Jump to content

PUP.Optional.Spigot.A in Chrome preferences


Recommended Posts

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Hi Jurgen! Thanks for helping out. Here's the FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-08-2014
Ran by Luke (administrator) on LUKE-PC on 22-08-2014 22:45:41
Running from C:\Users\Luke\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Luke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-11-16] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2009-06-22] ()
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)
HKU\.DEFAULT\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [Google Update] => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-04-10] (Google Inc.)
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [GoogleChromeAutoLaunch_9C05172C73CA805343A88E4990B2A995] => C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {2d06efbd-ff17-11df-baea-00271345105f} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {66a7c220-f59e-11e2-a9fa-00271345105f} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {6a88a645-fb28-11df-b0bd-00271345105f} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {d4bc9f71-1031-11e3-9830-00271345105f} - F:\setup.exe -a
HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {e5593a00-a3a5-11e0-8889-00271345105f} - F:\LaunchU3.exe -a
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {01D15C0C-8866-48AE-AB39-8C663620774E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {01D15C0C-8866-48AE-AB39-8C663620774E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Tcpip\Parameters: [DhcpNameServer] 75.76.84.70 75.76.84.71 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\33qf0ouh.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcgrawhill.com/ChemDrawMGH,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDrawMGH\NPCDPMGH32.dll (CambridgeSoft Corp.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010-03-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-12-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-13]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-12-26]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: hxxp://search.yahoo.com?type=714647&fr=spigot-yhp-ch
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Screen Capture Plugin) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin/screen_capture.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (McGraw-Hill ChemDraw) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDrawMGH\NPCDPMGH32.dll (CambridgeSoft Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-14]
CHR Extension: (Honey) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2012-12-29]
CHR Extension: (Google Cast) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2013-12-29]
CHR Extension: (Google Search) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-14]
CHR Extension: (Screen Capture (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg [2010-09-03]
CHR Extension: (Search by Image (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-09-08]
CHR Extension: (AdBlock) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2010-09-03]
CHR Extension: (Hover Free) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmnnggnaofmhflgomfjfbndngdoogkj [2013-06-25]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2011-12-07]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2014-01-17]
CHR Extension: (StayFocusd) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2011-05-04]
CHR Extension: (Star Gazing) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2011-05-04]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2010-06-09]
CHR Extension: (Google Wallet) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2011-11-07]
CHR Extension: (Antisocial) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn [2012-11-24]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2010-11-16] (Andrea Electronics Corporation)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-01-25] (Fork Ltd.) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2014-07-12] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2014-07-12] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-11-16] (IDT, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-01] () [File not signed]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
U4 eabfiltr; 
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-22 22:45 - 2014-08-22 22:46 - 00030578 _____ () C:\Users\Luke\Desktop\FRST.txt
2014-08-22 22:43 - 2014-08-22 22:45 - 00000000 ____D () C:\FRST
2014-08-22 22:43 - 2014-08-22 22:43 - 02102784 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe
2014-08-21 21:31 - 2014-08-21 21:31 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Foxit Software
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-08-21 21:24 - 2014-08-21 21:24 - 37782816 _____ (Foxit Corporation ) C:\Users\Luke\Downloads\FoxitReader623.815_prom_enu_Setup.exe
2014-08-19 18:25 - 2014-08-19 18:25 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Luke\Downloads\SkypeSetup (2).exe
2014-08-18 22:23 - 2014-08-18 22:23 - 00918440 _____ (Oracle Corporation) C:\Users\Luke\Downloads\chromeinstall-7u67.exe
2014-08-18 22:22 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-18 22:22 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-18 22:22 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-18 22:22 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-18 22:21 - 2014-08-18 22:21 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-18 21:20 - 2014-08-22 21:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 21:20 - 2014-08-18 21:20 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 21:20 - 2014-08-18 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-18 21:19 - 2014-08-18 21:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-18 21:19 - 2014-08-18 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-18 21:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-18 21:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-18 21:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-18 21:17 - 2014-08-18 21:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Luke\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-16 11:42 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 11:42 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 11:42 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 11:42 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 11:42 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 11:42 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 11:41 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 11:41 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 19:01 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 19:01 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 19:01 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 19:01 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 19:01 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 19:01 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 19:01 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 19:00 - 2014-07-31 18:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 19:00 - 2014-07-31 18:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 19:00 - 2014-07-25 09:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 19:00 - 2014-07-25 09:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 19:00 - 2014-07-25 09:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 19:00 - 2014-07-25 08:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 19:00 - 2014-07-25 08:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 19:00 - 2014-07-25 08:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 19:00 - 2014-07-25 08:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 19:00 - 2014-07-25 08:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 19:00 - 2014-07-25 08:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 19:00 - 2014-07-25 08:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 19:00 - 2014-07-25 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 19:00 - 2014-07-25 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 19:00 - 2014-07-25 08:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 19:00 - 2014-07-25 08:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 19:00 - 2014-07-25 08:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 19:00 - 2014-07-25 07:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 19:00 - 2014-07-25 07:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 19:00 - 2014-07-25 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 19:00 - 2014-07-25 07:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 19:00 - 2014-07-25 07:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 19:00 - 2014-07-25 07:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 19:00 - 2014-07-25 07:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 19:00 - 2014-07-25 07:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 19:00 - 2014-07-25 07:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 19:00 - 2014-07-25 07:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 19:00 - 2014-07-25 07:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 19:00 - 2014-07-25 07:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 19:00 - 2014-07-25 07:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 19:00 - 2014-07-25 07:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 19:00 - 2014-07-25 07:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 19:00 - 2014-07-25 07:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 19:00 - 2014-07-25 07:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 19:00 - 2014-07-25 07:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 19:00 - 2014-07-25 07:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 19:00 - 2014-07-25 06:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 19:00 - 2014-07-25 06:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 19:00 - 2014-07-25 06:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 19:00 - 2014-07-25 06:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 19:00 - 2014-07-25 06:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 19:00 - 2014-07-25 06:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 19:00 - 2014-07-25 06:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 19:00 - 2014-07-25 06:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 19:00 - 2014-07-25 06:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 19:00 - 2014-07-25 06:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 19:00 - 2014-07-25 06:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 19:00 - 2014-07-25 06:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 19:00 - 2014-07-25 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 19:00 - 2014-07-25 06:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 19:00 - 2014-07-25 05:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 19:00 - 2014-07-25 05:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 19:00 - 2014-07-25 05:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 19:00 - 2014-07-25 05:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 19:00 - 2014-07-25 05:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 19:00 - 2014-07-25 05:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 19:00 - 2014-07-15 22:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 19:00 - 2014-07-15 21:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 19:00 - 2014-07-15 21:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 19:00 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 19:00 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 19:00 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 19:00 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 19:00 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 19:00 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 19:00 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 19:00 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 19:00 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 19:00 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 18:59 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 18:59 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 18:59 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 18:59 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-11 18:11 - 2014-08-11 18:11 - 00002137 _____ () C:\Users\Luke\Desktop\Skype.lnk
2014-08-10 00:19 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-10 00:17 - 2014-08-10 00:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-10 00:17 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-10 00:17 - 2014-08-10 00:18 - 113492816 _____ (Apple Inc.) C:\Users\Luke\Downloads\iTunes64Setup.exe
2014-08-10 00:16 - 2014-08-10 00:17 - 00000000 ____D () C:\Program Files\iTunes
2014-08-10 00:16 - 2014-08-10 00:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-10 00:16 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iPod
2014-07-31 13:31 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 13:31 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 13:31 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 13:31 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 13:30 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 13:30 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 13:30 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 13:30 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 13:30 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 13:30 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 13:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 13:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 13:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 13:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-22 22:46 - 2014-08-22 22:45 - 00030578 _____ () C:\Users\Luke\Desktop\FRST.txt
2014-08-22 22:45 - 2014-08-22 22:43 - 00000000 ____D () C:\FRST
2014-08-22 22:43 - 2014-08-22 22:43 - 02102784 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe
2014-08-22 22:40 - 2010-09-13 15:06 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-22 22:40 - 2010-04-10 17:06 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000UA.job
2014-08-22 22:39 - 2009-07-13 23:51 - 01114189 _____ () C:\Windows\setupact.log
2014-08-22 22:09 - 2012-04-05 16:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-22 22:07 - 2013-01-19 00:40 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-08-22 21:26 - 2009-11-24 03:14 - 02019560 _____ () C:\Windows\WindowsUpdate.log
2014-08-22 21:10 - 2014-08-18 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 20:16 - 2010-09-13 15:06 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-22 20:16 - 2010-04-10 17:06 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000Core.job
2014-08-22 10:53 - 2009-07-14 00:13 - 00879926 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-21 21:37 - 2010-10-10 16:23 - 00000000 ____D () C:\Program Files (x86)\PopCap Games
2014-08-21 21:35 - 2010-10-10 16:23 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-08-21 21:35 - 2010-10-10 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2014-08-21 21:35 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-21 21:34 - 2009-08-15 01:13 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-21 21:34 - 2009-08-15 01:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-21 21:31 - 2014-08-21 21:31 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Foxit Software
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-08-21 21:24 - 2014-08-21 21:24 - 37782816 _____ (Foxit Corporation ) C:\Users\Luke\Downloads\FoxitReader623.815_prom_enu_Setup.exe
2014-08-21 20:29 - 2010-08-16 00:03 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Skype
2014-08-20 17:08 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 17:08 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 18:26 - 2010-08-16 00:02 - 00000000 ____D () C:\ProgramData\Skype
2014-08-19 18:25 - 2014-08-19 18:25 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Luke\Downloads\SkypeSetup (2).exe
2014-08-19 18:16 - 2011-07-20 11:27 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\uTorrent
2014-08-19 10:26 - 2013-11-15 19:10 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLuke
2014-08-19 10:26 - 2013-11-15 19:10 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForLuke.job
2014-08-19 10:15 - 2012-01-22 00:41 - 00000000 ___RD () C:\Users\Luke\Dropbox
2014-08-19 10:15 - 2012-01-22 00:37 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Dropbox
2014-08-19 10:12 - 2009-11-24 03:35 - 00407052 _____ () C:\Windows\PFRO.log
2014-08-19 10:12 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 10:12 - 2009-07-13 23:45 - 00451288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-18 22:23 - 2014-08-18 22:23 - 00918440 _____ (Oracle Corporation) C:\Users\Luke\Downloads\chromeinstall-7u67.exe
2014-08-18 22:23 - 2013-10-22 11:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-18 22:21 - 2014-08-18 22:21 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-18 22:21 - 2009-08-15 02:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 22:08 - 2013-08-03 20:43 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Search Protection
2014-08-18 22:08 - 2011-07-27 19:52 - 00000000 ____D () C:\Windows\pss
2014-08-18 22:08 - 2009-07-14 00:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-18 21:20 - 2014-08-18 21:20 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 21:20 - 2014-08-18 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-18 21:20 - 2014-08-18 21:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-18 21:19 - 2014-08-18 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-18 21:18 - 2014-08-18 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Luke\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-16 18:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-16 18:45 - 2014-07-20 15:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-16 18:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 12:27 - 2010-08-18 23:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 12:21 - 2010-08-18 23:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-16 12:08 - 2013-08-13 23:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 11:58 - 2009-12-27 16:52 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 11:39 - 2014-05-10 19:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 14:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 11:38 - 2010-04-10 17:07 - 00002354 _____ () C:\Users\Luke\Desktop\Google Chrome.lnk
2014-08-13 21:21 - 2012-01-22 00:41 - 00001013 _____ () C:\Users\Luke\Desktop\Dropbox.lnk
2014-08-13 21:21 - 2012-01-22 00:37 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-12 11:36 - 2011-11-08 15:21 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-12 11:36 - 2009-12-27 17:00 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-11 18:11 - 2014-08-11 18:11 - 00002137 _____ () C:\Users\Luke\Desktop\Skype.lnk
2014-08-11 12:38 - 2010-08-14 10:45 - 00000000 ____D () C:\Users\Luke\AppData\Local\Corel
2014-08-11 12:18 - 2010-08-14 10:44 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-08-11 12:17 - 2010-08-14 10:44 - 00000000 ____D () C:\Users\Luke\Documents\My PSP Files
2014-08-10 18:52 - 2009-11-24 04:08 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-08-10 00:19 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-10 00:19 - 2014-08-10 00:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-10 00:19 - 2014-08-10 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-10 00:18 - 2014-08-10 00:17 - 113492816 _____ (Apple Inc.) C:\Users\Luke\Downloads\iTunes64Setup.exe
2014-08-10 00:17 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iTunes
2014-08-10 00:17 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-10 00:16 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iPod
2014-08-06 21:06 - 2014-08-14 18:59 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 21:01 - 2014-08-14 18:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 00:05 - 2013-03-16 09:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-02 00:05 - 2013-03-16 09:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 18:41 - 2014-08-14 19:00 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 18:16 - 2014-08-14 19:00 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-29 12:40 - 2013-03-16 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 17:53 - 2013-07-25 22:04 - 00000000 ____D () C:\Users\Luke\Desktop\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-07-25 12:55 - 2014-08-18 22:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-25 12:49 - 2014-08-18 22:22 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-25 12:49 - 2014-08-18 22:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-25 12:49 - 2014-08-18 22:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-25 09:52 - 2014-08-14 19:00 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 09:02 - 2014-08-14 19:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 09:01 - 2014-08-14 19:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 08:51 - 2014-08-14 19:00 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 08:30 - 2014-08-14 19:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 08:28 - 2014-08-14 19:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 08:28 - 2014-08-14 19:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 08:25 - 2014-08-14 19:00 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 08:25 - 2014-08-14 19:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 08:11 - 2014-08-14 19:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 08:10 - 2014-08-14 19:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 08:04 - 2014-08-14 19:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 08:03 - 2014-08-14 19:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 08:00 - 2014-08-14 19:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 08:00 - 2014-08-14 19:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 07:59 - 2014-08-14 19:00 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 07:47 - 2014-08-14 19:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 07:40 - 2014-08-14 19:00 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 07:34 - 2014-08-14 19:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 07:34 - 2014-08-14 19:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 07:33 - 2014-08-14 19:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 07:30 - 2014-08-14 19:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 07:28 - 2014-08-14 19:00 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 07:28 - 2014-08-14 19:00 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 07:21 - 2014-08-14 19:00 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 07:19 - 2014-08-14 19:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 07:18 - 2014-08-14 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 07:17 - 2014-08-14 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 07:17 - 2014-08-14 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 07:12 - 2014-08-14 19:00 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 07:10 - 2014-08-14 19:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 07:10 - 2014-08-14 19:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 07:08 - 2014-08-14 19:00 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 07:06 - 2014-08-14 19:00 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 06:52 - 2014-08-14 19:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 06:47 - 2014-08-14 19:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 06:43 - 2014-08-14 19:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 06:42 - 2014-08-14 19:00 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 06:39 - 2014-08-14 19:00 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 06:39 - 2014-08-14 19:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 06:36 - 2014-08-14 19:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 06:34 - 2014-08-14 19:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 06:29 - 2014-08-14 19:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 06:23 - 2014-08-14 19:00 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 06:13 - 2014-08-14 19:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 06:07 - 2014-08-14 19:00 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 06:07 - 2014-08-14 19:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 06:03 - 2014-08-14 19:00 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 05:52 - 2014-08-14 19:00 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 05:26 - 2014-08-14 19:00 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 05:17 - 2014-08-14 19:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 05:09 - 2014-08-14 19:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 05:05 - 2014-08-14 19:00 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 05:00 - 2014-08-14 19:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
 
Some content of TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\AskSLib.dll
C:\Users\Luke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy5svck.dll
C:\Users\Luke\AppData\Local\Temp\Extract.exe
C:\Users\Luke\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Luke\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Luke\AppData\Local\Temp\GLF15F8.tmp.ConduitEngineSetup.exe
C:\Users\Luke\AppData\Local\Temp\hamsterfreevideoconverter.exe
C:\Users\Luke\AppData\Local\Temp\hamsterfreeziparchiver.exe
C:\Users\Luke\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Luke\AppData\Local\Temp\HPQSi.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Luke\AppData\Local\Temp\MML_Installer-v1.5.2060.2_signed.exe
C:\Users\Luke\AppData\Local\Temp\ose00000.exe
C:\Users\Luke\AppData\Local\Temp\Resource.exe
C:\Users\Luke\AppData\Local\Temp\Shockwave_Installer_Slim.exe
C:\Users\Luke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Luke\AppData\Local\Temp\SP45058.exe
C:\Users\Luke\AppData\Local\Temp\SP45635.exe
C:\Users\Luke\AppData\Local\Temp\SP45690.exe
C:\Users\Luke\AppData\Local\Temp\SP45691.exe
C:\Users\Luke\AppData\Local\Temp\SP45692.exe
C:\Users\Luke\AppData\Local\Temp\SP45694.exe
C:\Users\Luke\AppData\Local\Temp\SP45889.exe
C:\Users\Luke\AppData\Local\Temp\sp46005.exe
C:\Users\Luke\AppData\Local\Temp\SP46032.exe
C:\Users\Luke\AppData\Local\Temp\SP46561.exe
C:\Users\Luke\AppData\Local\Temp\SP46570.exe
C:\Users\Luke\AppData\Local\Temp\SP46571.exe
C:\Users\Luke\AppData\Local\Temp\SP46572.exe
C:\Users\Luke\AppData\Local\Temp\SP46629.exe
C:\Users\Luke\AppData\Local\Temp\SP46794.exe
C:\Users\Luke\AppData\Local\Temp\SP47025.exe
C:\Users\Luke\AppData\Local\Temp\SP47283.exe
C:\Users\Luke\AppData\Local\Temp\sp47326.exe
C:\Users\Luke\AppData\Local\Temp\SP47423.exe
C:\Users\Luke\AppData\Local\Temp\SP47470.exe
C:\Users\Luke\AppData\Local\Temp\SP47676.exe
C:\Users\Luke\AppData\Local\Temp\SP47798.exe
C:\Users\Luke\AppData\Local\Temp\sp48071.exe
C:\Users\Luke\AppData\Local\Temp\SP48094.exe
C:\Users\Luke\AppData\Local\Temp\SP48159.exe
C:\Users\Luke\AppData\Local\Temp\SP48392.exe
C:\Users\Luke\AppData\Local\Temp\SP48488.exe
C:\Users\Luke\AppData\Local\Temp\SP48830.exe
C:\Users\Luke\AppData\Local\Temp\sp49174.exe
C:\Users\Luke\AppData\Local\Temp\SP49392.exe
C:\Users\Luke\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Luke\AppData\Local\Temp\sp52110.exe.exe
C:\Users\Luke\AppData\Local\Temp\sp54373.exe
C:\Users\Luke\AppData\Local\Temp\sp54620.exe
C:\Users\Luke\AppData\Local\Temp\sp58915.exe
C:\Users\Luke\AppData\Local\Temp\sp64126.exe
C:\Users\Luke\AppData\Local\Temp\tbVuze.dll
C:\Users\Luke\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Luke\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Luke\AppData\Local\Temp\uttDAB3.tmp.exe
C:\Users\Luke\AppData\Local\Temp\wmpfirefoxplugin.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-14 13:05
 
==================== End Of Log ============================
 
Stay tuned for Addition.txt
Link to post
Share on other sites

And here's Addition.txt as promised:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08-2014
Ran by Luke at 2014-08-22 22:47:03
Running from C:\Users\Luke\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6C47240C-016E-03B5-D13E-AECAED09F2E3}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager for Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
CambridgeSoft ChemDraw McGraw-Hill 12.0 (HKLM-x32\...\{1ED1E8FC-367E-4C34-A745-6D89A27D2F7F}) (Version: 12.0 - CambridgeSoft Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version:  - Henri Gourvest.)
Chemical Equilibrium (HKLM-x32\...\ST6UNST #3) (Version:  - )
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
COMSOL 3.1 ECRE (HKLM-x32\...\COMSOL 3.1 ECRE) (Version: 3.1.0.156 - COMSOL)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
GDR 5520 for SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9652.3188 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}) (Version: 20.0.771.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.55.55 - Hewlett Packard)
HP Deskjet 2050 J510 series Product Improvement Study (HKLM\...\{88FD4472-F950-4083-A6FA-A829AC785B04}) (Version: 20.0.771.0 - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.0.1916 - Hewlett-Packard) Hidden
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Live TV (x32 Version: 3.0.1924 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.0.1913 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Communicator 2007 R2 (HKLM-x32\...\{0D1CBBB9-F4A8-45B6-95E7-202BA61D7AF4}) (Version: 3.5.6907.268 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{5D60AB1A-2409-4829-83D4-0972856D885A}) (Version: 10.3.5520.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Modified UNIFAC (HKLM-x32\...\ST6UNST #2) (Version:  - )
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 5.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 5.0 (x86 en-US)) (Version: 5.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Peng-Robinson equation of state (HKLM-x32\...\ST6UNST #1) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Polymath Fogler Version 6.1 (HKLM-x32\...\{23B6A088-C1CA-44B3-ABFB-3A1E41218502}) (Version: 6.10.0261 - Polymath Software)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SlingBoxWatchYourTVAnyWhere (HKLM-x32\...\{4313E16C-811B-469F-8815-6EB98085F8B2}) (Version: 2.1.1.58 - Sling Media)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{507B1304-194A-4204-A9D9-9BAAF51EF760}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2578801537-3558331-4269971054-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
04-08-2014 07:32:30 Windows Update
08-08-2014 03:16:24 Windows Update
11-08-2014 15:51:54 Windows Update
15-08-2014 18:13:26 Windows Update
16-08-2014 16:38:47 Windows Update
19-08-2014 03:20:07 Installed Java 7 Update 67
20-08-2014 01:00:18 Windows Update
22-08-2014 02:32:31 Removed Adobe Reader X (10.1.11).
23-08-2014 01:19:47 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {22FB7976-FEF0-48BB-AC09-0C167BB4F7C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000UA => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-10] (Google Inc.)
Task: {2726DDC5-5AD1-46F7-9BFE-AF94DACE0EFA} - System32\Tasks\{F2A996AB-E189-451C-BA48-FBBC28480AE8} => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-08-14] (Western Digital Technologies, Inc.)
Task: {2941DD0C-A64A-45D2-8E45-6935743BF1E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000Core => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-10] (Google Inc.)
Task: {37CCA68D-8A2C-47CC-8DAE-5BD7B49F52C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4ACDE0B8-BA38-471A-9F2E-1E685C415E12} - System32\Tasks\{55EFECF8-993E-4260-886B-6D0EF2B29CDD} => C:\COMSOL31ECRE\bin\femlab.exe
Task: {54A82A0F-6D7F-4EF3-A5F6-9ABB50B3ABFD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {5ACFC742-AF61-4058-87D5-83DD835C9B76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5E4D5CCA-193F-47C6-80DD-ED7D1C7FBCC9} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {7252D8E5-5E3F-41FC-BB28-E84721B08403} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13] (Google Inc.)
Task: {92AAAB5E-56BD-41CF-9E43-6ED6759ABC9B} - System32\Tasks\{D3D8286D-C260-4397-A72F-AFAE732332C6} => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-08-14] (Western Digital Technologies, Inc.)
Task: {A0F03C8D-6212-44ED-AEF1-7D57A1A07545} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-02-02] (Hewlett-Packard Co.)
Task: {A2C13F61-566C-4A76-A030-F038FE6997F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B32F3CFD-9476-47D2-A696-E97E7A2DB99C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {B7124F2C-081D-47C3-AAC1-43E3A963D64B} - System32\Tasks\HPCeeScheduleForLuke => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BCDEAEF9-3FC6-41FF-9780-643FB02A3166} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {CA3FF70E-C060-476F-972F-12C7FED1EABD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {D1ECFB6E-2341-48F0-8439-A6EB5D6B8CF7} - System32\Tasks\{5B6FB525-D630-466F-9DCE-7FAA24FC4693} => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-08-14] (Western Digital Technologies, Inc.)
Task: {D6A69D9D-03F1-4455-B8DC-2289BC6D94DE} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {E5B78754-DD97-47C9-9CAD-D5A0773D6D4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13] (Google Inc.)
Task: {E9ACE6B4-D98D-48E3-804D-AEA585203472} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {EE37504A-19B8-4EFD-91B1-4F312A805425} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F71BD3F8-DDF0-4FB4-ADA4-C35A7E42F60F} - System32\Tasks\{389AB2A2-AFCF-4A33-BB98-01D28C9A39E6} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {FC84C280-7ED7-4BED-8D52-2599BFBD4E03} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000Core.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000UA.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLuke.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-08-15 01:30 - 2009-01-21 13:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-07-21 13:34 - 2009-07-21 13:34 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-06-22 15:37 - 2009-06-22 15:37 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
2009-07-01 17:44 - 2009-07-01 17:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-08-19 10:14 - 2014-08-19 10:14 - 00043008 _____ () c:\users\luke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy5svck.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Luke\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 00718152 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 00126280 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 08537928 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 00353096 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 01732936 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-14 11:37 - 2014-08-06 22:20 - 00310088 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\libexif.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:D827E412
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Luke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/22/2014 10:53:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 11.3.1.2, time stamp: 0x53dc1f90
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f506974
Faulting process id: 0x1fc4
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74226836
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74226836
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74225463
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74225463
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74224122
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74224122
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/21/2014 09:31:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Foxit Cloud Safe Update Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (08/18/2014 10:09:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cron Service for Prey service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/18/2014 10:41:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
 
Error: (08/17/2014 01:52:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/16/2014 06:21:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/16/2014 06:20:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/13/2014 09:16:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:06:08 AM on ‎8/‎13/‎2014 was unexpected.
 
Error: (08/12/2014 11:56:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/12/2014 11:56:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {53362C64-A296-4F2D-A2F8-FD984D08340B}
 
Error: (08/12/2014 06:54:08 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
 
 
Microsoft Office Sessions:
=========================
Error: (08/22/2014 10:53:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe11.3.1.253dc1f90unknown0.0.0.000000000c00000056f5069741fc401cfbe20ec915c3fC:\Program Files (x86)\iTunes\iTunes.exeunknown71a15965-2a14-11e4-89a5-00271345105f
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74226836
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74226836
 
Error: (08/21/2014 08:29:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74225463
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74225463
 
Error: (08/21/2014 08:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74224122
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74224122
 
Error: (08/21/2014 08:29:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: AMD Turion II Dual-Core Mobile M520
Percentage of memory in use: 56%
Total physical RAM: 3836.2 MB
Available physical RAM: 1665.99 MB
Total Pagefile: 7670.57 MB
Available Pagefile: 4394.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:450.09 GB) (Free:65.72 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.37 GB) (Free:2.52 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6FE0338E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

Step 1

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.

    Copy and paste the contents of that logfile in your next reply.

Link to post
Share on other sites

Here are the results of the MBAW scan:

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 8/22/2014
Scan Time: 11:47:42 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.22.10
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Luke
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331575
Time Elapsed: 25 min, 6 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.Spigot.A, C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://search.yahoo.com?type=714647&fr=spigot-yhp-ch",), Replaced,[d7cb5f6a7902df5771140ffefb0a7d83]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Here's the results from the AdwCleaner scan:

# AdwCleaner v3.308 - Report created 23/08/2014 at 00:23:42
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Luke - LUKE-PC
# Running from : C:\Users\Luke\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Luke\AppData\Roaming\iWin
Folder Deleted : C:\Users\Luke\AppData\Roaming\Search Protection
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
 
-\\ Mozilla Firefox v5.0 (en-US)
 
[ File : C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\33qf0ouh.default\prefs.js ]
 
Line Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2504091.CTID", "CT2504091");
Line Deleted : user_pref("CT2504091.CurrentServerDate", "25-6-2011");
Line Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
Line Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Line Deleted : user_pref("CT2504091.FirstServerDate", "13-11-2010");
Line Deleted : user_pref("CT2504091.FirstTime", true);
Line Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Line Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2504091.Initialize", true);
Line Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2504091.InstalledDate", "Sat Nov 13 2010 11:54:44 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2504091.IsGrouping", false);
Line Deleted : user_pref("CT2504091.IsMulticommunity", false);
Line Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Jun 25 2011 14:11:43 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2504091.LastLogin_2.7.2.0", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.LatestVersion", "3.3.3.2");
Line Deleted : user_pref("CT2504091.Locale", "en-us");
Line Deleted : user_pref("CT2504091.LoginCache", 4);
Line Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.SettingsLastUpdate", "1297306958");
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sat Jun 25 2011 14:11:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2504091.Uninstall", true);
Line Deleted : user_pref("CT2504091.UserID", "UN81916985648190676");
Line Deleted : user_pref("CT2504091.alertChannelId", "897164");
Line Deleted : user_pref("CT2504091.clientLogIsEnabled", false);
Line Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2504091.myStuffEnabled", true);
Line Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
 
-\\ Google Chrome v
 
[ File : C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://www.math.ku.edu/people/staff.html?mact=Search%2Ccntnt01%2Cdosearch%2C0&cntnt01returnid=43&cntnt01searchinput={searchTerms}&submit=Search&cntnt01origreturnid=15
Deleted [search Provider] : hxxp://search.aol.com/aol/tracking?d_ch=en_US_engadget&q={searchTerms}&s_it=search_addon
Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Homepage] : hxxp://search.yahoo.com?type=714647&fr=spigot-yhp-ch
 
*************************
 
AdwCleaner[R0].txt - [8954 octets] - [23/08/2014 00:16:02]
AdwCleaner[s0].txt - [9425 octets] - [23/08/2014 00:23:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9485 octets] ##########
Link to post
Share on other sites

Hi,

please run MBAM again...

Step 1

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Ran the scan and no malware was detected! Here's the results:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/23/2014
Scan Time: 10:27:56 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.23.04
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Luke
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332703
Time Elapsed: 40 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2014

Ran by Luke (administrator) on LUKE-PC on 23-08-2014 11:29:47

Running from C:\Users\Luke\Desktop

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe

(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

(Dropbox, Inc.) C:\Users\Luke\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-11-16] (IDT, Inc.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)

HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2009-06-22] ()

HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)

HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)

HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)

HKU\.DEFAULT\...\Policies\system: [WallpaperStyle] 2

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [Google Update] => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-04-10] (Google Inc.)

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Run: [GoogleChromeAutoLaunch_9C05172C73CA805343A88E4990B2A995] => C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\Policies\system: [WallpaperStyle] 2

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {2d06efbd-ff17-11df-baea-00271345105f} - F:\LaunchU3.exe -a

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {66a7c220-f59e-11e2-a9fa-00271345105f} - "F:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {6a88a645-fb28-11df-b0bd-00271345105f} - G:\LaunchU3.exe -a

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {d4bc9f71-1031-11e3-9830-00271345105f} - F:\setup.exe -a

HKU\S-1-5-21-2578801537-3558331-4269971054-1000\...\MountPoints2: {e5593a00-a3a5-11e0-8889-00271345105f} - F:\LaunchU3.exe -a

Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Luke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb

SearchScopes: HKLM - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl

SearchScopes: HKLM-x32 - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl

SearchScopes: HKCU - {01D15C0C-8866-48AE-AB39-8C663620774E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}

SearchScopes: HKCU - {CEFC0001-D36C-4DA8-9C3C-CF9D0E15399C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File

Tcpip\Parameters: [DhcpNameServer] 75.76.84.70 75.76.84.71 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\33qf0ouh.default

FF DefaultSearchEngine: Yahoo

FF SelectedSearchEngine: Yahoo

FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcgrawhill.com/ChemDrawMGH,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDrawMGH\NPCDPMGH32.dll (CambridgeSoft Corp.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010-03-04]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-12-08]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-21]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-12]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-18]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-10]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-13]

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-12-26]

FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/


CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\Luke\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File

CHR Plugin: (Screen Capture Plugin) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin/screen_capture.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (McGraw-Hill ChemDraw) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDrawMGH\NPCDPMGH32.dll (CambridgeSoft Corp.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]

CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-14]

CHR Extension: (Honey) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2012-12-29]

CHR Extension: (Google Cast) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2013-12-29]

CHR Extension: (Google Search) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-14]

CHR Extension: (Screen Capture (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg [2010-09-03]

CHR Extension: (Search by Image (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-09-08]

CHR Extension: (AdBlock) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2010-09-03]

CHR Extension: (Hover Free) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmnnggnaofmhflgomfjfbndngdoogkj [2013-06-25]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2011-12-07]

CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2014-01-17]

CHR Extension: (StayFocusd) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2011-05-04]

CHR Extension: (Star Gazing) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2011-05-04]

CHR Extension: (Google Dictionary (by Google)) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2010-06-09]

CHR Extension: (Google Wallet) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]

CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2011-11-07]

CHR Extension: (Antisocial) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn [2012-11-24]

CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-14]

CHR StartMenuInternet: Google Chrome - C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2010-11-16] (Andrea Electronics Corporation)

R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-01-25] (Fork Ltd.) [File not signed]

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2014-07-12] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()

S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2014-07-12] (Microsoft Corporation)

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-11-16] (IDT, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-23] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-01] () [File not signed]

S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]

U4 eabfiltr; No ImagePath

S3 motccgp; system32\DRIVERS\motccgp.sys [X]

S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]

S3 motmodem; system32\DRIVERS\motmodem.sys [X]

S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]

S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]

S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-23 11:29 - 2014-08-23 11:29 - 00000000 ____D () C:\Users\Luke\Desktop\FRST-OlderVersion

2014-08-23 00:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-08-23 00:15 - 2014-08-23 00:25 - 00000000 ____D () C:\AdwCleaner

2014-08-23 00:14 - 2014-08-23 00:14 - 01364531 _____ () C:\Users\Luke\Desktop\AdwCleaner.exe

2014-08-22 22:47 - 2014-08-22 22:48 - 00053034 _____ () C:\Users\Luke\Desktop\Addition.txt

2014-08-22 22:45 - 2014-08-23 11:29 - 00029504 _____ () C:\Users\Luke\Desktop\FRST.txt

2014-08-22 22:43 - 2014-08-23 11:29 - 02103296 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe

2014-08-22 22:43 - 2014-08-23 11:29 - 00000000 ____D () C:\FRST

2014-08-21 21:31 - 2014-08-21 21:31 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Public\Foxit Software

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Foxit Software

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Program Files (x86)\Foxit Software

2014-08-21 21:24 - 2014-08-21 21:24 - 37782816 _____ (Foxit Corporation ) C:\Users\Luke\Downloads\FoxitReader623.815_prom_enu_Setup.exe

2014-08-19 18:25 - 2014-08-19 18:25 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Luke\Downloads\SkypeSetup (2).exe

2014-08-18 22:23 - 2014-08-18 22:23 - 00918440 _____ (Oracle Corporation) C:\Users\Luke\Downloads\chromeinstall-7u67.exe

2014-08-18 22:22 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-18 22:22 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-08-18 22:22 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-08-18 22:22 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-08-18 22:21 - 2014-08-18 22:21 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log

2014-08-18 21:20 - 2014-08-23 10:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-18 21:20 - 2014-08-18 21:20 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-18 21:20 - 2014-08-18 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-18 21:19 - 2014-08-18 21:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-18 21:19 - 2014-08-18 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-18 21:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-08-18 21:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-08-18 21:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-08-18 21:17 - 2014-08-18 21:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Luke\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-16 11:42 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-16 11:42 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-16 11:42 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-16 11:42 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-16 11:42 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-16 11:42 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-16 11:41 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-16 11:41 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-14 19:01 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-14 19:01 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-08-14 19:01 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-08-14 19:01 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-08-14 19:01 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2014-08-14 19:01 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2014-08-14 19:01 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2014-08-14 19:01 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-08-14 19:01 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

2014-08-14 19:00 - 2014-07-31 18:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-14 19:00 - 2014-07-31 18:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-14 19:00 - 2014-07-25 09:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-14 19:00 - 2014-07-25 09:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-14 19:00 - 2014-07-25 09:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-14 19:00 - 2014-07-25 08:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-14 19:00 - 2014-07-25 08:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-14 19:00 - 2014-07-25 08:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-14 19:00 - 2014-07-25 08:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-14 19:00 - 2014-07-25 08:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-14 19:00 - 2014-07-25 08:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-14 19:00 - 2014-07-25 08:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-14 19:00 - 2014-07-25 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-14 19:00 - 2014-07-25 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-14 19:00 - 2014-07-25 08:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-14 19:00 - 2014-07-25 08:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-14 19:00 - 2014-07-25 08:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-14 19:00 - 2014-07-25 07:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-14 19:00 - 2014-07-25 07:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-14 19:00 - 2014-07-25 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-14 19:00 - 2014-07-25 07:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-14 19:00 - 2014-07-25 07:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-14 19:00 - 2014-07-25 07:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-14 19:00 - 2014-07-25 07:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-14 19:00 - 2014-07-25 07:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-14 19:00 - 2014-07-25 07:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-14 19:00 - 2014-07-25 07:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-14 19:00 - 2014-07-25 07:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-14 19:00 - 2014-07-25 07:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-14 19:00 - 2014-07-25 07:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-14 19:00 - 2014-07-25 07:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-14 19:00 - 2014-07-25 07:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-14 19:00 - 2014-07-25 07:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-14 19:00 - 2014-07-25 07:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-14 19:00 - 2014-07-25 07:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-14 19:00 - 2014-07-25 07:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-14 19:00 - 2014-07-25 06:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-14 19:00 - 2014-07-25 06:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-14 19:00 - 2014-07-25 06:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-14 19:00 - 2014-07-25 06:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-14 19:00 - 2014-07-25 06:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-14 19:00 - 2014-07-25 06:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-08-14 19:00 - 2014-07-25 06:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-14 19:00 - 2014-07-25 06:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-14 19:00 - 2014-07-25 06:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-14 19:00 - 2014-07-25 06:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-14 19:00 - 2014-07-25 06:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-14 19:00 - 2014-07-25 06:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-14 19:00 - 2014-07-25 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-14 19:00 - 2014-07-25 06:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-14 19:00 - 2014-07-25 05:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-14 19:00 - 2014-07-25 05:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-14 19:00 - 2014-07-25 05:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-14 19:00 - 2014-07-25 05:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-14 19:00 - 2014-07-25 05:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-14 19:00 - 2014-07-25 05:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-14 19:00 - 2014-07-15 22:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-14 19:00 - 2014-07-15 21:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-14 19:00 - 2014-07-15 21:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-14 19:00 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-08-14 19:00 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-08-14 19:00 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-14 19:00 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-14 19:00 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-14 19:00 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-14 19:00 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-14 19:00 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-14 19:00 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-14 19:00 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-14 18:59 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-14 18:59 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-14 18:59 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-08-14 18:59 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-08-11 18:11 - 2014-08-11 18:11 - 00002137 _____ () C:\Users\Luke\Desktop\Skype.lnk

2014-08-10 00:19 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-10 00:17 - 2014-08-10 00:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-08-10 00:17 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-10 00:17 - 2014-08-10 00:18 - 113492816 _____ (Apple Inc.) C:\Users\Luke\Downloads\iTunes64Setup.exe

2014-08-10 00:16 - 2014-08-10 00:17 - 00000000 ____D () C:\Program Files\iTunes

2014-08-10 00:16 - 2014-08-10 00:17 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-08-10 00:16 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iPod

2014-07-31 13:31 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-07-31 13:31 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-07-31 13:31 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-07-31 13:31 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-07-31 13:30 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-07-31 13:30 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-07-31 13:30 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-07-31 13:30 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-07-31 13:30 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-07-31 13:30 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-07-31 13:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-07-31 13:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-07-31 13:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-07-31 13:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-23 11:30 - 2014-08-22 22:45 - 00029504 _____ () C:\Users\Luke\Desktop\FRST.txt

2014-08-23 11:29 - 2014-08-23 11:29 - 00000000 ____D () C:\Users\Luke\Desktop\FRST-OlderVersion

2014-08-23 11:29 - 2014-08-22 22:43 - 02103296 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe

2014-08-23 11:29 - 2014-08-22 22:43 - 00000000 ____D () C:\FRST

2014-08-23 11:27 - 2009-07-13 23:51 - 01115141 _____ () C:\Windows\setupact.log

2014-08-23 11:26 - 2013-01-19 00:40 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat

2014-08-23 11:09 - 2012-04-05 16:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-23 10:40 - 2010-09-13 15:06 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-23 10:40 - 2010-04-10 17:06 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000UA.job

2014-08-23 10:27 - 2014-08-18 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-23 10:26 - 2013-11-15 19:10 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLuke

2014-08-23 10:26 - 2013-11-15 19:10 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForLuke.job

2014-08-23 10:26 - 2009-11-24 03:14 - 02030369 _____ () C:\Windows\WindowsUpdate.log

2014-08-23 00:37 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-23 00:37 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-23 00:30 - 2012-01-22 00:41 - 00000000 ___RD () C:\Users\Luke\Dropbox

2014-08-23 00:30 - 2012-01-22 00:37 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Dropbox

2014-08-23 00:28 - 2010-09-13 15:06 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-23 00:27 - 2009-11-24 03:35 - 00408294 _____ () C:\Windows\PFRO.log

2014-08-23 00:27 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-23 00:25 - 2014-08-23 00:15 - 00000000 ____D () C:\AdwCleaner

2014-08-23 00:14 - 2014-08-23 00:14 - 01364531 _____ () C:\Users\Luke\Desktop\AdwCleaner.exe

2014-08-22 22:48 - 2014-08-22 22:47 - 00053034 _____ () C:\Users\Luke\Desktop\Addition.txt

2014-08-22 20:16 - 2010-04-10 17:06 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2578801537-3558331-4269971054-1000Core.job

2014-08-22 10:53 - 2009-07-14 00:13 - 00879926 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-21 21:37 - 2010-10-10 16:23 - 00000000 ____D () C:\Program Files (x86)\PopCap Games

2014-08-21 21:35 - 2010-10-10 16:23 - 00000000 ____D () C:\ProgramData\PopCap Games

2014-08-21 21:35 - 2010-10-10 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games

2014-08-21 21:35 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-08-21 21:34 - 2009-08-15 01:13 - 00000000 ____D () C:\ProgramData\Adobe

2014-08-21 21:34 - 2009-08-15 01:12 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-08-21 21:31 - 2014-08-21 21:31 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Public\Foxit Software

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Foxit Software

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

2014-08-21 21:31 - 2014-08-21 21:31 - 00000000 ____D () C:\Program Files (x86)\Foxit Software

2014-08-21 21:24 - 2014-08-21 21:24 - 37782816 _____ (Foxit Corporation ) C:\Users\Luke\Downloads\FoxitReader623.815_prom_enu_Setup.exe

2014-08-21 20:29 - 2010-08-16 00:03 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Skype

2014-08-19 18:26 - 2010-08-16 00:02 - 00000000 ____D () C:\ProgramData\Skype

2014-08-19 18:25 - 2014-08-19 18:25 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Luke\Downloads\SkypeSetup (2).exe

2014-08-19 18:16 - 2011-07-20 11:27 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\uTorrent

2014-08-19 10:12 - 2009-07-13 23:45 - 00451288 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-18 22:23 - 2014-08-18 22:23 - 00918440 _____ (Oracle Corporation) C:\Users\Luke\Downloads\chromeinstall-7u67.exe

2014-08-18 22:23 - 2013-10-22 11:11 - 00000000 ____D () C:\ProgramData\Oracle

2014-08-18 22:21 - 2014-08-18 22:21 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log

2014-08-18 22:21 - 2009-08-15 02:15 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-18 22:08 - 2011-07-27 19:52 - 00000000 ____D () C:\Windows\pss

2014-08-18 22:08 - 2009-07-14 00:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-08-18 21:20 - 2014-08-18 21:20 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-18 21:20 - 2014-08-18 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-18 21:20 - 2014-08-18 21:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-18 21:19 - 2014-08-18 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-18 21:18 - 2014-08-18 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Luke\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-16 18:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-08-16 18:45 - 2014-07-20 15:14 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-08-16 18:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-16 12:27 - 2010-08-18 23:14 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-16 12:21 - 2010-08-18 23:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-08-16 12:08 - 2013-08-13 23:43 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-16 11:58 - 2009-12-27 16:52 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-08-16 11:39 - 2014-05-10 19:37 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-08-14 14:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-08-14 11:38 - 2010-04-10 17:07 - 00002354 _____ () C:\Users\Luke\Desktop\Google Chrome.lnk

2014-08-13 21:21 - 2012-01-22 00:41 - 00001013 _____ () C:\Users\Luke\Desktop\Dropbox.lnk

2014-08-13 21:21 - 2012-01-22 00:37 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-12 11:36 - 2011-11-08 15:21 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-08-12 11:36 - 2009-12-27 17:00 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-08-11 18:11 - 2014-08-11 18:11 - 00002137 _____ () C:\Users\Luke\Desktop\Skype.lnk

2014-08-11 12:38 - 2010-08-14 10:45 - 00000000 ____D () C:\Users\Luke\AppData\Local\Corel

2014-08-11 12:18 - 2010-08-14 10:44 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys

2014-08-11 12:17 - 2010-08-14 10:44 - 00000000 ____D () C:\Users\Luke\Documents\My PSP Files

2014-08-10 18:52 - 2009-11-24 04:08 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-08-10 00:19 - 2014-08-10 00:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-10 00:19 - 2014-08-10 00:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-08-10 00:19 - 2014-08-10 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-10 00:18 - 2014-08-10 00:17 - 113492816 _____ (Apple Inc.) C:\Users\Luke\Downloads\iTunes64Setup.exe

2014-08-10 00:17 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iTunes

2014-08-10 00:17 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-08-10 00:16 - 2014-08-10 00:16 - 00000000 ____D () C:\Program Files\iPod

2014-08-06 21:06 - 2014-08-14 18:59 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-06 21:01 - 2014-08-14 18:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-02 00:05 - 2013-03-16 09:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-08-02 00:05 - 2013-03-16 09:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-31 18:41 - 2014-08-14 19:00 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-31 18:16 - 2014-08-14 19:00 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-29 12:40 - 2013-03-16 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-26 17:53 - 2013-07-25 22:04 - 00000000 ____D () C:\Users\Luke\Desktop\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)

2014-07-25 12:55 - 2014-08-18 22:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-25 12:49 - 2014-08-18 22:22 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-25 12:49 - 2014-08-18 22:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-25 12:49 - 2014-08-18 22:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-25 09:52 - 2014-08-14 19:00 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-25 09:02 - 2014-08-14 19:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-25 09:01 - 2014-08-14 19:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-25 08:51 - 2014-08-14 19:00 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-25 08:30 - 2014-08-14 19:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-25 08:28 - 2014-08-14 19:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-25 08:28 - 2014-08-14 19:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-25 08:25 - 2014-08-14 19:00 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-25 08:25 - 2014-08-14 19:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-25 08:11 - 2014-08-14 19:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-25 08:10 - 2014-08-14 19:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-25 08:04 - 2014-08-14 19:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-25 08:03 - 2014-08-14 19:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-25 08:00 - 2014-08-14 19:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-25 08:00 - 2014-08-14 19:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-25 07:59 - 2014-08-14 19:00 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-25 07:47 - 2014-08-14 19:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-25 07:40 - 2014-08-14 19:00 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-25 07:34 - 2014-08-14 19:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-25 07:34 - 2014-08-14 19:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-25 07:33 - 2014-08-14 19:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-25 07:30 - 2014-08-14 19:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-25 07:28 - 2014-08-14 19:00 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-25 07:28 - 2014-08-14 19:00 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-25 07:21 - 2014-08-14 19:00 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-25 07:19 - 2014-08-14 19:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-25 07:18 - 2014-08-14 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-25 07:17 - 2014-08-14 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-25 07:17 - 2014-08-14 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-25 07:12 - 2014-08-14 19:00 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-25 07:10 - 2014-08-14 19:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-25 07:10 - 2014-08-14 19:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-25 07:08 - 2014-08-14 19:00 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-25 07:06 - 2014-08-14 19:00 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-25 06:52 - 2014-08-14 19:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-25 06:47 - 2014-08-14 19:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-25 06:43 - 2014-08-14 19:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-25 06:42 - 2014-08-14 19:00 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-25 06:39 - 2014-08-14 19:00 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-25 06:39 - 2014-08-14 19:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-25 06:36 - 2014-08-14 19:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-25 06:34 - 2014-08-14 19:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-25 06:29 - 2014-08-14 19:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-25 06:23 - 2014-08-14 19:00 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-25 06:13 - 2014-08-14 19:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-25 06:07 - 2014-08-14 19:00 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-25 06:07 - 2014-08-14 19:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-25 06:03 - 2014-08-14 19:00 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-25 05:52 - 2014-08-14 19:00 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-25 05:26 - 2014-08-14 19:00 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-25 05:17 - 2014-08-14 19:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-25 05:09 - 2014-08-14 19:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-25 05:05 - 2014-08-14 19:00 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-25 05:00 - 2014-08-14 19:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

 

Some content of TEMP:

====================

C:\Users\Luke\AppData\Local\Temp\AskSLib.dll

C:\Users\Luke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfcqbvp.dll

C:\Users\Luke\AppData\Local\Temp\Extract.exe

C:\Users\Luke\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\Luke\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe

C:\Users\Luke\AppData\Local\Temp\GLF15F8.tmp.ConduitEngineSetup.exe

C:\Users\Luke\AppData\Local\Temp\hamsterfreevideoconverter.exe

C:\Users\Luke\AppData\Local\Temp\hamsterfreeziparchiver.exe

C:\Users\Luke\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\Luke\AppData\Local\Temp\HPQSi.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Luke\AppData\Local\Temp\MML_Installer-v1.5.2060.2_signed.exe

C:\Users\Luke\AppData\Local\Temp\ose00000.exe

C:\Users\Luke\AppData\Local\Temp\Quarantine.exe

C:\Users\Luke\AppData\Local\Temp\Resource.exe

C:\Users\Luke\AppData\Local\Temp\Shockwave_Installer_Slim.exe

C:\Users\Luke\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Luke\AppData\Local\Temp\SP45058.exe

C:\Users\Luke\AppData\Local\Temp\SP45635.exe

C:\Users\Luke\AppData\Local\Temp\SP45690.exe

C:\Users\Luke\AppData\Local\Temp\SP45691.exe

C:\Users\Luke\AppData\Local\Temp\SP45692.exe

C:\Users\Luke\AppData\Local\Temp\SP45694.exe

C:\Users\Luke\AppData\Local\Temp\SP45889.exe

C:\Users\Luke\AppData\Local\Temp\sp46005.exe

C:\Users\Luke\AppData\Local\Temp\SP46032.exe

C:\Users\Luke\AppData\Local\Temp\SP46561.exe

C:\Users\Luke\AppData\Local\Temp\SP46570.exe

C:\Users\Luke\AppData\Local\Temp\SP46571.exe

C:\Users\Luke\AppData\Local\Temp\SP46572.exe

C:\Users\Luke\AppData\Local\Temp\SP46629.exe

C:\Users\Luke\AppData\Local\Temp\SP46794.exe

C:\Users\Luke\AppData\Local\Temp\SP47025.exe

C:\Users\Luke\AppData\Local\Temp\SP47283.exe

C:\Users\Luke\AppData\Local\Temp\sp47326.exe

C:\Users\Luke\AppData\Local\Temp\SP47423.exe

C:\Users\Luke\AppData\Local\Temp\SP47470.exe

C:\Users\Luke\AppData\Local\Temp\SP47676.exe

C:\Users\Luke\AppData\Local\Temp\SP47798.exe

C:\Users\Luke\AppData\Local\Temp\sp48071.exe

C:\Users\Luke\AppData\Local\Temp\SP48094.exe

C:\Users\Luke\AppData\Local\Temp\SP48159.exe

C:\Users\Luke\AppData\Local\Temp\SP48392.exe

C:\Users\Luke\AppData\Local\Temp\SP48488.exe

C:\Users\Luke\AppData\Local\Temp\SP48830.exe

C:\Users\Luke\AppData\Local\Temp\sp49174.exe

C:\Users\Luke\AppData\Local\Temp\SP49392.exe

C:\Users\Luke\AppData\Local\Temp\sp50843.exe.exe

C:\Users\Luke\AppData\Local\Temp\sp52110.exe.exe

C:\Users\Luke\AppData\Local\Temp\sp54373.exe

C:\Users\Luke\AppData\Local\Temp\sp54620.exe

C:\Users\Luke\AppData\Local\Temp\sp58915.exe

C:\Users\Luke\AppData\Local\Temp\sp64126.exe

C:\Users\Luke\AppData\Local\Temp\tbVuze.dll

C:\Users\Luke\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Luke\AppData\Local\Temp\UninstallHPTCA.exe

C:\Users\Luke\AppData\Local\Temp\uttDAB3.tmp.exe

C:\Users\Luke\AppData\Local\Temp\wmpfirefoxplugin.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-14 13:05

 

==================== End Of Log ============================

Link to post
Share on other sites

OK, :)

Let's do a final check up:

Step 1

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!
Link to post
Share on other sites

Does this look ok?

C:\Users\Luke\AppData\Local\Temp\9F5E.tmp a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

C:\Users\Luke\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

C:\Users\Luke\AppData\Local\Temp\tbVuze.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application

C:\Users\Luke\AppData\Local\Temp\ICReinstall\cnet2_hamsterfreevideoconverter_shareware_others_exe.exe a variant of Win32/InstallCore.D potentially unwanted application

C:\Users\Luke\AppData\Local\Temp\is1598539481\blekkoTb_1.0.0.12.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application
Link to post
Share on other sites

Hi,

 

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

 

fixlist.txt

 

 

Please uninstall Java™ 6 Update 35

 

That's it! abklatsch.gif
Your logs look clean to me at the moment. icon_thumb.gif
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

 

Mozilla Firefox 5.0

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.