Com Surrogate running high at Immediate Startup

Crash254 · December 12, 2014

Hi, for the past three days my pc (windows 9 64 dell inspiron 537) has been running extremely slow at startup. Programs take forever to load and the mouse pointer runs in a circle (spiral) for long periods. When i launch task manager i see that Com Surrogate is running high as well as Mircosoft Directplay8 Server yet i had not openned any programs. When i launch firefox i get a lot of script messages (though i am on firefox the messages all say 'chrome://global/content/bingings/autocomplete.xml:289)

i have ran malware and nothing was discovered.

Please help.

Thank you

LiquidTension · December 12, 2014

Hello Crash254, welcome to Malwarebytes' Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png

General P2P/Piracy Notice:

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
If you are unable to copy/paste your logs directly into your post, please attach the file.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
Ensure you are following this topic. Click at the top of the page.

======================================================

STEP 1
Malwarebytes Anti-Malware (MBAM)

Open Malwarebytes Anti-Malware and click Update Now.
Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the Scan Log.
Click Copy to Clipboard and paste the log in your next reply.

STEP 2
Farbar Recovery Scan Tool (FRST) Scan

Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 3
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply.

======================================================

STEP 4
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

MBAM scan log
FRST.txt
Addition.txt
TDSSKiller log (attached!)

Crash254 · December 15, 2014

Good Afternoon Adam, thank you for taking the time to help me with my problem. My name is Don

Here are the results of the three scans that you had recommended that I ran:

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 12/12/2014

Scan Time: 2:58:09 PM

Logfile:

Administrator: Yes

Version: 2.00.4.1028

Malware Database: v2014.12.12.07

Rootkit Database: v2014.12.08.03

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Don S

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 405572

Time Elapsed: 1 hr, 45 min, 58 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01

Ran by Don S at 2014-12-15 10:41:12

Running from C:\Users\Don S\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}

AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)

Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden

Actiontec Gateway (HKLM-x32\...\{9692FD03-6662-4E62-B08C-30DFF51651E1}) (Version: - )

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

AIM 7 (HKLM-x32\...\AIM_7) (Version: - )

Amaya (HKLM-x32\...\Amaya) (Version: 11.3 - )

Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.239 - Amazon)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)

AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)

Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)

Belarc Advisor 8.1 (HKLM-x32\...\Belarc Advisor) (Version: - )

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

calibre (HKLM-x32\...\{8511CE6E-F12F-4539-B19E-62B9C43B5B34}) (Version: 1.47.0 - Kovid Goyal)

CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)

Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)

Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)

Common Desktop Agent (Version: 1.53.0 - OEM) Hidden

ContentHD (x32 Version: 1.00.0002 - Corel Corporation) Hidden

Contents (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.272 - Corel Corporation)

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell System Detect (HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\73f463568823ebbe) (Version: 5.12.0.2 - Dell)

DeviceIO (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

Dropbox (HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Dropbox) (Version: 1.1.35 - Dropbox, Inc.)

erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

Free PDF To PPT Converter (HKLM-x32\...\{F0712F9D-4B28-4AED-9AA5-BEE9B0B533D5}) (Version: 1.0.0 - Free PDF Solutions)

Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)

Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)

Freecorder 6 (HKLM-x32\...\Freecorder 6) (Version: 2.1.10 - Applian Technologies Inc.)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

hppLaserJetService (x32 Version: 002.007.00397 - Hewlett-Packard) Hidden

ICA (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )

IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

join.me (HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\JoinMe) (Version: 1.2.1.374 - LogMeIn, Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Korean Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5670-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)

LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden

magicJack (HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\magicJack) (Version: 3.1.6970.4873 - magicJack L.P.)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)

Microsoft MSN MoneyCentral Stock Quotes Add-In for Excel (HKLM-x32\...\{A99C1048-A569-4B65-A3DD-3584B0A4AA69}) (Version: 1.0.0.0322 - Microsoft Corporation)

Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MLE (x32 Version: 1.0.0.18 - Corel Corporation) Hidden

Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Workbench 5.2 CE (HKLM-x32\...\{E3DF0E76-825F-4377-9BB6-F8F1DC204287}) (Version: 5.2.40 - Oracle Corporation)

Nuance PDF Converter Professional 7 (HKLM\...\{FFAE98FC-4E1A-45BB-ADED-081160A2CBD7}) (Version: 7.20.6187 - Nuance Communications, Inc.)

Nuance PDF Converter Professional 7 (HKLM-x32\...\{FFAE98FC-4E1A-45BB-ADED-081160A2CBD7}) (Version: 7.20.6187 - Nuance Communications, Inc.)

Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden

PureHD (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Replay Media Catcher 4 (4.3.2) (HKLM-x32\...\Replay Media Catcher 4) (Version: 4.3.2 - Applian Technologies)

Samsung Easy Deployment Manager (HKLM-x32\...\Samsung Easy Deployment Manager) (Version: 1.00.26 - Samsung Electronics Co., Ltd.)

Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.01.16.00 - Samsung Electronics Co., Ltd.)

Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)

Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (7/20/2012) - Samsung Electronics Co., Ltd.)

Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version: - Samsung Electronics Co., Ltd.)

Scansoft PDF Professional (x32 Version: - ) Hidden

Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Setup (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

Share (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

Share64 (Version: 1.6.0.272 - Corel Corporation) Hidden

Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)

SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.08.018 - Samsung Electronics Co., Ltd.)

SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)

SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden

SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.5 - SmartSound Software Inc.)

SmartSound Quicktracks 5 (x32 Version: 5.1.5 - SmartSound Software Inc.) Hidden

Speckie (HKLM\...\{40E14C77-0EA0-4A67-A7CB-BE54ADEB697C}) (Version: 4.4.0 - Versoworks)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.37 - Safer-Networking Ltd.)

UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )

ViiKii Desktop Plug-in (HKLM-x32\...\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1) (Version: 0.4 - Global Tongue Inc)

ViiKii Desktop Plug-in (x32 Version: 0.4 - Global Tongue Inc) Hidden

VIO (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)

VSClassic (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

VSPro (x32 Version: 1.6.0.272 - Corel Corporation) Hidden

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1237837275-29157359-2308031490-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?

CustomCLSID: HKU\S-1-5-21-1237837275-29157359-2308031490-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1237837275-29157359-2308031490-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1237837275-29157359-2308031490-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1237837275-29157359-2308031490-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

==================== Restore Points =========================

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F36C13C-BF96-4424-8C5E-ADB0A941717F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)

Task: {38F9F8E3-D426-4589-9320-5E9372767791} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {6383FED2-78C3-4BF0-81D2-50DD37D3CDB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)

Task: {6E2AD666-1AB5-4F70-8346-4EC99D548679} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)

Task: {7384777E-55CF-4DB4-A793-D84B759E4F4B} - System32\Tasks\{DE428C7C-C63B-470E-B597-ED59E678935C} => pcalua.exe -a D:\IB.exe -d D:\

Task: {7F237DF3-AD8C-45E0-9EEE-3F565EEC1199} - System32\Tasks\{E5F1BCD4-5029-4C9C-A8A2-AB46A8B537FB} => pcalua.exe -a "C:\Users\Don S\Downloads\MFC-7820N-inst-win7-A2.EXE" -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {8105A9A2-622A-49E9-981F-AE42E955D8B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)

Task: {82863534-27A0-4703-90AF-33C4C786B32D} - System32\Tasks\{B725467A-5455-4202-BACE-A51760E6105C} => pcalua.exe -a "C:\Users\Don S\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VA523OZJ\LJM1522-PCL6-pd-win32-ww[1].exe" -d "C:\Users\Don S\Desktop"

Task: {9300CCFB-59DF-430E-BEAD-D96DF6F157CA} - System32\Tasks\{6A695BCC-4E2E-4765-8C5A-FF02CA95B259} => pcalua.exe -a "C:\Users\Don S\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2GILZKBO\ffdshow[1].exe" -d "C:\Users\Don S\Desktop"

Task: {93D39D02-6644-429E-A6DE-0BA1424C903F} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION

Task: {95B7CCDE-C04C-4AA8-B113-282631CEB360} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {A09BFEC3-169A-4A89-A0D3-DAC6ADB71AD6} - System32\Tasks\4664 => Wscript.exe C:\Users\DONS~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION

Task: {A65D603A-26F7-4F53-9946-F6C508E2EB27} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: {F858D7E0-D923-4EB8-AC02-128D055F2EB8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {FAB72F27-3816-4D04-B0DD-B94809F9624C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-11 02:38 - 2011-05-11 02:38 - 00034304 _____ () C:\Windows\System32\ssa3mlm.dll

2014-02-18 11:13 - 2014-11-21 16:22 - 00234600 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe

2012-01-10 15:27 - 2011-02-28 08:39 - 00211456 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll

2010-12-17 17:13 - 2010-12-17 17:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

2010-12-17 17:13 - 2010-12-17 17:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll

2014-02-18 11:13 - 2014-11-21 16:22 - 00493672 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe

2014-02-18 11:13 - 2014-11-21 16:22 - 00303208 _____ () C:\Program Files (x86)\Backblaze\bzfilelist.exe

2014-02-18 11:13 - 2014-11-21 16:22 - 03111528 _____ () C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe

2014-12-15 10:09 - 2014-12-12 09:40 - 01169480 ____N () C:\Users\DONS~1\AppData\Local\Temp\_iu14D2N.tmp

2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-14 13:21 - 2012-08-23 08:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2014-03-14 13:21 - 2012-04-03 15:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2011-05-03 10:38 - 2011-05-03 10:38 - 00176128 _____ () C:\Program Files (x86)\AIM\nssckbi.dll

2008-01-08 17:50 - 2008-01-08 17:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll

2008-03-18 19:21 - 2008-03-18 19:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll

2008-03-18 19:21 - 2008-03-18 19:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll

2013-11-08 09:33 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

2014-12-01 22:34 - 2014-12-01 22:35 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2011-12-19 11:27 - 2011-12-19 11:27 - 00011704 _____ () C:\Program Files (x86)\Citrix\SelfServicePlugin\ExtensionSDK.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0574215C

AlternateDataStreams: C:\ProgramData\TEMP:D95ACC7D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Don S^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Don S^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ViiKiiDesktopPlugin.lnk => C:\Windows\pss\ViiKiiDesktopPlugin.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Aim => "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

MSCONFIG\startupreg: ISUSPM => "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

MSCONFIG\startupreg: Nuance PDF Converter Professional 7-reminder => "C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 7\Ereg\Ereg.ini"

MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe

MSCONFIG\startupreg: PDFProHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Standby => "C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Admin (S-1-5-21-1237837275-29157359-2308031490-1003 - Administrator - Enabled) => C:\Users\Admin

Administrator (S-1-5-21-1237837275-29157359-2308031490-500 - Administrator - Disabled)

Don S (S-1-5-21-1237837275-29157359-2308031490-1000 - Administrator - Enabled) => C:\Users\Don S

Guest (S-1-5-21-1237837275-29157359-2308031490-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (12/15/2014 09:57:12 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program DellSystemDetect.exe version 5.12.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 122c

Start Time: 01d0186f63fe52f4

Termination Time: 1889

Application Path: C:\Users\Don S\AppData\Local\Apps\2.0\9DDDYZMH.HXM\CQ1OTBA7.CQK\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4888f2ef11e\DellSystemDetect.exe

Report Id:

Error: (12/15/2014 09:44:52 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program FRST64.exe version 14.12.2014.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1da0

Start Time: 01d018748247b3b8

Termination Time: 113

Application Path: C:\Users\Don S\Downloads\FRST64.exe

Report Id:

Error: (12/15/2014 09:03:40 AM) (Source: MsiInstaller) (EventID: 1024) (User: DonS-PC)

Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011010}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/15/2014 08:59:29 AM) (Source: System Restore) (EventID: 8211) (User: )

Description: The scheduled restore point could not be created. Additional information: (0x81000101).

Error: (12/15/2014 08:59:29 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101).

Error: (12/13/2014 03:28:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.IO.FileNotFoundException: Could not find file 'C:\ProgramData\BlueStacks\Android\kernel.elf'.

File name: 'C:\ProgramData\BlueStacks\Android\kernel.elf'

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/13/2014 01:13:23 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4a5bc6b7

Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9

Exception code: 0xc00000fd

Fault offset: 0x000a3d3c

Faulting process id: 0x48fc

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

Error: (12/12/2014 06:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4a5bc5e1

Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9

Exception code: 0xc00000fd

Fault offset: 0x000a3849

Faulting process id: 0x2f30

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

Error: (12/12/2014 04:22:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4ce7a46b

Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9

Exception code: 0xc00000fd

Fault offset: 0x0011fb5c

Faulting process id: 0x6e8

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

Error: (12/12/2014 10:25:51 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.IO.FileNotFoundException: Could not find file 'C:\ProgramData\BlueStacks\Android\kernel.elf'.

File name: 'C:\ProgramData\BlueStacks\Android\kernel.elf'

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

System errors:

=============

Error: (12/15/2014 10:25:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

Error: (12/15/2014 10:25:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

Error: (12/15/2014 10:25:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

Error: (12/15/2014 10:25:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

Error: (12/15/2014 09:38:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/15/2014 09:38:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/15/2014 09:37:59 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/15/2014 09:37:59 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/15/2014 09:14:09 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)

Description: There was an error while attempting to read the local hosts file.

Error: (12/15/2014 09:14:08 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)

Description: There was an error while attempting to read the local hosts file.

Microsoft Office Sessions:

=========================

Error: (12/15/2014 09:57:12 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: DellSystemDetect.exe5.12.0.2122c01d0186f63fe52f41889C:\Users\Don S\AppData\Local\Apps\2.0\9DDDYZMH.HXM\CQ1OTBA7.CQK\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4888f2ef11e\DellSystemDetect.exe

Error: (12/15/2014 09:44:52 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: FRST64.exe14.12.2014.11da001d018748247b3b8113C:\Users\Don S\Downloads\FRST64.exe

Error: (12/15/2014 09:03:40 AM) (Source: MsiInstaller) (EventID: 1024) (User: DonS-PC)

Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (12/15/2014 08:59:29 AM) (Source: System Restore) (EventID: 8211) (User: )

Description: 0x81000101

Error: (12/15/2014 08:59:29 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x81000101

Error: (12/13/2014 03:28:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.IO.FileNotFoundException: Could not find file 'C:\ProgramData\BlueStacks\Android\kernel.elf'.

File name: 'C:\ProgramData\BlueStacks\Android\kernel.elf'

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/13/2014 01:13:23 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.174964a5bc6b7MSHTML.dll11.0.9600.17496546ff2f9c00000fd000a3d3c48fc01d0169b80eda32aC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll24343293-828f-11e4-b15c-00256405899f

Error: (12/12/2014 06:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.174964a5bc5e1MSHTML.dll11.0.9600.17496546ff2f9c00000fd000a38492f3001d0165f8fa0a0e5C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dlled7c0f33-8252-11e4-b15c-00256405899f

Error: (12/12/2014 04:22:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.174964ce7a46bMSHTML.dll11.0.9600.17496546ff2f9c00000fd0011fb5c6e801d016512bca3059C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllf664582b-8244-11e4-b15c-00256405899f

Error: (12/12/2014 10:25:51 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.IO.FileNotFoundException: Could not find file 'C:\ProgramData\BlueStacks\Android\kernel.elf'.

File name: 'C:\ProgramData\BlueStacks\Android\kernel.elf'

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz

Percentage of memory in use: 56%

Total physical RAM: 4095.05 MB

Available physical RAM: 1765.13 MB

Total Pagefile: 8188.29 MB

Available Pagefile: 4368.8 MB

Total Virtual: 8192 MB

Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.29 GB) (Free:117.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive i: (MULTIBOOT) (Removable) (Total:0.49 GB) (Free:0.49 GB) FAT

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A42D04A3)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=288.3 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=9.8 GB) - (Type=DB)

========================================================

Disk: 1 (Size: 506.6 MB) (Disk ID: 6F20736B)

No partition Table on disk 1.

Disk 1 is a removable device.

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01

Ran by Don S (administrator) on DONS-PC on 15-12-2014 10:13:23

Running from C:\Users\Don S\Desktop

Loaded Profile: Don S (Available profiles: Don S & Admin)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

() C:\Program Files (x86)\Backblaze\bzserv.exe

(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\mcbuilder.exe

(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe

() C:\Program Files (x86)\Backblaze\bzbui.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe

() C:\Program Files (x86)\Backblaze\bzfilelist.exe

() C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dvdupgrd.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe

() C:\Program Files (x86)\PCPitstop\PC Matic\unins000.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

() C:\Program Files (x86)\PCPitstop\PC Matic\unins000.exe

(Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe

(Microsoft Corporation) C:\Windows\SysWOW64\systray.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

() C:\Users\DONS~1\AppData\Local\Temp\_iu14D2N.tmp

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)

HKLM\...\Run: [HP LaserJet Professional M1530 MFP Series Fax] => C:\Program Files\HP\HP LaserJet Professional M1530 MFP Series\Fax Driver\hppfaxprintersrv.exe "HP LaserJet Professional M1530 MFP Series Fax"

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)

HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

HKLM-x32\...\Run: [sTO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199760 2012-01-13] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [sTO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405584 2012-01-13] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe

HKLM-x32\...\Run: [browserPlugInHelper] => C:\Program Files (x86)\iSkysoft\iTube Studio\BrowserPlugInHelper.exe

HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5580752 2013-12-19] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [info Center] => C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe [28792 2013-12-26] (PC Pitstop LLC)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [cdloader] => C:\Users\Don S\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2013-05-06] (magicJack L.P.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [Aim] => C:\Program Files (x86)\AIM\aim.exe [4321112 2011-05-03] (AOL Inc.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [493672 2014-11-21] ()

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [iSUSPM] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [6032840 2013-12-19] (Safer-Networking Ltd.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Run: [DellSystemDetect] => C:\Users\Don S\AppData\Local\Apps\2.0\9DDDYZMH.HXM\CQ1OTBA7.CQK\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4888f2ef11e\DellSystemDetect.exe [264488 2014-10-15] (Dell)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\RunOnce: [Adobe Speed Launcher] => 1418652000

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\MountPoints2: {5b5755d8-9913-11e1-b248-00256405899f} - I:\LaunchU3.exe

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\MountPoints2: {5b5755e2-9913-11e1-b248-00256405899f} - I:\LaunchU3.exe -a

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!

HKU\S-1-5-18\...\Run: [backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [493672 2014-11-21] ()

Startup: C:\Users\Don S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Don S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk

ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don S\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1237837275-29157359-2308031490-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

SearchScopes: HKLM-x32 -> DefaultScope value is missing.

BHO: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Don S\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)

BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Don S\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)

BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKU\S-1-5-21-1237837275-29157359-2308031490-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

Toolbar: HKU\S-1-5-21-1237837275-29157359-2308031490-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File

Toolbar: HKU\S-1-5-21-1237837275-29157359-2308031490-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Hosts: Hosts file not detected in the default directory

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\Don S\AppData\Roaming\Mozilla\Firefox\Profiles\ujppdshf.default-1396033520971

FF Homepage: hxxp://www.stocktraderspress.com/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Extension: FireFTP - C:\Users\Don S\AppData\Roaming\Mozilla\Firefox\Profiles\ujppdshf.default-1396033520971\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2014-10-15]

FF Extension: Download videos and MP3s from YouTube - C:\Users\Don S\AppData\Roaming\Mozilla\Firefox\Profiles\ujppdshf.default-1396033520971\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]

FF HKU\S-1-5-21-1237837275-29157359-2308031490-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]

Chrome:

=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)

R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-11-21] ()

R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177648 2014-09-05] (Coupons.com Inc.)

S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [142336 2010-04-12] (HP) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2011-09-09] (Nuance Communications, Inc.)

S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-06-20] (Samsung Electronics Co., Ltd.) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3666392 2013-12-19] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2729432 2013-12-19] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-12-19] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)

R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-12] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 10:13 - 2014-12-15 10:29 - 00029130 _____ () C:\Users\Don S\Desktop\FRST.txt

2014-12-15 09:37 - 2014-12-15 10:18 - 00000000 ___DC () C:\FRST

2014-12-15 09:27 - 2014-12-15 09:28 - 02119168 _____ (Farbar) C:\Users\Don S\Desktop\FRST64.exe

2014-12-12 09:50 - 2014-12-12 09:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\561B7130.sys

2014-12-12 09:36 - 2014-12-15 09:00 - 00000000 ____D () C:\ProgramData\PCPitstop

2014-12-11 10:14 - 2014-12-11 10:14 - 00000000 ____D () C:\Windows\system32\appraiser

2014-12-11 09:58 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-12-11 09:58 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-12-11 09:28 - 2014-12-11 09:28 - 00003029 _____ () C:\Users\Don S\Desktop\Microsoft Outlook 2010.lnk

2014-12-10 12:39 - 2014-12-10 12:39 - 00000000 ____D () C:\Users\Don S\AppData\Local\{A6DB82A1-8BE2-439B-B21E-9F3D551C0FB8}

2014-12-10 05:29 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2014-12-10 05:29 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2014-12-10 05:29 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-10 05:29 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-12-10 05:29 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-10 05:29 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-12-10 05:29 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-10 05:29 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2014-12-10 05:28 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-10 05:28 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-12-10 05:28 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-10 05:28 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-10 05:28 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-10 05:28 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-10 05:28 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-10 05:28 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-10 05:28 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-10 05:28 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-10 05:28 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-10 05:28 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-10 05:28 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-10 05:28 - 2014-11-21 21:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-10 05:28 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-10 05:28 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-10 05:28 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-10 05:28 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-10 05:28 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-12-10 05:28 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-10 05:28 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-12-10 05:28 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-10 05:28 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-10 05:28 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-10 05:28 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-12-10 05:28 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-12-10 05:28 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-12-10 05:28 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-10 05:28 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-12-10 05:28 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-12-10 05:28 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-12-10 05:28 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-12-10 05:28 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-12-10 05:28 - 2014-11-21 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-10 05:28 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-12-10 05:28 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-10 05:28 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-10 05:28 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-10 05:28 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-10 05:28 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-12-10 05:28 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-10 05:28 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-12-10 05:28 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-12-10 05:28 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-12-10 05:28 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-12-10 05:28 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-12-10 05:28 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-10 05:28 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-12-10 05:28 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-12-10 05:28 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-12-10 05:28 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-10 05:28 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-12-10 05:28 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-10 05:28 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-12-10 05:28 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-12-10 05:28 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-12-10 05:28 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-10 05:28 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-12-10 05:28 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-12-10 05:28 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-10 05:28 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-12-10 05:28 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe

2014-12-10 05:28 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe

2014-12-10 05:28 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-12-10 05:28 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2014-12-10 05:28 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-12-10 05:28 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2014-12-10 05:28 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2014-12-10 05:28 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2014-12-10 05:28 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll

2014-12-10 05:28 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll

2014-12-10 05:28 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll

2014-12-10 05:28 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

2014-12-01 22:34 - 2014-12-01 22:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-12-01 16:34 - 2014-12-09 15:02 - 00009034 _____ () C:\Users\Don S\_viminfo

2014-12-01 12:36 - 2014-12-04 13:10 - 00000000 ____D () C:\Users\Don S\Desktop\Mon bay Sec Corp

2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

2014-11-19 03:08 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 03:08 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 03:08 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-19 03:08 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 10:33 - 2012-11-26 08:45 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-15 10:29 - 2014-02-26 10:04 - 01707027 _____ () C:\Windows\WindowsUpdate.log

2014-12-15 10:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-12-15 09:53 - 2012-03-29 15:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-15 09:26 - 2012-11-26 08:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-15 09:03 - 2010-04-13 09:08 - 00000000 ____D () C:\Users\Don S\Documents\Outlook Files

2014-12-15 09:02 - 2014-03-20 08:20 - 00000000 ____D () C:\Users\Don S\Documents\Outlook Data

2014-12-13 04:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing

2014-12-13 03:48 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-13 03:48 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-13 03:26 - 2014-10-20 08:30 - 00001736 _____ () C:\Windows\setupact.log

2014-12-13 03:26 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-12 16:02 - 2012-09-05 11:47 - 00000072 _____ () C:\Users\Public\LMDebug.log

2014-12-12 14:58 - 2014-08-19 14:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-12 14:53 - 2012-06-05 12:32 - 00000000 ____D () C:\Users\Don S\AppData\Roaming\uTorrent

2014-12-12 14:50 - 2013-01-28 14:04 - 00000000 ____D () C:\Users\Don S\Desktop\New folder

2014-12-12 10:24 - 2010-04-08 16:51 - 00000000 ____D () C:\Users\Don S\AppData\Local\VirtualStore

2014-12-12 10:22 - 2014-03-14 13:02 - 00103150 _____ () C:\Windows\PFRO.log

2014-12-12 10:11 - 2013-08-08 09:34 - 00000000 ____D () C:\Program Files (x86)\iSkysoft

2014-12-12 10:10 - 2012-11-26 08:45 - 00000000 ____D () C:\Program Files (x86)\Google

2014-12-12 10:10 - 2012-03-12 10:20 - 00000000 ____D () C:\Users\Don S\AppData\Local\Google

2014-12-12 10:10 - 2010-04-20 12:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-12-12 10:09 - 2012-09-06 14:49 - 00000000 ____D () C:\Users\Don S\AppData\Local\Deployment

2014-12-12 10:09 - 2011-12-05 14:54 - 00000000 ____D () C:\Users\Don S\AppData\Local\Jaksta_Technologies_Pty_L

2014-12-12 10:08 - 2014-11-10 11:22 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-12-12 09:35 - 2014-08-19 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-12 09:35 - 2014-08-19 14:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-12 09:35 - 2014-03-14 12:54 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-11 10:14 - 2014-05-06 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-11 10:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-12-11 10:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat

2014-12-11 10:11 - 2010-05-25 10:32 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-12-11 10:08 - 2013-08-15 02:02 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-11 10:02 - 2010-04-13 08:37 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-12-10 16:37 - 2011-10-07 09:38 - 00000000 ____D () C:\ProgramData\TEMP

2014-12-10 12:53 - 2012-03-29 15:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-10 12:53 - 2012-03-29 15:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-10 12:53 - 2011-08-22 08:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-09 15:02 - 2010-04-13 15:22 - 00000000 ____D () C:\Users\Don S\Desktop\STP FTP

2014-12-09 15:02 - 2010-04-08 16:51 - 00000000 ____D () C:\Users\Don S

2014-12-09 12:22 - 2014-07-09 13:42 - 00000000 ____D () C:\Users\Don S\Desktop\Monarch Bay Sec

2014-12-04 14:48 - 2014-03-17 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-12-02 02:41 - 2012-02-01 14:41 - 00000000 ____D () C:\Users\Admin

2014-11-21 16:22 - 2014-02-18 11:12 - 00000000 ____D () C:\Program Files (x86)\Backblaze

2014-11-21 14:18 - 2009-07-14 00:13 - 00786662 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-11-21 06:14 - 2014-08-19 14:08 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-11-21 06:14 - 2014-08-19 14:08 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-11-21 06:14 - 2011-12-09 10:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-11-19 09:21 - 2009-11-03 17:45 - 00000000 ___DC () C:\dell

2014-11-17 13:15 - 2014-09-29 15:44 - 00002521 _____ () C:\Users\Don S\Desktop\Windows 7 USB DVD Download Tool.lnk

2014-11-17 13:15 - 2014-09-29 15:44 - 00000000 ____D () C:\Users\Don S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool

2014-11-17 13:15 - 2014-09-29 15:44 - 00000000 ____D () C:\Users\Don S\AppData\Local\Apps\Windows 7 USB DVD Download Tool

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-05 00:22

==================== End Of Log ============================

Crash254 · December 15, 2014

Here is the attached TDSSKiller Scan Log.

Thank you

Don

TDSSKiller.3.0.0.42_15.12.2014_11.36.00_log.txt

LiquidTension · December 15, 2014

Hi Don,

Please work your way through the following steps.

STEP 1
xfuv55DC.png.pagespeed.ic.utHP7dQtHY.jpg Creating System Restore Point (W7/Vista)

Click the Windows Start Button . Right-click Computer and click Properties.
Click System protection in the panel on the left.
Click the System Protection tab, followed by Create.
In the System Protection dialog box, type a description, and click Create.
Upon completion, close the window.

STEP 2
ComboFix

Note: Please read through these instructions before running ComboFix.
Please download ComboFix and save the file to your Desktop. << Important!
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click ComboFix.exe and select Run as administrator to run the programme.
Follow the prompts.
Allow ComboFix to complete it's removal routine (please refer to Important Notes:).
Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.
Re-enable your anti-virus software.

Important Notes:

Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.
Do NOT use your computer whilst ComboFix is running.
Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal.
If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.
ComboFix will disconnect your machine from the Internet as soon as it starts.
Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
If you are unable to access the Internet after running ComboFix, please reboot your computer.

STEP 3
AdwCleaner

Please download AdwCleaner and save the file to your Desktop.
Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for anything removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

STEP 4
Junkware Removal Tool (JRT)

Please download Junkware Removal Tool and save the file to your Desktop.
Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click JRT.exe and select Run as administrator to run the programme.
Follow the prompts and allow the scan to run uninterrupted.
Upon completion, a log (JRT.txt) will open on your desktop.
Re-enable your anti-virus software.
Copy the contents of JRT.txt and paste in your next reply.

STEP 5
Farbar Recovery Scan Tool (FRST) Scan

Right-Click FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

======================================================

STEP 6
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

ComboFix.txt
AdwCleaner[s0].txt
JRT.txt
FRST.txt
Addition.txt

Crash254 · December 16, 2014

Adam, thank you. Here are the logs:

# AdwCleaner v4.105 - Report created 16/12/2014 at 09:35:19

# Updated 08/12/2014 by Xplode

# Database : 2014-12-13.4 [Live]

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Don S - DONS-PC

# Running from : C:\Users\Don S\Desktop\AdwCleaner(1).exe

# Option : Clean

***** [ Services ] *****

Service Deleted : YahooAUService

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Windows\System32\Online

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.2

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 en-US)

*************************

AdwCleaner[R0].txt - [17531 octets] - [18/03/2014 09:11:50]

AdwCleaner[R1].txt - [1137 octets] - [18/03/2014 09:19:22]

AdwCleaner[R2].txt - [3195 octets] - [16/12/2014 09:30:43]

AdwCleaner[s0].txt - [17788 octets] - [18/03/2014 09:13:22]

AdwCleaner[s1].txt - [1199 octets] - [18/03/2014 09:21:13]

AdwCleaner[s2].txt - [3140 octets] - [16/12/2014 09:35:19]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [3200 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 7 Professional x64

Ran by Don S on Tue 12/16/2014 at 10:10:47.91

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [service] couponprinterservice

Successfully deleted: [service] couponprinterservice

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1237837275-29157359-2308031490-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_8CA8B414-8A88BD82.pf

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{009D88D3-572E-48BF-A7B6-E8A788F9AF21}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{016B586E-CE1C-4B3A-BF4E-97A8E5C28105}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{01D22AFE-A856-4C04-A556-E018E5632FCD}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{02650187-DDE8-46FB-BC23-84DC5CEF8471}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0314703D-C37D-468A-8D2E-51C42D68B1A1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{03BE9AC9-9210-4333-8E70-739BAA2EA8CC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{03F8A5AB-14D1-4C2F-984F-AC8B800D4309}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{04F6C65B-DE28-4BA8-8358-900DAD5C6E48}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{05526A17-9EFF-4EE1-8C7C-265D003E13D0}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{072DEDFA-A9A4-4800-9470-29A4AB23B98D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{07797453-2B0A-40EB-8335-5097BDC3EFFE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{08C3FB42-C98D-4A88-897B-4D96429B09D8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0A6FE706-18A7-49F1-B1EB-859B3C87E0DD}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0D2337AE-D9A7-47B4-B12A-3F7BD0886744}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0D419BA8-34AB-40A9-AE7A-EB42FA793408}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0D41AF8A-B6EF-43F5-ABCB-6CC36F3123CE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0DEDFF55-8127-49DB-B3F9-6BC1CB7C69C6}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0DF3C75A-AE5C-45E0-ABD1-F2714488D27A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0E16E577-DE5C-4882-BC40-1AEFA6041F4C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{0E2BBAC9-56F1-4922-8234-299FE7919F9F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{118328BA-E206-4860-ABE8-81488AD6A63D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{11FF1BB7-7B4E-4427-8428-CD86E4F415FC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1212669C-BC9E-4720-8822-733B1F608B9F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{125FFD31-2476-4533-906F-6E2778D44360}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{13AF4EB1-4F3E-40BF-A2AB-76E73C9A0E1D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{14E2FEBE-E25E-4DD2-AAE8-86B7D2E9EAC5}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{152A06B8-BA89-4019-BE80-C9610FFAE17E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{15990BDB-9A73-4A49-9A28-19E3E4A37B81}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{15CD97E6-6940-403D-A75C-0DAD793BAEA8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{18D4CACD-06AA-497F-9A4C-028A882761E0}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{199D9BCA-6603-407E-BDE3-C8DEA26DEA75}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1A8BA4FC-2174-44ED-9B26-8B7B466CF30B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1BC9485C-6FDA-45BC-B072-7B9C9EABDCEE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1C1CB804-1586-4F93-8526-333193440E4F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1C537E0F-904B-4C7D-B49D-533D5AD23E68}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1C5F4427-487D-436A-BFD6-E2F09146F755}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1C68F765-F695-4536-9329-5D5411CE43BB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1DBCAA29-60F2-4A02-A970-436D63D57114}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1E247907-A40C-4D46-BBC3-D30FC1D51088}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1F1B5B18-C70E-4948-B273-463B0416C890}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{1F5963DB-7A0D-4015-82CC-A2212870D44E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{208DBC62-E646-4FCB-B299-F620583FB91A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{211FEA94-10D6-4412-95E1-F18EF6B5334E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{24D88D7E-1689-4BCA-8A37-0F9DC2062187}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{25DCC700-C98A-417A-98FC-6299E59E46C2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{28626723-EC0C-49A9-B1F6-069796C13400}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2892242A-E034-4B4F-B1C6-8E1B4F7F7CC2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{290402DA-AE83-4E6D-8856-95451909F003}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{295E4CE4-1EC3-45EF-90BE-DB47BA59C45F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2965DB1A-B8E3-404D-B523-C153390BB3E1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{29C01344-6BFD-47DB-8D15-9CA5BBBB8C75}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{29CC0F20-8D79-44B4-9760-7E8D6E9411E5}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2A48750A-D720-466B-8406-A84296DEA469}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2A490B1E-4E75-4FC4-BCA6-D8AA7E7EE3DA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2AE4BC0A-1B32-4193-8A94-4BBFB94289D6}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2BB7761D-8F71-4F2A-9BE7-A07BE2FF18FC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2C55D955-36FB-4BF4-83D4-343F303E9046}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2D8B68D9-10BB-4759-9A57-719035AA2969}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{2FC2A5C0-48BA-44D7-B0C7-711F51D9F4F1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{306D7F99-44AF-4EED-B70E-EC108A775AA2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{327E08BA-9D76-4248-9D7B-37A0EE41F706}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{35324EEB-3730-4713-9BAA-9320CCF9BB1D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{35731210-4773-4381-A583-974E1A257C8F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{35740361-F30A-41BF-93B1-C7EE5DB9CF9A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{363E4EC4-A832-4CFE-B7F9-24DEE55DE667}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{370CFDE9-8313-4999-BDE2-DDACE1A0CAFC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3BF57D89-48A7-40E3-92A0-429BE23FA374}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3C16D333-6EDC-4665-9558-E652E782540D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3C3D9A98-2320-426B-888A-2487EE38D9C7}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3C92C56E-CE03-4267-9416-F6104BDF7449}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3CEA0AE0-0425-4C21-851D-F7289E18707A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3DB71072-53CC-4B93-B96D-CE4FB9BE6890}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{3F7D26C1-6268-4CB8-B719-57B078CFBE66}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{402A1FFD-D838-4AA8-8AC7-7E1C78D80BAB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{40E498AC-DBE7-4982-94FD-C15CF6B9F2D1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{411671F9-9782-450C-89F9-05ECB2C50056}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{41B55DA8-7C64-4F18-A740-FFA744903845}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{44447c60-5bb2-65b6-5435-0ccf78eab4cd}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{44E3D7E5-16EE-430A-AE93-9F1979668BCE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4573F462-AA79-41C9-99FD-5F09F2A1CB41}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{470A7E58-7F9B-4B9C-BBE5-7D898B18C588}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{472E9669-AA47-4958-ACAC-06DEF6F3C5F3}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{47C15D0D-2688-4D99-A7A7-3EDEB0B4DF02}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{491FC587-3B9C-4A9D-AB85-45E3766B867C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{49C61A4F-707E-44D3-BF09-CCA37F6FE0D4}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{49F9E70D-2E8D-4FEE-B9C3-1EF9E81E12DA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4B97140C-014B-472B-8766-EED02ADC2132}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4B9A09E0-DD35-4129-8A6F-93D457E33D20}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4EA3F2E1-4C5D-4927-BFF8-2E1F57427C98}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4EA5CDB1-07C5-47D6-A4C7-3667E5AD9504}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{4FD52080-32C6-4EDB-851A-330D7CFB5C0A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{50530D99-9C22-4C14-BBD7-5ED3ADC7A115}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{50C5B257-1BFD-4A7A-9D17-B822C6EBAD93}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{50C8958E-6D3D-40C9-88A0-B3347DCAE39B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{526AA0E3-F70F-4316-B0AD-A25CB006811E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{542CDC7D-E914-4C5E-AFD4-DFDAA0EF7DEA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{555FA14D-56A2-473D-A7CC-7B7317DF89E8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{55F6B54D-6BDA-4029-848C-3920FFB45716}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{56F9F828-D2FE-4110-B754-DFB99A244AEF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{59631B55-C654-484A-AE0C-7CAE525687C8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5AA34463-8D0A-4809-ADF4-C38400EC891B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5C6C233B-3925-43A1-B52F-8C9348E747D4}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5CA3722A-3223-4D50-B48A-3192535E6180}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5CBD2161-879D-4DF6-890A-724F89A62A2B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5D91A087-220D-4B62-8A88-E4B005818E5C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{5F26D1B1-22CC-420C-876B-4B517FAEBFD1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6127FCB9-0C8B-4D14-BB71-9418342281C5}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{614EF7E1-92F6-498F-A861-CF37A76EC80E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{62BA8816-D927-4BC6-A8E3-E5B93A9374BE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{63D03B3B-B38B-41F8-98C4-71E4BD54F52A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6462FE33-00BF-4A3E-BBB0-626F9F820132}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{64AC13C7-8476-4CA2-B1D9-60A20629A251}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{64FC3E60-93B5-42FD-872F-DC46626C4C84}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{65FB6439-59EE-46F2-85C5-A86B64BA77E2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{673874A1-DE8A-492F-8526-40C0E62FDCCD}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{676EABD5-7759-441D-83AB-24F3E083243B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{68C40875-61DE-4126-83EF-020F0D279C60}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{68D413DA-DDB8-4244-82E9-C1984FA0E103}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{68FEBC99-9D95-4FE6-A5E8-5F8AC763CCE7}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6ABE489E-5993-4C02-A1B3-C42722F2226C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6ADF49D7-89E2-462A-90E2-5C03D6E56A23}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6AEC59FB-BCE5-421A-8E98-DCBCE7CABD50}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6C5EC60C-7739-4FA3-AE3C-521031912044}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6CE39077-FD31-485D-BABA-D57449F326FB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6D948F20-2E7E-4F04-8417-429F68560EAF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6EB4EC2E-E361-4493-8B6C-AEFC30A34863}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6EBA275E-EFF7-44C5-8BF2-5E46770AF2A6}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{6EE86FF7-4515-4D34-A08F-9DD4B8EB7ACF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{70F240E0-3D00-4B3C-B0DA-F011209948F8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7141702E-F81C-404A-B5B9-3A20594532EA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{714D6C52-A81A-4E99-8777-9B594B87C47F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{719122EE-AC3D-45E9-993D-73B8A1417368}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{720A460D-E1EB-45D6-AAE5-E215B255A206}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{72EB4361-78F6-4C3B-9ACD-1C5BAE291429}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{739052EA-4756-4374-9AAD-31F9B611F45A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{742C34B4-FE32-4A40-8308-8B227EC9A3E8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{74C2AE57-7CE7-4F87-A153-823B698AEB8D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7523E9FC-19C4-437A-8217-024B6230E9C9}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{753FD0CC-A6F2-41BC-901B-E9A65FE80128}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{75812B86-2732-4410-94E7-6E72360684E8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{759E59AC-8872-48FB-ADB3-3E53F332D885}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{76C4F438-9115-4FC2-9F56-2BF45A1B49A8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{77BE294D-800B-483F-87A6-5BE704B83B67}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{789655D5-645F-4EF5-8840-924AB24655CF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{789EE88B-AA5C-4D12-BA02-B967B318A029}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{78ADCD1A-CCBF-421D-BDAD-09335BB8CD30}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{78D676B8-7EBB-4B40-9E39-A4D0B8304911}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{78F90551-6B33-4D5F-AE80-2460D51C6AE2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7963A9C7-4DC5-4B22-AC68-554DB0EA9534}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7A1BBDD4-1142-4D6F-925A-C3FF6F6901FF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7A33247C-C6AF-4354-A548-377A74C0B340}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7B43780B-48AE-4159-969E-0E49B1EA88E0}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{7CD265A2-D9CD-452C-995B-18970025CD32}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{81FD1A42-8EE1-445A-8A43-D67059E63EA4}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{82E181C5-ADF8-45DB-80AF-4F8187DBD0D0}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{854A8D91-626C-4699-851B-423B1616E921}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{87B16419-5716-42CC-93FF-8E08BA86C37B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8802796C-C563-4922-A1D8-80DF341553DA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{89992117-E50A-44F0-8638-4250EA8953C8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8AD70865-8595-4DD3-AD02-62345E66694B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8B295E68-81AA-424D-A356-F492A73CF397}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8B4D38E9-7CA0-4165-9F30-55696C844722}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8BCA4BAD-7A7A-4596-94BC-ABCBE32D0534}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8C9B8E73-136F-4E5B-93AE-4BBED8AA1D28}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8E712C35-25A0-48A9-BC75-D6B5EABE3424}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{8E751306-599F-4A2D-B164-0C433022290A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{906F39A2-72D2-4B2D-AC98-0B1B4BB66621}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{91363D60-9476-473F-BCD4-B3A20B4296C3}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{9170D9A2-0360-49E1-BB41-373FC17C27CF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{92314AE6-1444-41C6-BF5F-26F49E35AEB5}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{93736B21-25FB-4DC8-BD74-1D70831E47F9}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{95833E15-F5BF-4F0D-8362-F19F08E236F5}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{95CB583B-0742-4FA3-9092-020BE932D10D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{964EB4C0-D554-40E1-A642-9397AF077078}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{965567F0-5BA1-4ED8-8FE3-346AC57EF06C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{9AAC5C0C-879C-4C95-8F63-4A21259C00BB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{9C3B5602-2C55-4541-8A1E-6B72884D37FA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{9E715329-2AF1-4216-8B7E-FA7F1DCC143C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{9E803F5F-F77E-4D44-8F29-B5150D38221A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A001AE62-4889-446B-9543-4D7A760A7711}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A11D1269-63FD-4EFD-866D-E03F3A104779}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A294C49B-F663-46D6-A74E-F2EE991D90D4}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A2E62476-C099-446B-B25B-D93D604E7006}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A3619545-A6F9-4B56-B0F2-5DE00353A5C1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A374A848-C950-406C-B320-1F639C306908}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A42D558B-C58D-469A-B54E-98374A5A5D72}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A4F23EEF-4159-4B69-9D3C-863B8086252D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A527CDD8-60ED-47D6-A083-28337BE9BB3F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A6DB82A1-8BE2-439B-B21E-9F3D551C0FB8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A77B65AB-22C3-4AAB-A8D8-A42BB4963018}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A7FDAF01-B830-4A43-BFFE-0F2BA6E20C68}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A982276D-32E8-48E3-9A4C-F38D2B4FC9B2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{A9C3C7F9-6FE6-4BD5-BDB4-744D06983E25}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{AA2CB0AC-7449-484E-A146-8C51703BD337}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{AB22847A-55FB-43C0-B522-189660E64C10}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{AB70F4D7-1B9D-4D89-B543-1CE4F1C3860F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{AB7A241F-D3D2-4728-B340-70F7584F8D1B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{AD58287F-7BAC-481C-8D92-AFB4B0E87F2F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B090BE1F-DE90-477C-83DF-18626D66E3A7}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B10D7107-CC3A-4575-8F02-E736A5C15032}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B12CF724-EC90-42F0-A082-97F9E87C5656}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B1EE0CEF-5EEE-47F1-A71D-9AECA8155044}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B21DA47C-DAA3-4D85-B32E-133825070A70}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B253F92A-74F9-4BE2-8FA0-EF02DEC2C200}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B44123BD-593D-40BA-924A-89AAFA8C3D71}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B4B08A93-8C97-413B-B27A-135D9CDA402B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B4FA86FA-3DEA-43DE-8219-358E1389E53E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B5D628F3-4967-4E74-9410-682F186DFA71}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B60CBDD6-C731-435B-8111-B535C224AA87}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{B9B76992-BAD7-47E6-B9F7-1DF95F196753}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{BA19279A-6896-4E56-BB95-77A31BACEBE0}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{BB83A9C3-5537-4987-8EDA-2F33672B1B67}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{BBC624F3-CC04-4828-9F3B-D978563DDC71}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{BC30052B-763D-46F9-8A6E-B1A001DE955F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{BD090016-C211-4BA1-AAE6-3F0D0E4D1CFE}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C0625E08-AF6D-4F95-8E55-65343A825E9D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C3C911AC-33F5-4F30-BA13-44437CB9B0E6}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C3DD9EAB-178F-4842-A033-3C67DB342448}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C41CE579-E0AA-474D-BAD1-A220F745D1FA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C4C7D025-076A-494F-9B16-E3FEF4B7713E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C5242F11-77D2-455E-A4A0-2F04C4145BDB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C58C61F5-0073-438B-AEAD-F8D1B1E8CFF2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C5C351E9-B094-431B-A681-6113D74DD35E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C6C93269-4940-415C-9905-0ECC5E689621}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C71C9552-EC96-4DE2-9839-2FA3E5613740}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{C729617A-6EC9-44FB-82C3-AF17E5ED6BBC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{CDF21CCF-B80C-473E-BB92-673F8ACB6CBC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{CF03C3FD-C6F5-4819-B724-90A176867BCD}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{CF6775A4-B1A6-4DAE-92A3-7CD74106DA02}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D04AEE58-83A7-4543-B0BE-53A9AAB37B90}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D1679B9F-9521-42C5-8A03-EAA9C4535F75}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D1F6D5CB-0608-4F06-8511-8FCCBE13E10C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D24D0E28-0A07-4A8C-9AF5-22DA793E93C3}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D3306FDF-A265-4759-AD09-34AB7BF6980E}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D46CA7A9-3747-44ED-A967-21D540ECF788}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D7EBCE6C-4220-46CB-B644-7AD11C849DA2}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D7EDCFDD-0DC9-4200-88F7-BF18C0CBE2B7}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{D84DE6D9-BD30-4AC8-B9C1-6068EC5E22BA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{DBE5B4BB-1A37-49D0-A7E9-21C5C35CEB1A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E2276635-7E43-4E57-A9C0-27A17C94E9CD}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E293BFBD-EB0E-41F4-9C28-5DDADEED926D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E3687CC3-11B7-4D6D-B1EB-0AEFC7E18AB9}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E37BE1FD-BE0A-4B59-9477-B96DE51A516A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E38738DB-DC4B-4E9D-A159-0CAC38A252A8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E3CAD49C-6E16-403A-ADC8-C6D347B753DC}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E42E49FC-91E1-445D-B75A-1341C3ABA9F8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E4FE3517-4E94-463E-8543-5028D9735975}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E5A2D675-D46A-403C-B21F-2C859BBF0F06}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E5BEE820-044A-4C6B-A9E2-B8707A51E529}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E79CA6C8-6104-4CBD-A580-F82DC9A846DF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E7AFFB23-9E2F-4B8E-BC29-34BE0AD2F401}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E7F50B32-2D6B-46A4-8D49-48C747E4FB1C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E7F797E7-E587-40EC-97D1-B4137FF71D6C}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E801F682-A1A1-41AC-A449-0F3AE782DC6D}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{E96ED2A8-6606-4D72-9EB9-21196D443820}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EA89751D-BB78-4C91-BDD2-4456BF9C67E1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EB4CC410-1342-4A45-97F0-D99B49C8E8B8}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EBEB795D-7272-489F-BCBF-3966A4C8D1E9}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EC1E33A3-89A2-492E-889B-E36E9DC70097}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EDA7DABC-EC3B-44FC-9815-82427DA85C48}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EDBFAC8D-3E24-4732-817E-18FF99349FFF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EE8F6593-C89F-4C2B-AEF3-4EAD15118E4F}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{EEF354EE-A256-4BDA-BC29-82CEDD5808F4}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F028D5A9-347B-4BBB-88CF-DCA33A4C6173}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F17F935E-1169-43A1-ABF6-39A19F1AAE28}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F2EBBDAC-BA4E-473F-A3EC-089EE691530A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F303B62C-ED33-4992-BA93-105EDC138431}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F43AEE5B-6CF8-4B11-923B-E327BA411B71}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F5F111A8-416C-4B1B-8CFA-E4349B68D656}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F69E0E0B-85F8-4873-B575-C24423E703F3}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F6EF462C-0C34-495D-A548-7D3900EC3C5A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F8383FB5-B059-4396-B1B7-FB4675228CEB}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F8CD64FF-CC15-47BB-AAA0-DFE3E28F79D6}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F8FBC819-DFCC-4131-9836-B254628E52BA}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{F9C842F7-2AEF-4E3A-B69B-B39040D5C229}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FB01C03A-5E1E-4D35-A541-D3FB70E8E35B}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FB2EFC0D-E468-4CD7-A8DF-816D69761F05}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FC022BAD-2B3E-46C0-AC1C-DB7AF5A07168}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FD13AA2C-9AEB-4B4A-94FC-EBE9710AD4F1}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FE0A32E4-811E-4EF2-A311-2044C728754A}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FE43D254-A4A6-4D8D-B577-76AAFD4B0BDF}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FE44A22E-CB28-4177-A269-50987AE9D042}

Successfully deleted: [Empty Folder] C:\Users\Don S\appdata\local\{FEFEF548-4AD7-406B-8EB5-2B43C0145A05}

~~~ FireFox

Emptied folder: C:\Users\Don S\AppData\Roaming\mozilla\firefox\profiles\ujppdshf.default-1396033520971\minidumps [55 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 12/16/2014 at 10:13:43.66

End of JRT log

Crash254 · December 16, 2014

And the two logs from Farbar:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01

Ran by Don S (administrator) on DONS-PC on 16-12-2014 10:32:33

Running from C:\Users\Don S\Desktop

Loaded Profile: Don S (Available profiles: Don S & Admin)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

() C:\Program Files (x86)\Backblaze\bzserv.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

() C:\Program Files (x86)\Backblaze\bzbui.exe

(Dell) C:\Users\Don S\AppData\Local\Apps\2.0\9DDDYZMH.HXM\CQ1OTBA7.CQK\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4888f2ef11e\DellSystemDetect.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe