\Local\Temp\sp58915.exe

C:\Users\Nicole\AppData\Local\Temp\SP58986.exe

C:\Users\Nicole\AppData\Local\Temp\sp64126.exe

C:\Users\Nicole\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Nicole\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Nicole\AppData\Local\Temp\vlc.exe

C:\Users\Nicole\AppData\Local\Temp\vxblock.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-07 00:35

 

==================== End Of Log ============================

Link to post
Share on other sites

Oh i'm sorry i didn't realize you replied. Malwarebytes got a lot of it, but i know its still infected and i cant even log on my bank accounts without thinking my information is being stolen. My Internet browser is still taken over and makes my home page TUVARO - http://www-search.net/?s=E78yobryu1,495a26ad-f870-4054-b1ae-3036119e5daa, Every once in a while ill see a command box open and close. PLEASE HELP

Link to post
Share on other sites

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;gpt.ini;z C:\Windows\System32\GroupPolicy;vC:\Windows\SysWOW64\GroupPolicy;vprocess;services-list;systemspecs;startupall;skipfix-iedefaults;firefoxlook;chromelook;filesrcm;installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

51a612a8b27e2-Zoek.png Fix with ZOEK
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;[HKEY_USERS\S-1-5-21-1406720394-1802764852-2631895018-1004\Software\Microsoft\Windows\CurrentVersion\Run];r"Browser Infrastructure Helper"=-;rC:\Users\Nicole\AppData\Local\Smartbar;fsC:\Program Files (x86)\Information;fsC:\Windows\tasks\Information-chromeinstaller.job;fC:\Windows\tasks\Information-codedownloader.job;fC:\Windows\tasks\Information-enabler.job;fC:\Windows\tasks\Information-firefoxinstaller.job;fC:\Windows\tasks\Information-updater.job;fautoclean;emptyalltemp;chrdefaults;ipconfig /flushdns;b 
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

 

 

Recommended reading:




 

:excl:MUST READ - general maintenance: What to do if your Computer is running slowly?

 

 

 

Recommended additional software:



icon_arrow.gifTFC - to clean unneeded temporary files.

icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

icon_arrow.gifMcShield - to prevent infections spread by removable media.

icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.

icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.

icon_arrow.gifFiheHippo.com Update Checker - to keep your programs up-to-date.

icon_arrow.gifAdblock - to surf the web without annoying ads!

 

 

 

The following will implement some post-cleanup procedures:

 

=> Please download DelFix by Xplode to your Desktop.

 

Run the tool and check the following boxes below;

checkmark.png Remove disinfection tools

checkmark.png Create registry backup

checkmark.png Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.

At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

 

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix

Tool deletes old system restore points and create a fresh system restore point after cleaning.

 

 

My help is free for everybody.


If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif

Thank you!


 

 

 

Stay safe,

TwinHeadedEagle :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.