Jump to content

Infection? - Random Pop-Ups/Advertisements using Google Chrome


dross2

Recommended Posts

I have been getting new tabs on chrome popping up randomly with different sites, etc. Come of them are being identified by my "safe-browser" as potentially malicious. Please find my Farbar log information below and thank you for your assistance.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Jess and David (administrator) on JESSANDDAVID-PC on 24-09-2014 12:32:18
Running from C:\Users\Jess and David\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-03-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()
HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\...\MountPoints2: {68ac176f-20e9-11e3-8d8c-001bb9888ace} - J:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://d2l.arizona.edu/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3074662DF7B4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - {F048B4CF-7908-4FBF-969F-A319ACD8A439} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US636D20130918&p={SearchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jess and David\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.6.13 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.6.13 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-09-18]
FF HKLM-x32\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-09-18]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Heroes & Generals live) - C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-18]
CHR Extension: (Google Drive) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-18]
CHR Extension: (Google Search) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-18]
CHR Extension: (SiteAdvisor) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-09-19]
CHR Extension: (RealPlayer Downloader) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-09]
CHR Extension: (Java Runtime Plugin) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhblobgcdkpkphobbgpgldmmkmnaegp [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]
CHR Extension: (Gmail) - C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-20]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-02-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141336 2014-03-09] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-12] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1485824 2009-02-13] (Conexant Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-09-21] (CACE Technologies, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [33512 2014-09-22] ()
S3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)
S3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-24 12:32 - 2014-09-24 12:33 - 00020593 _____ () C:\Users\Jess and David\Downloads\FRST.txt
2014-09-24 12:32 - 2014-09-24 12:32 - 00000000 ____D () C:\FRST
2014-09-24 12:31 - 2014-09-24 12:31 - 02106880 _____ (Farbar) C:\Users\Jess and David\Downloads\FRST64.exe
2014-09-24 11:25 - 2014-09-24 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-22 23:04 - 2014-09-22 23:04 - 04877400 _____ () C:\Users\Jess and David\Downloads\RogueKiller.exe
2014-09-22 23:04 - 2014-09-22 23:04 - 00033512 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-22 23:04 - 2014-09-22 23:04 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-22 23:02 - 2014-09-22 23:02 - 00001600 _____ () C:\Users\Jess and David\Desktop\AdwCleaner[s0].txt
2014-09-22 22:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 22:54 - 2014-09-22 23:00 - 00000000 ____D () C:\AdwCleaner
2014-09-22 22:53 - 2014-09-22 22:53 - 01373475 _____ () C:\Users\Jess and David\Downloads\adwcleaner_3.310.exe
2014-09-22 22:50 - 2014-09-22 22:50 - 00001006 _____ () C:\Users\Jess and David\Desktop\checkup.txt
2014-09-22 22:46 - 2014-09-22 22:46 - 00854417 _____ () C:\Users\Jess and David\Downloads\SecurityCheck.exe
2014-09-22 19:47 - 2014-09-24 09:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 19:46 - 2014-09-22 19:46 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-22 19:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 19:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 19:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 19:41 - 2014-09-22 19:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jess and David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 16:29 - 2014-09-22 16:29 - 00918440 _____ (Oracle Corporation) C:\Users\Jess and David\Downloads\chromeinstall-7u67 (1).exe
2014-09-22 16:27 - 2014-09-22 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 16:26 - 2014-09-22 16:26 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\ProgramData\Sun
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 16:24 - 2014-09-22 16:24 - 00918440 _____ (Oracle Corporation) C:\Users\Jess and David\Downloads\chromeinstall-7u67.exe
2014-09-21 12:21 - 2014-09-21 12:21 - 03404288 _____ () C:\Users\Jess and David\Downloads\Cerebral Perfusion - Student (1).ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 05260800 _____ () C:\Users\Jess and David\Downloads\Spinal Cord Injury - Student fall 2013.ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 03404288 _____ () C:\Users\Jess and David\Downloads\Cerebral Perfusion - Student.ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 00359126 _____ () C:\Users\Jess and David\Downloads\Spinal Column Problems Fall 2013 instructor version.pptx
2014-09-20 17:09 - 2014-09-20 18:01 - 00622780 _____ () C:\Users\Jess and David\Downloads\Psychopharmacology for Schizophrenia and Other Psychotic Disorders Fall 2014 handout.pptx
2014-09-20 12:32 - 2014-09-20 12:32 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed (2).ppt
2014-09-18 21:22 - 2014-09-18 21:22 - 05080064 _____ () C:\Users\Jess and David\Downloads\Cardiac Disorder Fall 2013.ppt
2014-09-18 21:22 - 2014-09-18 21:22 - 00311296 _____ () C:\Users\Jess and David\Downloads\Cardiac Disorders Case Study Spring 2013.ppt
2014-09-18 21:13 - 2014-09-18 21:13 - 01883629 _____ () C:\Users\Jess and David\Downloads\Perfusion Fall 2013.pptx
2014-09-18 19:46 - 2014-09-18 19:47 - 04500480 _____ () C:\Users\Jess and David\Downloads\Essential Concepts in Oxygenation-Student (1).ppt
2014-09-17 21:27 - 2014-09-17 21:27 - 02058240 _____ () C:\Users\Jess and David\Downloads\Chapter09 Intervention in Groups 6th ed.ppt
2014-09-17 18:44 - 2014-09-17 18:44 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed (1).ppt
2014-09-17 17:35 - 2014-09-17 17:35 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed.ppt
2014-09-17 11:52 - 2014-09-17 11:52 - 00577536 _____ () C:\Users\Jess and David\Downloads\Mental Health Mental Illness  N471 Fall 2014.ppt
2014-09-14 18:26 - 2014-09-14 18:26 - 00181248 _____ () C:\Users\Jess and David\Downloads\sample exam questions N471.ppt
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\Documents\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\AppData\Roaming\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\AppData\Local\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\ProgramData\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-09-14 18:06 - 2014-09-14 18:07 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-09-14 18:05 - 2014-09-14 18:05 - 00000000 ____D () C:\Users\Jess and David\AppData\Local\Downloaded Installations
2014-09-14 18:05 - 2014-09-14 18:05 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-09-14 18:03 - 2014-09-14 18:04 - 31119112 _____ () C:\Users\Jess and David\Downloads\TomTomHOME2winlatest.exe
2014-09-14 13:23 - 2014-09-14 13:23 - 00310784 _____ () C:\Users\Jess and David\Downloads\Mood Disorders Fall 2014 N471 Handout (1).ppt
2014-09-14 13:08 - 2014-09-14 13:08 - 03163136 _____ () C:\Users\Jess and David\Downloads\Schizophrenia Handout Fall 2014 N471.ppt
2014-09-14 12:33 - 2014-09-14 12:33 - 00310784 _____ () C:\Users\Jess and David\Downloads\Mood Disorders Fall 2014 N471 Handout.ppt
2014-09-13 22:49 - 2014-09-13 22:49 - 00833024 _____ () C:\Users\Jess and David\Downloads\ABG Interpretation Exercise Student.ppt
2014-09-13 13:53 - 2014-09-13 13:53 - 05488640 _____ () C:\Users\Jess and David\Downloads\Essential Concepts in Oxygenation-Student.ppt
2014-09-12 03:14 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 03:14 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 03:14 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 03:14 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 03:14 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 03:14 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 03:14 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 03:14 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 03:14 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 03:14 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 03:14 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 03:14 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 03:14 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 03:14 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 03:14 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 03:14 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 03:14 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 03:14 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 03:14 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 03:14 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 03:14 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 03:14 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 03:14 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 03:14 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 03:14 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 03:14 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 03:14 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 03:14 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 03:14 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 03:14 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 03:14 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 03:14 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 03:14 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 03:14 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 03:14 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 03:14 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 03:14 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 03:14 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 03:14 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 03:14 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 03:14 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 03:14 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 03:14 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 03:14 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 03:14 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 03:14 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 03:13 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 03:13 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 03:13 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 03:13 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 03:13 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 03:13 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 03:13 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 03:13 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 03:13 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 03:13 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 03:00 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 03:00 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 21:26 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 21:26 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 21:26 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 21:26 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 21:26 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 21:26 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 21:26 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 21:26 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 21:26 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 21:26 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 21:26 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 08:22 - 2014-09-11 08:32 - 00000000 ____D () C:\Users\Jess and David\Desktop\drug diversion info
2014-09-02 13:55 - 2014-09-02 13:55 - 07578112 _____ () C:\Users\Jess and David\Downloads\EKG_interpretation_Powerpoint.ppt
2014-08-28 21:35 - 2014-08-28 21:35 - 00000241 _____ () C:\Users\Jess and David\Downloads\CentralLineDressingChange_Rishel.wmv
2014-08-28 21:35 - 2014-08-28 21:35 - 00000069 _____ () C:\Users\Jess and David\Downloads\CentralLIneDressingChange_Rishel.rm
2014-08-28 20:49 - 2014-08-28 20:49 - 01790464 _____ () C:\Users\Jess and David\Downloads\Vascular Access Devices.ppt
2014-08-28 00:18 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 00:18 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 00:18 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 04:45 - 2014-08-27 04:45 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross 2014 working (1).xfdl
2014-08-27 04:44 - 2014-08-27 04:46 - 00000000 ____D () C:\ProgramData\PureEdge
2014-08-27 04:44 - 2014-08-27 04:44 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross 2014 working.xfdl
2014-08-27 04:44 - 2014-08-27 04:44 - 00000000 ____D () C:\Users\Jess and David\AppData\Roaming\PureEdge
2014-08-27 04:43 - 2014-08-27 04:43 - 10094096 _____ (PureEdge Solutions Inc.) C:\Users\Jess and David\Downloads\pure_edge_viewer_6_5.exe
2014-08-27 04:42 - 2014-08-27 04:42 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross - EPR 8-10.xfdl
2014-08-26 21:02 - 2014-08-26 21:02 - 01076015 _____ () C:\Users\Jess and David\Downloads\Restraints Spring 2014 Rev.pptx
2014-08-26 21:02 - 2014-08-26 21:02 - 00300518 _____ () C:\Users\Jess and David\Downloads\Blood Transfusions 2.11rev2.20.11.pptx
2014-08-26 09:04 - 2014-08-26 09:07 - 00000000 ____D () C:\Users\Jess and David\Desktop\House Before Pics
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-24 12:33 - 2014-09-24 12:32 - 00020593 _____ () C:\Users\Jess and David\Downloads\FRST.txt
2014-09-24 12:32 - 2014-09-24 12:32 - 00000000 ____D () C:\FRST
2014-09-24 12:31 - 2014-09-24 12:31 - 02106880 _____ (Farbar) C:\Users\Jess and David\Downloads\FRST64.exe
2014-09-24 12:30 - 2013-10-05 16:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 11:46 - 2013-09-20 22:39 - 00745278 _____ () C:\Windows\system32\perfh00A.dat
2014-09-24 11:46 - 2013-09-20 22:39 - 00158356 _____ () C:\Windows\system32\perfc00A.dat
2014-09-24 11:46 - 2009-07-13 22:13 - 01677306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 11:40 - 2013-09-18 22:16 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-24 11:25 - 2014-09-24 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-24 09:40 - 2013-09-18 22:16 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 09:05 - 2014-09-22 19:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 07:55 - 2013-09-18 22:02 - 01500243 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 06:53 - 2009-07-13 21:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 06:53 - 2009-07-13 21:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 06:45 - 2014-08-15 03:33 - 00003372 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3686776670-3987212680-3996287415-1000
2014-09-24 06:45 - 2014-07-07 17:30 - 00003256 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3686776670-3987212680-3996287415-1000
2014-09-24 06:45 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 06:45 - 2009-07-13 21:51 - 00054573 _____ () C:\Windows\setupact.log
2014-09-22 23:04 - 2014-09-22 23:04 - 04877400 _____ () C:\Users\Jess and David\Downloads\RogueKiller.exe
2014-09-22 23:04 - 2014-09-22 23:04 - 00033512 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-22 23:04 - 2014-09-22 23:04 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-22 23:02 - 2014-09-22 23:02 - 00001600 _____ () C:\Users\Jess and David\Desktop\AdwCleaner[s0].txt
2014-09-22 23:01 - 2010-11-20 20:47 - 00129562 _____ () C:\Windows\PFRO.log
2014-09-22 23:00 - 2014-09-22 22:54 - 00000000 ____D () C:\AdwCleaner
2014-09-22 22:53 - 2014-09-22 22:53 - 01373475 _____ () C:\Users\Jess and David\Downloads\adwcleaner_3.310.exe
2014-09-22 22:50 - 2014-09-22 22:50 - 00001006 _____ () C:\Users\Jess and David\Desktop\checkup.txt
2014-09-22 22:46 - 2014-09-22 22:46 - 00854417 _____ () C:\Users\Jess and David\Downloads\SecurityCheck.exe
2014-09-22 19:46 - 2014-09-22 19:46 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 19:46 - 2014-09-22 19:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-22 19:42 - 2014-09-22 19:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jess and David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 16:29 - 2014-09-22 16:29 - 00918440 _____ (Oracle Corporation) C:\Users\Jess and David\Downloads\chromeinstall-7u67 (1).exe
2014-09-22 16:27 - 2014-09-22 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 16:26 - 2014-09-22 16:26 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-22 16:26 - 2014-09-22 16:26 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\ProgramData\Sun
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 16:26 - 2014-09-22 16:26 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 16:24 - 2014-09-22 16:24 - 00918440 _____ (Oracle Corporation) C:\Users\Jess and David\Downloads\chromeinstall-7u67.exe
2014-09-22 07:01 - 2013-09-18 23:09 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-21 12:21 - 2014-09-21 12:21 - 03404288 _____ () C:\Users\Jess and David\Downloads\Cerebral Perfusion - Student (1).ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 05260800 _____ () C:\Users\Jess and David\Downloads\Spinal Cord Injury - Student fall 2013.ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 03404288 _____ () C:\Users\Jess and David\Downloads\Cerebral Perfusion - Student.ppt
2014-09-21 11:36 - 2014-09-21 11:36 - 00359126 _____ () C:\Users\Jess and David\Downloads\Spinal Column Problems Fall 2013 instructor version.pptx
2014-09-20 18:01 - 2014-09-20 17:09 - 00622780 _____ () C:\Users\Jess and David\Downloads\Psychopharmacology for Schizophrenia and Other Psychotic Disorders Fall 2014 handout.pptx
2014-09-20 12:32 - 2014-09-20 12:32 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed (2).ppt
2014-09-18 21:22 - 2014-09-18 21:22 - 05080064 _____ () C:\Users\Jess and David\Downloads\Cardiac Disorder Fall 2013.ppt
2014-09-18 21:22 - 2014-09-18 21:22 - 00311296 _____ () C:\Users\Jess and David\Downloads\Cardiac Disorders Case Study Spring 2013.ppt
2014-09-18 21:13 - 2014-09-18 21:13 - 01883629 _____ () C:\Users\Jess and David\Downloads\Perfusion Fall 2013.pptx
2014-09-18 19:47 - 2014-09-18 19:46 - 04500480 _____ () C:\Users\Jess and David\Downloads\Essential Concepts in Oxygenation-Student (1).ppt
2014-09-17 21:27 - 2014-09-17 21:27 - 02058240 _____ () C:\Users\Jess and David\Downloads\Chapter09 Intervention in Groups 6th ed.ppt
2014-09-17 18:44 - 2014-09-17 18:44 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed (1).ppt
2014-09-17 17:35 - 2014-09-17 17:35 - 01580032 _____ () C:\Users\Jess and David\Downloads\Chapter07 Nursing Process 6th ed.ppt
2014-09-17 11:52 - 2014-09-17 11:52 - 00577536 _____ () C:\Users\Jess and David\Downloads\Mental Health Mental Illness  N471 Fall 2014.ppt
2014-09-14 18:26 - 2014-09-14 18:26 - 00181248 _____ () C:\Users\Jess and David\Downloads\sample exam questions N471.ppt
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\Documents\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\AppData\Roaming\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\Users\Jess and David\AppData\Local\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\ProgramData\TomTom
2014-09-14 18:07 - 2014-09-14 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-09-14 18:07 - 2014-09-14 18:06 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-09-14 18:05 - 2014-09-14 18:05 - 00000000 ____D () C:\Users\Jess and David\AppData\Local\Downloaded Installations
2014-09-14 18:05 - 2014-09-14 18:05 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-09-14 18:04 - 2014-09-14 18:03 - 31119112 _____ () C:\Users\Jess and David\Downloads\TomTomHOME2winlatest.exe
2014-09-14 13:23 - 2014-09-14 13:23 - 00310784 _____ () C:\Users\Jess and David\Downloads\Mood Disorders Fall 2014 N471 Handout (1).ppt
2014-09-14 13:08 - 2014-09-14 13:08 - 03163136 _____ () C:\Users\Jess and David\Downloads\Schizophrenia Handout Fall 2014 N471.ppt
2014-09-14 12:33 - 2014-09-14 12:33 - 00310784 _____ () C:\Users\Jess and David\Downloads\Mood Disorders Fall 2014 N471 Handout.ppt
2014-09-13 22:49 - 2014-09-13 22:49 - 00833024 _____ () C:\Users\Jess and David\Downloads\ABG Interpretation Exercise Student.ppt
2014-09-13 13:53 - 2014-09-13 13:53 - 05488640 _____ () C:\Users\Jess and David\Downloads\Essential Concepts in Oxygenation-Student.ppt
2014-09-12 04:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 03:17 - 2013-09-18 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 03:12 - 2014-04-18 23:45 - 01656386 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 03:12 - 2013-09-20 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 03:01 - 2013-09-20 22:43 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 03:00 - 2014-05-07 18:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 08:32 - 2014-09-11 08:22 - 00000000 ____D () C:\Users\Jess and David\Desktop\drug diversion info
2014-09-10 01:30 - 2013-10-05 16:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 01:30 - 2013-10-05 16:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 01:30 - 2013-10-05 16:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-04 19:10 - 2014-09-11 21:26 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 19:05 - 2014-09-11 21:26 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 13:55 - 2014-09-02 13:55 - 07578112 _____ () C:\Users\Jess and David\Downloads\EKG_interpretation_Powerpoint.ppt
2014-08-28 21:35 - 2014-08-28 21:35 - 00000241 _____ () C:\Users\Jess and David\Downloads\CentralLineDressingChange_Rishel.wmv
2014-08-28 21:35 - 2014-08-28 21:35 - 00000069 _____ () C:\Users\Jess and David\Downloads\CentralLIneDressingChange_Rishel.rm
2014-08-28 20:49 - 2014-08-28 20:49 - 01790464 _____ () C:\Users\Jess and David\Downloads\Vascular Access Devices.ppt
2014-08-28 03:16 - 2009-07-13 21:45 - 00418096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 04:46 - 2014-08-27 04:44 - 00000000 ____D () C:\ProgramData\PureEdge
2014-08-27 04:46 - 2014-04-23 16:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-27 04:45 - 2014-08-27 04:45 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross 2014 working (1).xfdl
2014-08-27 04:44 - 2014-08-27 04:44 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross 2014 working.xfdl
2014-08-27 04:44 - 2014-08-27 04:44 - 00000000 ____D () C:\Users\Jess and David\AppData\Roaming\PureEdge
2014-08-27 04:43 - 2014-08-27 04:43 - 10094096 _____ (PureEdge Solutions Inc.) C:\Users\Jess and David\Downloads\pure_edge_viewer_6_5.exe
2014-08-27 04:42 - 2014-08-27 04:42 - 00039172 _____ () C:\Users\Jess and David\Downloads\Ross - EPR 8-10.xfdl
2014-08-26 21:02 - 2014-08-26 21:02 - 01076015 _____ () C:\Users\Jess and David\Downloads\Restraints Spring 2014 Rev.pptx
2014-08-26 21:02 - 2014-08-26 21:02 - 00300518 _____ () C:\Users\Jess and David\Downloads\Blood Transfusions 2.11rev2.20.11.pptx
2014-08-26 09:07 - 2014-08-26 09:04 - 00000000 ____D () C:\Users\Jess and David\Desktop\House Before Pics
 
Some content of TEMP:
====================
C:\Users\Jess and David\AppData\Local\Temp\lowproc.exe
C:\Users\Jess and David\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Jess and David\AppData\Local\Temp\Quarantine.exe
C:\Users\Jess and David\AppData\Local\Temp\SIntf16.dll
C:\Users\Jess and David\AppData\Local\Temp\SIntf32.dll
C:\Users\Jess and David\AppData\Local\Temp\SIntfNT.dll
C:\Users\Jess and David\AppData\Local\Temp\stubhelper.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 08:53
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Jess and David at 2014-09-24 12:33:51
Running from C:\Users\Jess and David\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brownstone Equation Editor 5 (HKLM-x32\...\BREE5) (Version: 5.2 - Design Science, Inc.)
Canon MX330 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series) (Version:  - )
Fundamentals of Nursing, Second Edition (HKLM-x32\...\FundamentalsofNursing2e) (Version: 1.1 - F.A. Davis)
Fundamentals of Nursing, Second Edition (x32 Version: 1.1 - F.A. Davis) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.5.0 - Reto-Moto)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.28.24.exe  - NETGEAR Inc.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.6 - NVIDIA Corporation)
RealDownloader (x32 Version: 17.0.6 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.4.50 - Conexant Systems)
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - )
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Tutor 6 (HKLM-x32\...\Tutor 6) (Version:  - Wimba)
Tutor 6 (x32 Version: 6.11.0118 - Wimba) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
23-08-2014 14:48:01 Windows Update
28-08-2014 10:00:14 Windows Update
05-09-2014 07:08:30 Scheduled Checkpoint
12-09-2014 10:00:17 Windows Update
15-09-2014 01:05:42 Installed TomTom HOME.
22-09-2014 14:30:19 Scheduled Checkpoint
22-09-2014 23:25:41 Installed Java 7 Update 67
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {5BD95BAD-E60A-4764-9A7B-EDB35D824493} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3686776670-3987212680-3996287415-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.)
Task: {63FB99D8-FE88-4366-9319-5FE179A3D923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-18] (Google Inc.)
Task: {6615886F-C6C4-4D67-9E5E-A295222261D5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3686776670-3987212680-3996287415-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.)
Task: {730EDAA1-B9E7-4E5C-9D56-6DDCD2EB7892} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-18] (Google Inc.)
Task: {A0D350D2-0FB1-46E1-8FDF-E16D92AAF1D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E13DDC29-79FD-4B62-89C4-D24637493A60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-07 04:38 - 2013-04-07 04:38 - 01044224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
2013-04-07 04:42 - 2013-04-07 04:42 - 00123136 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2014-02-12 14:42 - 2014-02-12 14:42 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-12 16:29 - 2014-02-12 16:29 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll
2013-06-04 18:22 - 2013-06-04 18:22 - 00481280 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2013-03-27 01:42 - 2013-03-27 01:42 - 01553920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll
2013-05-09 20:12 - 2013-05-09 20:12 - 00229888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-03-27 01:43 - 2013-03-27 01:43 - 01067520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-05-27 23:21 - 2013-05-27 23:21 - 04334592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-03-27 01:52 - 2013-03-27 01:52 - 00500736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-03-27 01:50 - 2013-03-27 01:50 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2013-03-27 01:51 - 2013-03-27 01:51 - 01198080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-05-14 19:56 - 2013-05-14 19:56 - 08432128 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-04-27 23:25 - 2013-04-27 23:25 - 01205760 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-03-27 01:42 - 2013-03-27 01:42 - 00088064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2013-03-27 01:51 - 2013-03-27 01:51 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-05-13 22:18 - 2013-05-13 22:18 - 00931840 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-03-27 01:49 - 2013-03-27 01:49 - 00438272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll
2013-02-18 23:46 - 2013-02-18 23:46 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2013-03-27 01:42 - 2013-03-27 01:42 - 00137728 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-03-26 19:58 - 2013-03-26 19:58 - 00139264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 02:56 - 2012-11-29 02:56 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2013-03-26 19:58 - 2013-03-26 19:58 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL
2013-03-26 19:58 - 2013-03-26 19:58 - 00074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2013-03-26 19:58 - 2013-03-26 19:58 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2013-03-27 01:51 - 2013-03-27 01:51 - 00714240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-03-27 01:49 - 2013-03-27 01:49 - 00485376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-03-27 01:49 - 2013-03-27 01:49 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-03-26 19:58 - 2013-03-26 19:58 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2014-03-09 18:51 - 2014-03-09 18:51 - 00867928 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2014-09-12 13:46 - 2014-09-03 20:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 13:46 - 2014-09-03 20:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 13:47 - 2014-09-03 20:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 13:47 - 2014-09-03 20:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 13:46 - 2014-09-03 20:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-09-12 13:47 - 2014-09-03 20:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Jess and David\Downloads\Hiring list for Public Defender ....eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/24/2014 07:35:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/24/2014 06:47:31 AM) (Source: MsiInstaller) (EventID: 1024) (User: JessandDavid-PC)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/24/2014 06:46:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/24/2014 06:45:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 2.1.168.192.in-addr.arpa. PTR JessandDavid-PC.local.
 
Error: (09/24/2014 06:45:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353   25 2.1.168.192.in-addr.arpa. PTR JessandDavid-PC-2.local.
 
Error: (09/22/2014 11:03:42 PM) (Source: MsiInstaller) (EventID: 1024) (User: JessandDavid-PC)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/22/2014 11:03:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/22/2014 11:01:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 115.104.254.169.in-addr.arpa. PTR JessandDavid-PC.local.
 
Error: (09/22/2014 11:01:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.104.115:5353   25 115.104.254.169.in-addr.arpa. PTR JessandDavid-PC-2.local.
 
Error: (09/22/2014 04:33:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 2.1.168.192.in-addr.arpa. PTR JessandDavid-PC.local.
 
 
System errors:
=============
Error: (09/24/2014 11:23:09 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (09/22/2014 11:18:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (09/22/2014 11:04:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (09/22/2014 11:00:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (09/22/2014 11:44:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (09/21/2014 09:14:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (09/21/2014 01:03:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (09/20/2014 00:15:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (09/19/2014 10:15:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (09/19/2014 00:45:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Athlon 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 49%
Total physical RAM: 7166.46 MB
Available physical RAM: 3629.66 MB
Total Pagefile: 14331.1 MB
Available Pagefile: 10390.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:826.6 GB) NTFS
Drive j: (KEYCHAIN) (Removable) (Total:30.11 GB) (Free:20.79 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D1186284)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 30.1 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=30.1 GB) - (Type=0C)
 
==================== End Of Log ============================

 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Let me see those logs, also give an update on any remaining issues or concerns..

 

Kevin

 

 

 

Fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-09-2014

Ran by Jess and David at 2014-09-24 12:59:58 Run:1

Running from C:\Users\Jess and David\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\...\MountPoints2: {68ac176f-20e9-11e3-8d8c-001bb9888ace} - J:\SETUP.EXE

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Users\Jess and David\AppData\Local\Temp\lowproc.exe

C:\Users\Jess and David\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Jess and David\AppData\Local\Temp\Quarantine.exe

C:\Users\Jess and David\AppData\Local\Temp\SIntf16.dll

C:\Users\Jess and David\AppData\Local\Temp\SIntf32.dll

C:\Users\Jess and David\AppData\Local\Temp\SIntfNT.dll

C:\Users\Jess and David\AppData\Local\Temp\stubhelper.dll

EmptyTemp:

End

 

 

*****************

 

"HKU\S-1-5-21-3686776670-3987212680-3996287415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68ac176f-20e9-11e3-8d8c-001bb9888ace}" => Key deleted successfully.

"HKCR\CLSID\{68ac176f-20e9-11e3-8d8c-001bb9888ace}" => Key not found.

VGPU => Service deleted successfully.

C:\Users\Jess and David\AppData\Local\Temp\lowproc.exe => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\Quarantine.exe => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\SIntf16.dll => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\SIntf32.dll => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\SIntfNT.dll => Moved successfully.

C:\Users\Jess and David\AppData\Local\Temp\stubhelper.dll => Moved successfully.

EmptyTemp: => Removed 2.5 GB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog ====

 


Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 9/24/2014

Scan Time: 1:08:08 PM

Logfile: MWB txt.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.09.24.10

Rootkit Database: v2014.09.19.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Jess and David

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 311983

Time Elapsed: 13 min, 47 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.2.0 (09.22.2014:1)

OS: Windows 7 Ultimate x64

Ran by Jess and David on Wed 09/24/2014 at 13:28:54.70

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 09/24/2014 at 13:36:53.02

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

I have run the scan with ADWCLEANER but I am am nervous to remove the identified programs which seem like important program files? attached in the log pre-clean...

 


# AdwCleaner v3.310 - Report created 24/09/2014 at 13:41:38

# Updated 12/09/2014 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Jess and David - JESSANDDAVID-PC

# Running from : C:\Users\Jess and David\Downloads\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0BCE81D-0A67-4DAA-3484-C3369D8FE943}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FundamentalsofNursing2e

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17280

 

 

-\\ Mozilla Firefox v29.0 (en-US)

 

[ File : C:\Users\Jess and David\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default\prefs.js ]

 

 

-\\ Google Chrome v37.0.2062.120

 

[ File : C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1463 octets] - [22/09/2014 22:54:26]

AdwCleaner[R1].txt - [1523 octets] - [22/09/2014 22:58:38]

AdwCleaner[R2].txt - [1159 octets] - [24/09/2014 13:41:38]

AdwCleaner[s0].txt - [1600 octets] - [22/09/2014 22:59:58]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1279 octets] ##########

 



Link to post
Share on other sites

The two entries are registry remnants, I see no reason not to remove them. AdwCleaner has an option to restore deleted entries if done in error:

 


Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted (if necessary):
Open AdwCleaner, Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

What is the current status of your system, are there any remaining issues or concerns.....

Link to post
Share on other sites

# AdwCleaner v3.310 - Report created 24/09/2014 at 19:26:19
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jess and David - JESSANDDAVID-PC
# Running from : C:\Users\Jess and David\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0BCE81D-0A67-4DAA-3484-C3369D8FE943}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\Jess and David\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Jess and David\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1463 octets] - [22/09/2014 22:54:26]
AdwCleaner[R1].txt - [1523 octets] - [22/09/2014 22:58:38]
AdwCleaner[R2].txt - [1359 octets] - [24/09/2014 13:41:38]
AdwCleaner[R3].txt - [1385 octets] - [24/09/2014 19:15:57]
AdwCleaner[s0].txt - [1600 octets] - [22/09/2014 22:59:58]
AdwCleaner[s1].txt - [1428 octets] - [24/09/2014 19:10:43]
AdwCleaner[s2].txt - [1308 octets] - [24/09/2014 19:26:19]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1368 octets] ##########

 

I do not seem to have pop ups on mozilla as of yet

Link to post
Share on other sites

Thanks for the log and update, continue and run Zoek, let me know if the issue clears with Chrome after Zoek has finished, also post its log...

 

51a612a8b27e2-Zoek.pngScan with ZOEK

 

Please download ZOEK by Smeenk from here: http://hijackthis.nl/smeenk/ and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

 


Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.
In the main box please paste in the following script:

 

services_list;standardsearch;autoclean;emptyclsid;emptyfolderscheck;deleteiedefaults;firefoxlook;chromelook;FFdefaults;CHRdefaults;

 

 


Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

 

Please include its content in your next reply.

Don't forget to re-enable your switched-off protection software!

 

Thanks,

 

Kevin..

Link to post
Share on other sites

Zoek.exe v5.0.0.0 Updated 24-09-2014
Tool run by Jess and David on Thu 09/25/2014 at 20:55:44.56.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jess and David\Downloads\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

9/25/2014 8:57:15 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3686776670-3987212680-3996287415-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F048B4CF-7908-4FBF-969F-A319ACD8A439} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\Jess and David\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\JESSAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default\prefs.js:
user_pref("browser.startup.homepage", "http://google.com/");
user_pref("browser.search.selectedEngine", "Secure Search");
user_pref("browser.search.order.1", "Secure Search");
user_pref("keyword.URL", "https://search.yahoo.com/search?fr=mcafee&type=B111US636D20130918&p=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\JESSAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\JESSAN~1\AppData\Roaming\TomTom\HOME\Profiles\jqau3vbe.default\prefs.js:

Added to C:\Users\JESSAN~1\AppData\Roaming\TomTom\HOME\Profiles\jqau3vbe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Windows\SysNative\config\systemprofile\Searches deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 7167 MB
CPU Info: AMD Athlon 64 X2 Dual Core Processor 5000+
CPU Speed: 1175.3 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: ATI Radeon HD 3600 Series       | ATI Radeon HD 3600 Series       | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; HP w1907 Wide LCD Monitor | Generic Non-PnP Monitor |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: NVIDIA nForce 10/100 Mbps Ethernet
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCD/DVDW TS-H653L
Ports: COM3 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  931.4GB
Hard Disks - Free: C:  831.2GB
Manufacturer *: Phoenix Technologies, LTD
BIOS Info: AT/AT COMPATIBLE | 06/11/07 | HPQOEM - 42302e31
Time Zone: US Mountain Standard Time
Motherboard *: ECS  Nettle2
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)
Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: McAfee Firewall disabled
Internet Explorer Version: 11.0.9600.17280
Mozilla Firefox version: 29.0 (x86 en-US)
Adobe Reader version: 11.0.9.29
Sun Java version: 1.7.0_67 (32-bit)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\JESSAN~1\AppData\Local\Temp ====
2014-09-24 20:28:43    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
2014-09-24 13:50:33    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Users\Jess and David\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-3b07f76c
====== C:\Windows\SysWOW64 =====
2014-09-24 13:52:28    C263F3E7E0523556964D661BC7CB9565    2048    ----a-w-    C:\Windows\SysWOW64\tzres.dll
2014-09-23 05:55:26    0DC5AF80D059DEC792B665ED598C6567    536576    ----a-w-    C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 23:26:37    07EF2978A5BC36720378F95566697FD8    272808    ----a-w-    C:\Windows\SysWOW64\javaws.exe
2014-09-22 23:26:27    3BDEB17FE6390BFF1BF3A2D964DE8E48    175528    ----a-w-    C:\Windows\SysWOW64\javaw.exe
2014-09-22 23:26:27    11FD45A41DF45298686ED39062AABE2A    175528    ----a-w-    C:\Windows\SysWOW64\java.exe
2014-09-22 23:26:27    0F70F4DAF2BC5613EE75C9B2585CE67E    98216    ----a-w-    C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-12 10:14:07    E3D7B3F64C30994409BDF8E48048A854    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 10:14:07    297EF1AB73B8FCE76BCA1365C2E49AFC    440320    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2014-09-12 10:14:06    6DD476318F524D2DCB73AFEB2EE27B4A    61952    ----a-w-    C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 10:14:05    CC8F34B345DA638D77BB48C035DA628D    164864    ----a-w-    C:\Windows\SysWOW64\msrating.dll
2014-09-12 10:14:05    84E96F4AF8A7748A3DE7C3EBBC6768E5    365056    ----a-w-    C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 10:14:05    4F2EDC301EC63F803C0FDB6CC87EDA24    454656    ----a-w-    C:\Windows\SysWOW64\vbscript.dll
2014-09-12 10:14:05    42F6F28D4885505F687CAF0459FF9F90    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 10:14:05    010DFAF3EF93994B805BAA1493D47973    243200    ----a-w-    C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 10:14:04    D603AC77E17E5B9583E382F2EE0381A7    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 10:14:04    AA595171932ACC79DA9851067DCBDABF    32768    ----a-w-    C:\Windows\SysWOW64\iernonce.dll
2014-09-12 10:14:04    8D4FCAB2643DFEF68040B70F1EDCCBC5    327872    ----a-w-    C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 10:14:04    7C3D593AB1E2F5E5687D97772EF99AC7    61952    ----a-w-    C:\Windows\SysWOW64\iesetup.dll
2014-09-12 10:14:04    13C2C87C35E52AAB1B439FB2E26DF2DE    69632    ----a-w-    C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 10:14:04    074646C5A979DE79133DE4A8530A9C5D    603136    ----a-w-    C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 10:14:03    77F79126444896B5867E6761490735B8    60416    ----a-w-    C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 10:14:03    2E2E40E5D92EEA979548E307C5781038    597504    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 10:14:02    88EBB8526981D03C5777AB0A4AEBA8B4    1068032    ----a-w-    C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 10:14:02    5074835337862817DB3726558D0908DE    51200    ----a-w-    C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 10:14:02    1D8C086A39B9794D7131384586811B25    678400    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 10:14:00    FD96C05DE700F5FD26273D6DDB6495A7    2185728    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2014-09-12 10:13:59    D58988722C72D265B51A54103DFC2C6F    1812992    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2014-09-12 10:13:58    77B7DDF91F3ED2CDB6CF60224EE13433    4232704    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2014-09-12 10:13:58    6A3A809CA7A8F40C89E6F1D301898A66    2014208    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 10:13:58    41010A88B70A2168F801DC19EBD4CB4F    1190400    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2014-09-12 10:13:57    7BF1CE9240CB9DD27C3E30733176EB8E    17455104    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2014-09-12 10:13:56    A3560FAFC1686D5EE9830B33B5C74B66    11769856    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2014-09-12 10:00:49    2413D2216D08FAF7D7178D9E0B481AEB    2285056    ----a-w-    C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 04:26:35    A8DDB7ACB122FC36FF0D7C9B3099A380    793600    ----a-w-    C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 04:26:13    79896A78039C9A63C56197843CFBAD0B    1987584    ----a-w-    C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 04:26:07    B094390B6B2D0456821384771020870B    22016    ----a-w-    C:\Windows\SysWOW64\secur32.dll
2014-09-12 04:26:07    1B85FA0D0A93C011B76678733F39DB6C    550912    ----a-w-    C:\Windows\SysWOW64\kerberos.dll
2014-09-12 04:26:07    10826DA2FC073702AEAB93AF3D73B066    96768    ----a-w-    C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-24 13:52:28    A8A87343CAE432677D82C0BCC753D905    2048    ----a-w-    C:\Windows\Sysnative\tzres.dll
2014-09-12 10:14:07    9EFF09364ABDC86770FA0B1BCC9CA3C3    596480    ----a-w-    C:\Windows\Sysnative\ieui.dll
2014-09-12 10:14:07    1BE1D1942825BE2146941DA274D2B92F    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2014-09-12 10:14:06    EF79F0B9E0F277F5797C475DF4248B97    83968    ----a-w-    C:\Windows\Sysnative\MshtmlDac.dll
2014-09-12 10:14:06    A0600300428AB73664050659E738F11F    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2014-09-12 10:14:06    305D5395A65D00C74A94AEA40E9909E9    758272    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2014-09-12 10:14:06    0113777A28BEC88A50C2566F346E4B58    72704    ----a-w-    C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-09-12 10:14:05    EE6B22396FA99639A163B1B7E9736669    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2014-09-12 10:14:05    E76C23C71345ACBC65ED8F6E87AD01D1    195584    ----a-w-    C:\Windows\Sysnative\msrating.dll
2014-09-12 10:14:05    C067D863FCD53B91A5BF78AE1CE88E54    85504    ----a-w-    C:\Windows\Sysnative\mshtmled.dll
2014-09-12 10:14:05    786ECD92C9D77F571134283E0FABAF1A    289280    ----a-w-    C:\Windows\Sysnative\dxtrans.dll
2014-09-12 10:14:05    641068C626DE3AD348871D0D7931A3FA    547328    ----a-w-    C:\Windows\Sysnative\vbscript.dll
2014-09-12 10:14:05    4CF33E458BAEDA917CAE9F2E8338479C    446464    ----a-w-    C:\Windows\Sysnative\dxtmsft.dll
2014-09-12 10:14:05    2D95BDB699FA1D531B642EA18464FE05    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2014-09-12 10:14:04    C07D636B0237172345E68AE8B70A2984    51200    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2014-09-12 10:14:04    A1BB4CFB25F7CE1D4F67DD71111823AA    374968    ----a-w-    C:\Windows\Sysnative\iedkcs32.dll
2014-09-12 10:14:04    68B0077C0D09D1B669A260F2921FD6B9    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2014-09-12 10:14:04    33BAC6F66DB5FE5F7E20D41B025F490E    707072    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2014-09-12 10:14:04    2AEFBA4339A34C8EF021B49D23D1F1DF    727040    ----a-w-    C:\Windows\Sysnative\msfeeds.dll
2014-09-12 10:14:03    920BD93A0B64657A20CA66C2EBB167EA    23591424    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2014-09-12 10:14:02    698C19E198F832E071778A1427E942C8    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2014-09-12 10:14:02    4C8838D7C13E9080AF4B548CA791896B    1249280    ----a-w-    C:\Windows\Sysnative\mshtmlmedia.dll
2014-09-12 10:14:02    227303FC6E95547EA274F4337BBC7278    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2014-09-12 10:14:02    1439630B47D717960D59423958754394    775168    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2014-09-12 10:14:01    5A0C72B9D3CCA42D8AB74890C19443B2    940032    ----a-w-    C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-09-12 10:14:00    75498A52C2AE248DEE5BDF5209768963    2793984    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2014-09-12 10:14:00    39EBB9708453036A74C30C9A294023FF    2310656    ----a-w-    C:\Windows\Sysnative\wininet.dll
2014-09-12 10:13:59    F6304AACC5744016770C8C797CAA2AF7    5833728    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2014-09-12 10:13:58    FECA80905D551074E1A9298BD98103B7    1447424    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2014-09-12 10:13:58    97752927B6E2401011A96E0D6082E403    2104832    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2014-09-12 10:13:56    BA56C68CCB912C4C08C97DD32C47AD31    13588480    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2014-09-12 10:00:49    3469B9FAE899139FEE7356E91693376A    2777088    ----a-w-    C:\Windows\Sysnative\msmpeg2vdec.dll
2014-09-12 04:26:35    EFF3FF9D9E5BFD2A05390D959A1C3AD0    1031168    ----a-w-    C:\Windows\Sysnative\TSWorkspace.dll
2014-09-12 04:26:13    224C2EEBAAF39CD93DE5332DBE5E5A95    2565120    ----a-w-    C:\Windows\Sysnative\d3d10warp.dll
2014-09-12 04:26:12    E2BCB58869598B392D6A78953F61A2D9    578048    ----a-w-    C:\Windows\Sysnative\aepdu.dll
2014-09-12 04:26:12    88BC88D0BDFB6BBE5765D5ABB233C110    424448    ----a-w-    C:\Windows\Sysnative\aeinv.dll
2014-09-12 04:26:08    33EF550DCCC58C93F5B65FD75BAD9832    728064    ----a-w-    C:\Windows\Sysnative\kerberos.dll
2014-09-12 04:26:07    EE4B105F1DBE1E864AFC72E7F0315432    1460736    ----a-w-    C:\Windows\Sysnative\lsasrv.dll
====== C:\Windows\Sysnative\drivers =====
2014-09-23 06:04:53    446118FFFF5576434393AE4551A5CA74    33512    ----a-w-    C:\Windows\Sysnative\drivers\TrueSight.sys
2014-09-23 02:47:14    8A50D5304E6AE48664CF5838EC32F647    122584    ----a-w-    C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-09-23 02:46:24    F92B0E478C0FAA6D6661E6E977247E60    25816    ----a-w-    C:\Windows\Sysnative\drivers\mbam.sys
2014-09-23 02:46:24    9D9ED48F841EA37AA5310D54B9E5D3C7    91352    ----a-w-    C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-09-23 02:46:24    15E8ABC06843672955CE26A009533BAD    63704    ----a-w-    C:\Windows\Sysnative\drivers\mwac.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-09-22 23:26:43    --------    d-----w-    C:\PROGRA~2\COMMON~1\Java
2014-09-22 23:26:02    --------    d-----w-    C:\PROGRA~2\Java
2014-09-15 01:06:57    --------    d-----w-    C:\PROGRA~2\TomTom HOME 2
2014-09-15 01:05:35    --------    d-----w-    C:\PROGRA~2\TomTom International B.V
======= C: =====
====== C:\Users\Jess and David\AppData\Roaming ======
2014-09-25 02:46:05    --------    d-sh--w-    C:\Users\Jess and David\AppData\Local\EmieUserList
2014-09-25 02:46:05    --------    d-sh--w-    C:\Users\Jess and David\AppData\Local\EmieSiteList
2014-09-23 02:42:45    --------    d-----w-    C:\Users\Jess and David\AppData\Local\Programs
2014-09-22 23:24:10    --------    d-----w-    C:\Users\Jess and David\AppData\Locallow\Sun
2014-09-15 01:07:19    --------    d-----w-    C:\Users\Jess and David\AppData\Roaming\TomTom
2014-09-15 01:07:19    --------    d-----w-    C:\Users\Jess and David\AppData\Local\TomTom
2014-09-15 01:05:10    --------    d-----w-    C:\Users\Jess and David\AppData\Local\Downloaded Installations
2014-08-27 11:44:01    --------    d-----w-    C:\Users\Jess and David\AppData\Roaming\PureEdge
====== C:\Users\Jess and David ======
2014-09-24 20:09:47    1B151CCE618BE06C22B55FD4B502B75E    1373475    ----a-w-    C:\Users\Jess and David\Downloads\AdwCleaner.exe
2014-09-24 20:09:22    483962C296153EB42BC2F9AF222945CC    1024790    ----a-w-    C:\Users\Jess and David\Downloads\JRT.exe
2014-09-24 19:31:22    3F28BE99F0EA7A11A9F4C41C559A481C    2106880    ----a-w-    C:\Users\Jess and David\Downloads\FRST64.exe
2014-09-23 06:04:48    --------    d-----w-    C:\ProgramData\RogueKiller
2014-09-23 06:04:24    4A33CAE49476ECBB4D72E52BBE8D87CC    4877400    ----a-w-    C:\Users\Jess and David\Downloads\RogueKiller.exe
2014-09-23 05:53:10    1B151CCE618BE06C22B55FD4B502B75E    1373475    ----a-w-    C:\Users\Jess and David\Downloads\adwcleaner_3.310.exe
2014-09-23 02:41:32    E90BF9E1562F40140161573B79CD5720    17292760    ----a-w-    C:\Users\Jess and David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 23:29:02    9473F655CAE1A13C311C3FF1134D79DC    918440    ----a-w-    C:\Users\Jess and David\Downloads\chromeinstall-7u67 (1).exe
2014-09-22 23:26:43    --------    d-----w-    C:\ProgramData\Sun
2014-09-22 23:26:27    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 23:24:01    9473F655CAE1A13C311C3FF1134D79DC    918440    ----a-w-    C:\Users\Jess and David\Downloads\chromeinstall-7u67.exe
2014-09-15 01:07:24    --------    d-----w-    C:\ProgramData\TomTom
2014-09-15 01:07:06    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-09-15 01:03:59    8CFF70961577F64E08E55897DD025C64    31119112    ----a-w-    C:\Users\Jess and David\Downloads\TomTomHOME2winlatest.exe
2014-08-27 11:44:00    --------    d-----w-    C:\ProgramData\PureEdge

====== C: exe-files ==
2014-09-26 02:06:33    55D978816B20EFE74893D8AE6188D747    277104    ----a-w-    C:\Users\Jess and David\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe
2014-09-24 20:28:43    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-09-24 20:09:47    1B151CCE618BE06C22B55FD4B502B75E    1373475    ----a-w-    C:\Users\Jess and David\Downloads\AdwCleaner.exe
2014-09-24 20:09:22    483962C296153EB42BC2F9AF222945CC    1024790    ----a-w-    C:\Users\Jess and David\Downloads\JRT.exe
2014-09-24 19:31:22    3F28BE99F0EA7A11A9F4C41C559A481C    2106880    ----a-w-    C:\Users\Jess and David\Downloads\FRST64.exe
2014-09-24 13:52:29    916CEC665A9879DEB15BBDD943B7350B    49664    ----a-w-    C:\Windows\servicing\GC64\tzupd.exe
2014-09-23 06:04:24    4A33CAE49476ECBB4D72E52BBE8D87CC    4877400    ----a-w-    C:\Users\Jess and David\Downloads\RogueKiller.exe
2014-09-23 05:53:10    1B151CCE618BE06C22B55FD4B502B75E    1373475    ----a-w-    C:\Users\Jess and David\Downloads\adwcleaner_3.310.exe
2014-09-23 02:41:32    E90BF9E1562F40140161573B79CD5720    17292760    ----a-w-    C:\Users\Jess and David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 23:29:02    9473F655CAE1A13C311C3FF1134D79DC    918440    ----a-w-    C:\Users\Jess and David\Downloads\chromeinstall-7u67 (1).exe
2014-09-22 23:26:37    07EF2978A5BC36720378F95566697FD8    272808    ----a-w-    C:\Windows\SysWOW64\javaws.exe
2014-09-22 23:26:27    3BDEB17FE6390BFF1BF3A2D964DE8E48    175528    ----a-w-    C:\Windows\SysWOW64\javaw.exe
2014-09-22 23:26:27    11FD45A41DF45298686ED39062AABE2A    175528    ----a-w-    C:\Windows\SysWOW64\java.exe
2014-09-22 23:26:04    F69D8BDC202973592D710BC913D01919    48040    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-09-22 23:26:04    F67D9621616CB31217A497FEDE4913F5    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-09-22 23:26:04    EC4C47AADE6606AFCDEAB28E29654ECE    75688    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-09-22 23:26:04    CEEFA72555A8FAD52C29BA17AE3E6DEF    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-09-22 23:26:04    C8883F91C31CAC40890AC8B668E05F61    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-09-22 23:26:04    C3F55C9B02A22EC0B345E20AE9AE9B71    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-09-22 23:26:04    BF918C9473D64BBD53C22C47045883F5    182696    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-09-22 23:26:04    A788E5ED0454307CBCFB95CC33E5F717    16808    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-09-22 23:26:04    A6B7A388547C4CDF4D8F2AF55D79AC85    145832    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-09-22 23:26:04    8B986C008892DB58928BC72483ADF7B9    16808    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-09-22 23:26:04    8B657BA869AE7D3C6A29792C986E0DD5    68008    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-09-22 23:26:04    7ED5C21F9F29B5278FFF39718C667235    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-09-22 23:26:04    7DC9A0127F850997B4CFD9923C680D7D    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-09-22 23:26:04    7BDCC29DDFBB355761A018A74D4A1E8C    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-09-22 23:26:04    7A17013ABD895DFBD61A5AF9996D0E5E    50088    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-09-22 23:26:04    48442596BFEB26E56898A0E4D2596A95    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-09-22 23:26:04    3BDEB17FE6390BFF1BF3A2D964DE8E48    175528    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-09-22 23:26:04    34CEC403ED594B55D55DED61A3A53DAF    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-09-22 23:26:04    11FD45A41DF45298686ED39062AABE2A    175528    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-09-22 23:26:04    07EF2978A5BC36720378F95566697FD8    272808    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-09-22 23:26:04    0371CFD6228F89B5B9E20F67807987FE    16296    ----a-w-    C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-09-22 23:24:53    3842C46F2FBC7522EF625F1833530804    145408    ----a-w-    C:\Users\Jess and David\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe
2014-09-22 23:24:01    9473F655CAE1A13C311C3FF1134D79DC    918440    ----a-w-    C:\Users\Jess and David\Downloads\chromeinstall-7u67.exe
2014-09-20 19:00:03    4842003C1A797681F224DCBEDFBE02D4    504912    ----a-w-    C:\Users\Jess and David\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
2014-09-20 19:00:02    4842003C1A797681F224DCBEDFBE02D4    504912    ----a-w-    C:\Users\Jess and David\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
=== C: other files ==
2014-09-24 20:28:43    F24622BE24B6D6835B3BAD1C74CFF842    156556    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\misc.bat
2014-09-24 20:28:43    DD1E4D974B1672ABD09EFFB225791C4A    1230    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\TDL4.bat
2014-09-24 20:28:43    AD2F52DC72B10AF331692E4A4DD80DFC    18670    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\medfos.bat
2014-09-24 20:28:43    8E6020C14F982CF11B3FE7DBB0CB8EDE    24738    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\searchlnk.bat
2014-09-24 20:28:43    86707BCE5CBB65D9B1C41E249B4423BA    152733    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\firefox.bat
2014-09-24 20:28:43    83F691D8398F0E37E71E9355BF730DB9    719    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\ev_clear.bat
2014-09-24 20:28:43    78F1ABAE78A74DFF04CC3566641AE0C1    15198    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\get.bat
2014-09-24 20:28:43    654E9FE74B930A454EE5BDE165794B65    85    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\delorphans.bat
2014-09-24 20:28:43    5B71358F97544D9DE58A9A0893079506    39458    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\prelim.bat
2014-09-24 20:28:43    53B191266B30D57F2F835ABBF54C68C5    13963    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\chrome.bat
2014-09-24 20:28:43    38A0BDF322ACCC968B0A824C38D50157    29635    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\ask.bat
2014-09-24 20:28:43    335DFF8F23E5EC02B5426362F0F8509B    31401    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\iexplore.bat
2014-09-24 20:28:43    314BE336F37DA9033D0CF91E6F9F6559    10229    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\runvalues.bat
2014-09-24 20:28:43    0C4649A62845AB5D5DBCC4998477FF6D    1813    ----a-w-    C:\Users\Jess and David\AppData\Local\Temp\jrt\delfolders.bat
2014-09-23 06:04:53    446118FFFF5576434393AE4551A5CA74    33512    ----a-w-    C:\Windows\System32\drivers\TrueSight.sys
2014-09-23 02:47:14    8A50D5304E6AE48664CF5838EC32F647    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-23 02:46:24    F92B0E478C0FAA6D6661E6E977247E60    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-23 02:46:24    9D9ED48F841EA37AA5310D54B9E5D3C7    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-23 02:46:24    15E8ABC06843672955CE26A009533BAD    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-09-22 23:26:04    F3EABF8A2AF5C0D8BAE022EE6C17FD91    18650    ----a-w-    C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3686776670-3987212680-3996287415-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"NETGEARGenie"="C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe -mini -redirect"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe -osboot"
"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NETGEARGenie"="C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe -mini -redirect"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==== Startup Folders ======================

2014-03-10 01:51:53    1252    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2014 01:30 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3686776670-3987212680-3996287415-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3686776670-3987212680-3996287415-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [03/09/2014 06:52 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\JESSAN~1\AppData\Roaming\TomTom\HOME\Profiles\jqau3vbe.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jess and David\AppData\Roaming\Mozilla\Firefox\Profiles\ojuqjo4n.default
DFC9460CC37E5C414DC4680B10C19E7A    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll -    Shockwave Flash
17ACEE12B92BE0196D777EAB9B360BA9    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll -    RealPlayer Video Downloader for PepperFlash  (32-bit)
6862299EED9C25BD9F26C3201B97582E    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -    RealPlayer Video Downloader for HTML5  (32-bit)
AD1675597F9475B234AE58C1338D9EE5    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll -    RealPlayer Video Downloader  (32-bit)


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[02/12/2014 02:45 PM]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://d2l.arizona.edu/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{F048B4CF-7908-4FBF-969F-A319ACD8A439}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F048B4CF-7908-4FBF-969F-A319ACD8A439}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://d2l.arizona.edu/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jess and David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jess and David\AppData\Local\Mozilla\Firefox\Profiles\ojuqjo4n.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=1 789 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jess and David\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JESSAN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Thu 09/25/2014 at 22:13:52.65 ======================
 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.