Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't use IE or FF, can't install K-Lite Codec Pack, can't install java...


  • This topic is locked This topic is locked
112 replies to this topic

#1 4youte

4youte

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 17 June 2014 - 02:00 AM

I'm posting on this forum as instructed by admin from my forum thread at http://www.bleepingcomputer.com/forums/t/535537/pupoptionalbestbuya-and-other-issues/

I've been having issues with my computer. I initially posted a thread for the reason of having constant detections of PUP.Optional.BestBuy,A which would keep coming back even after removal with MBAM. I also posted because I keep getting an error saying "Not running genuine windows". The computer came with a windows 7 sticker at the bottom right corner on the front, and the Dell Microsoft Windows 7 Home Premium sticker at the end of the top of tower in the back. I am still currently having the issues that I stated. Along with these issues. Firefox, Internet Explorer, and Spotify all randomly stopped working at the same time. As instructed I've used AdwCleaner, Junkware Removal Tool, ESet Online Scan, MiniToolbox, SecurityCheck, Windows Repair (All In One), RKill, and Farbar Service Scanner,   

 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17126
Run by Jeremy at 2:05:03 on 2014-06-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6057.2900 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Sandboxie\SbieCtrl.exe
C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Sandboxie\SbieSvc.exe
C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\helppane.exe
C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.46.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Sandboxie\32\SbieSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.linkcollider.com/automatically-get-web-traffic
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com
BHO: iMacros Browser Helper Object: {34D5A80A-992D-4F07-9509-66E9E133BAAF} - C:\Program Files (x86)\Ipswitch\iMacros\iMacrosBHO.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: YRefresher: {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files (x86)\YRefresher\YRefresher.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: YRefresher: {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files (x86)\YRefresher\YRefresher.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
uRun: [Spotify Web Helper] "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRunOnce: [Del D:\- Jeremy\- Images\Me\- Facebook\- JaizMusic\- Social Pics\Kissing\GEDC0557\GEDC0557.psd OnNextReboot] cmd.exe /c DEL /F /Q "D:\- Jeremy\- Images\Me\- Facebook\- JaizMusic\- Social Pics\Kissing\GEDC0557\GEDC0557.psd"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
IE: {602AB448-D389-4a54-B6A6-CE57AA0CCFC4} - {4F0BF642-F4F1-4914-AC9C-B3D38BBA3F56} - C:\Program Files (x86)\Ipswitch\iMacros\iMacrosBHO.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{5D1CAAD8-6D06-4F95-AB66-F1BBC1C7FADB} : DHCPNameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4} : DHCPNameServer = 208.59.247.45 208.59.247.46
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: iMacros Browser Helper Object: {34D5A80A-992D-4F07-9509-66E9E133BAAF} - C:\Program Files\Ipswitch\iMacros\iMacrosBHO.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-IE: {602AB448-D389-4a54-B6A6-CE57AA0CCFC4} - {4F0BF642-F4F1-4914-AC9C-B3D38BBA3F56} - C:\Program Files\Ipswitch\iMacros\iMacrosBHO.dll
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-24 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-8-24 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-24 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-24 421704]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-24 78648]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-12-20 114448]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-5 80184]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-8-21 29288]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-13 16:40:23 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-13 16:40:23 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-06-13 16:40:15 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-13 16:40:15 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-06-13 16:40:15 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-13 16:40:15 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-06-13 16:40:15 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-06-13 16:40:15 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-06-13 16:40:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-06-13 16:40:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-06-13 16:40:14 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-06-13 16:40:14 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-06-13 16:36:22 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC477496-B2BB-4921-85C4-B3FD24617EC8}\mpengine.dll
2014-06-13 11:54:07 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-06-10 20:55:38 -------- d-----w- C:\Program Files (x86)\YRefresher
2014-06-10 16:04:32 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2014-06-02 18:18:41 -------- d-----w- C:\Users\Jeremy\AppData\Local\Adobe
2014-06-02 18:16:22 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-05-31 01:00:22 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Conversations Network
2014-05-31 00:46:07 -------- d-----w- C:\Program Files (x86)\Levelator
2014-05-30 12:18:30 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\MeldaProduction
2014-05-30 12:18:30 -------- d-----w- C:\ProgramData\MeldaProduction
2014-05-30 12:18:30 -------- d-----w- C:\Program Files (x86)\MeldaProduction
2014-05-29 23:41:49 -------- d-----w- C:\Program Files (x86)\ESET
2014-05-28 04:40:27 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-05-28 04:40:01 -------- d-----w- C:\AdwCleaner
2014-05-27 07:57:53 -------- d-----w- C:\Program Files (x86)\jaiztmoe@hotmail.com
2014-05-27 07:57:53 -------- d-----w- C:\Program Files (x86)\AccountFacebook
2014-05-27 07:31:04 -------- d-----w- C:\ProgramData\AprelTech
2014-05-26 12:24:45 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-26 12:22:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-26 12:22:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-25 13:39:05 -------- d-----w- C:\Program Files\Ipswitch
2014-05-25 13:39:05 -------- d-----w- C:\Program Files (x86)\Ipswitch
2014-05-22 20:46:07 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\DropboxMaster
2014-05-22 13:47:46 -------- d-----w- C:\Program Files (x86)\iOpus
2014-05-21 09:51:45 -------- d-----w- C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
.
==================== Find3M  ====================
.
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-02 03:11:25 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-02 03:11:25 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-17 01:58:25 36934 ----a-w- C:\Program Files\uninstall.exe
2014-05-12 11:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 11:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-01 02:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 02:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-31 13:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH:  2:07:59.58 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 2/2/2012 9:17:09 PM
System Uptime: 6/15/2014 1:01:22 AM (49 hours ago)
.
Motherboard: Dell Inc. |  | 0GDG8Y       
Processor: Intel® Core™ i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 245.1 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 278.805 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 140.195 GiB free.
F: is FIXED (NTFS) - 2795 GiB total, 513.67 GiB free.
G: is FIXED (NTFS) - 3726 GiB total, 2762.435 GiB free.
H: is Removable
O: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP717: 6/10/2014 5:36:23 AM - Windows Update
RP718: 6/11/2014 7:00:33 AM - Windows Update
RP719: 6/13/2014 11:23:26 AM - Tweaking.com - Windows Repair
RP720: 6/13/2014 7:45:28 PM - Windows Backup
RP721: 6/14/2014 2:10:47 AM - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
7-Zip 9.19 (x64 edition)
7-Zip 9.20
AAMS Auto Audio Mastering System V2.5
Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0.1
Adobe Audition 1.5
Adobe Audition 3.0
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Photoshop CS5.1
Adobe Premiere Elements 10
Adobe Premiere Elements 10 Content
Adobe Premiere Elements 10 Content 1
Adobe Premiere Elements 10 Content 2
Adobe Premiere Elements 10 Content 3
Adobe Premiere Elements 10 HD Content 1
Adobe Premiere Elements 10 HD Content 2
Adobe Premiere Elements 10 HD Content 3
Adobe Reader XI (11.0.07)
AIM for Windows
AIPL WarmTone DX v2.2
Antares Autotune VST v5.09
Antares Microphone Modeler - ZONE
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Audacity 2.0.3
avast! Free Antivirus
Badoo Desktop
Blaine's Alias Title
Blaine's Bloom/Negative Effects
Blaine's Cartoonify Effects
Blaine's Color Fade Effects
Blaine's Contrast Effects
Blaine's Custom Dreamy Look Title
Blaine's Custom Speed Effects
Blaine's Film Looks Effects
Blaine's Letterbox Effects
Blaine's Pixelate Effects
Blaine's TV Signal Effects
BlueStacks App Player
BlueStacks Notification Center
Bonjour
CameraHelperMsi
Canon Easy-WebPrint EX
Canon IJ Scan Utility
Canon MG2200 series MP Drivers
Canon MG2200 series On-screen Manual
Canon MG2200 series User Registration
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide
Canon Quick Menu
Canon Utilities CameraWindow DC 8
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
CCleaner
CDBurnerXP
Cheat Engine 6.3
ClickFix Lite for Adobe Audition version 3.04 (remove only)
Conexant HD Audio
ContaCam
D3DX10
DAEMON Tools Lite
Dell Edoc Viewer
Dropbox
Elements 10 Organizer
erLT
ERUNT 1.1j
ESET Online Scanner v3
EULAlyzer 2.2
Facebook Video Calling 2.0.0.447
FastStone Capture 6.8
FileZilla Client 3.8.0
foobar2000 v1.1.10
Free Sound Recorder v9.6.1
FreeUndelete 2.1.36867.1
GEAR driver installer for AMD64 and Intel EM64T
GetDataBack for NTFS
GlaceVerb 1.01
Google Chrome
Google Update Helper
HandBrake 0.9.5
HitLeap Viewer 2.8
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Smart Web Printing 4.51
HP Solution Center 13.0
iMacros for Chrome File Access 1.0.0.805
iMacros Version 10.0.1.2816 (x64)
Intel® Processor Graphics
Intel® SDK for OpenCL - CPU Only Runtime Package
IrfanView (remove only)
iTunes
JDownloader 0.9
Junk Mail filter update
Levelator
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 2.0.2.1012
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MixMeister Studio 7.2.2
Movie Maker 6.0 for Windows 7 (64-bit)
Moyea FLV to Video Converter Pro version 1.29.2.11
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
Mp3 Song Plays Increaser
MSVCRT
MSVCRT_amd64
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network64
OCR Software by I.R.I.S. 13.0
OLYMPUS Master 2
Paltalk Messenger  11.2
PDF Settings CS5
PlayReady PC Runtime x86
PRE10STI64Installer
QuickTime
Rapture 1.2.2
Recuva
Sandboxie 4.08 (64-bit)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition 
Share YouTube Videos version 1
Simple Search-Replace
Skype™ 6.11
SmartSound Common Data
SmartSound Premiere Elements 10 x64 Plugin
SmartSound Sonicfire Pro 5
Sonic Foundry ACID 4.0e
Sony Sound Forge 7.0
Spotify
SpywareBlaster 5.0
SUPERAntiSpyware
System Requirements Lab for Intel
TeamViewer 9
Thread Manager 2.4.0.0
Tweaking.com - Windows Repair (All in One)
Universal Audio v4.4.0 Native
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.1.3
Waves Complete V9r1
Waves Mercury Bundle
Waves SSL Collection v1.2
Weeny Free PDF Password Remover 1.1
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series x64 Edition
YRefresher 1.20
.
==== Event Viewer Messages From Past Week ========
.
6/15/2014 4:03:16 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Jeremy-PC\Jeremy SID (S-1-5-21-4055183432-471262313-3685020261-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/15/2014 1:02:10 AM, Error: Service Control Manager [7023]  - The BlueStacks Android Service service terminated with the following error:  An exception occurred in the service when handling the control request.
6/13/2014 6:06:23 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
6/12/2014 7:53:08 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
.
==== End Of File ===========================
 


 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 21 June 2014 - 06:14 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Wait for further instructions.

#3 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 21 June 2014 - 11:51 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Jeremy (administrator) on JEREMY-PC on 22-06-2014 00:49:36
Running from C:\Users\Jeremy\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SbieCtrl.exe
(Spotify Ltd) C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SandboxieDcomLaunch.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SandboxieBITS.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SandboxieWUAU.exe
(Sandboxie Holdings, LLC) C:\Program Files (x86)\Sandboxie\SbieSvc.exe
() C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.46.exe
() C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ipswitch, Inc.) C:\Users\Jeremy\AppData\Local\Programs\iMacros for Chrome File Access\afio.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software)
HKLM-x32\...\RunOnce: [Del D:\- Jeremy\- Images\Me\- Facebook\- JaizMusic\- Social Pics\Kissing\GEDC0557\GEDC0557.psd OnNextReboot] - cmd.exe /c DEL /F /Q "D:\- Jeremy\- Images\Me\- Facebook\- JaizMusic\- Social Pics\Kissing\GEDC0557\GEDC0557.psd" [69218238 2012-11-11] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4055183432-471262313-3685020261-1000\...\Run: [SandboxieControl] => C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4055183432-471262313-3685020261-1000\...\Run: [Spotify Web Helper] => C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-18] (Spotify Ltd)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.linkcollider.com/automatically-get-web-traffic
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: iMacros Browser Helper Object - {34D5A80A-992D-4F07-9509-66E9E133BAAF} - C:\Program Files\Ipswitch\iMacros\iMacrosBHO.dll ()
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: iMacros Browser Helper Object - {34D5A80A-992D-4F07-9509-66E9E133BAAF} - C:\Program Files (x86)\Ipswitch\iMacros\iMacrosBHO.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - YRefresher - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files (x86)\YRefresher\YRefresher.dll (xwen.ca)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210
 
FireFox:
========
FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Muter - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\muter@yxl.name [2014-03-16]
FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-06-14]
FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23]
FF Extension: Dm0nKs Spotify Link Redirector - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\jid0-Xl3Oy6TJVT4qdRxyRor2JAAl3hU@jetpack.xpi [2014-05-18]
FF Extension: X-notifier - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-09-21]
FF Extension: ReloadEvery - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-02-21]
FF Extension: Modify Headers - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-05-16]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-20]
FF Extension: Adblock Plus - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Greasemonkey - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.linkcollider.com/automatically-get-web-traffic", "hxxp://www.facebook.com/browse/other_connections_of/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (BitCometAgent) - C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll (BitComet)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-02-21]
CHR Extension: (Google Drive) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Nanny for Google Chrome ™) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2014-02-21]
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-06-20]
CHR Extension: (avast! Online Security) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21]
CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-21]
CHR Extension: (MuteTab) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2014-03-16]
CHR Extension: (Google Wallet) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-15]
 
==================== Services (Whitelisted) =================
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems) [File not signed]
S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files (x86)\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo)
U3 DfSdkS; 
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-22 00:48 - 2014-06-22 00:49 - 00057082 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-06-22 00:47 - 2014-06-22 00:49 - 00023703 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-06-22 00:47 - 2014-06-22 00:49 - 00000000 ____D () C:\FRST
2014-06-22 00:46 - 2014-06-22 00:46 - 02083328 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-06-20 09:12 - 2014-06-20 09:14 - 00000053 _____ () C:\Users\Jeremy\Desktop\Music Video Views.txt
2014-06-17 18:46 - 2014-06-17 18:46 - 00080016 _____ () C:\Windows\PFRO.log
2014-06-17 02:08 - 2014-06-17 02:09 - 00000000 ____D () C:\Users\Jeremy\Desktop\Bleeping Computer.com
2014-06-17 02:03 - 2014-06-17 02:03 - 00688992 ____R (Swearware) C:\Users\Jeremy\Desktop\dds.com
2014-06-16 22:32 - 2014-06-17 06:27 - 00000000 ____D () C:\Users\Jeremy\Desktop\- Texts
2014-06-15 09:11 - 2014-06-14 02:05 - 00606643 _____ () C:\Users\Jeremy\Desktop\Your Time (Final Mix).ses
2014-06-14 23:29 - 2014-06-14 23:29 - 00000070 _____ () C:\Users\Jeremy\Desktop\BleepingComputer.txt
2014-06-14 11:21 - 2014-06-14 23:29 - 00001796 _____ () C:\Users\Jeremy\Desktop\chrome.exe.lnk
2014-06-14 09:35 - 2014-06-14 09:35 - 00679056 _____ () C:\Users\Jeremy\Desktop\CodecPackage.exe
2014-06-13 14:22 - 2014-06-13 14:22 - 00415744 _____ (Farbar) C:\Users\Jeremy\Desktop\FSS.exe
2014-06-13 14:17 - 2014-06-15 01:12 - 00002122 _____ () C:\Users\Jeremy\Desktop\Rkill.txt
2014-06-13 14:17 - 2014-06-13 14:17 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Jeremy\Desktop\rkill.exe
2014-06-13 14:17 - 2014-06-13 14:17 - 01061112 _____ (Bleeping Computer, LLC) C:\Users\Jeremy\Desktop\rkill64.exe
2014-06-13 12:40 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 12:40 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 12:40 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 12:40 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 12:40 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 12:40 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 12:40 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 12:40 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 12:40 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 12:40 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 12:40 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 12:40 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 12:39 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 12:39 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 12:39 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 12:39 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 12:39 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 12:39 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 12:39 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 12:39 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 12:39 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 12:39 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 12:39 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 12:39 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 12:39 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 12:39 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 12:39 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 12:39 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 12:39 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 12:39 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 12:39 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 12:39 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 12:39 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 12:39 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 12:39 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 12:39 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 12:39 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 12:39 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 12:39 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 12:39 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 12:39 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 12:39 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 12:39 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 12:39 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 12:39 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 12:39 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 12:39 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 12:39 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 12:39 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 12:39 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 12:39 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 12:39 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 12:39 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 12:39 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 12:39 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 12:39 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 12:39 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 12:39 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 12:39 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 12:39 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 12:39 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 12:39 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 12:39 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 12:39 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 12:39 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 12:39 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 12:39 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 12:39 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-13 07:54 - 2014-06-13 07:54 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-13 07:53 - 2014-06-13 07:53 - 00284224 _____ (Mozilla) C:\Users\Jeremy\Desktop\Firefox Setup Stub 30.0.exe
2014-06-13 07:38 - 2014-06-17 18:47 - 00001232 _____ () C:\Windows\setupact.log
2014-06-13 07:38 - 2014-06-13 07:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-11 13:25 - 2014-06-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dasample GlaceVerb
2014-06-10 16:55 - 2014-06-10 16:55 - 00562067 _____ (xwen.ca ) C:\Users\Jeremy\Desktop\YRefresher_1_20_Setup.exe
2014-06-10 16:55 - 2014-06-10 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YRefresher
2014-06-10 16:55 - 2014-06-10 16:55 - 00000000 ____D () C:\Program Files (x86)\YRefresher
2014-06-10 12:05 - 2014-06-10 12:05 - 00002161 _____ () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-06-10 12:04 - 2014-06-10 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-10 12:04 - 2014-06-10 12:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-10 12:03 - 2014-06-10 12:03 - 05461664 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-06-03 10:36 - 2014-06-03 10:36 - 00003192 _____ () C:\Windows\System32\Tasks\{FE8CF7AE-0509-4B9A-8EAE-8237AA2A4DCD}
2014-06-02 15:19 - 2014-06-02 15:19 - 00325019 _____ () C:\Users\Jeremy\Desktop\Debbie..zip
2014-06-02 14:18 - 2014-06-14 19:53 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe
2014-06-02 14:16 - 2014-06-02 14:17 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-02 14:16 - 2014-06-02 14:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-02 14:16 - 2014-06-02 14:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-02 14:16 - 2014-06-02 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-02 14:16 - 2014-06-02 14:16 - 00000000 ____D () C:\Program Files\Java
2014-06-02 14:12 - 2014-06-02 14:12 - 30984104 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jre-7u60-windows-x64.exe
2014-06-01 02:57 - 2014-06-08 02:45 - 00854367 _____ () C:\Users\Jeremy\Desktop\SecurityCheck.exe
2014-05-31 12:53 - 2014-05-31 12:53 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-31 12:53 - 2014-05-31 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-31 12:50 - 2014-05-31 12:50 - 24677393 _____ () C:\Users\Jeremy\Desktop\vlc-2.1.3-win32.exe
2014-05-31 08:22 - 2014-05-31 08:30 - 18456026 _____ ( ) C:\Users\Jeremy\Desktop\K-Lite_Codec_Pack_1050_Standard.exe
2014-05-30 21:25 - 2014-05-30 21:25 - 00037816 _____ () C:\Users\Jeremy\Desktop\Result.txt
2014-05-30 21:23 - 2014-05-30 21:23 - 00982016 _____ (Farbar) C:\Users\Jeremy\Desktop\MiniToolBox.exe
2014-05-30 21:00 - 2014-05-30 21:00 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Conversations Network
2014-05-30 20:46 - 2014-05-30 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conversations Network Levelator
2014-05-30 20:46 - 2014-05-30 20:46 - 00000000 ____D () C:\Program Files (x86)\Levelator
2014-05-30 08:18 - 2014-05-30 11:08 - 00000000 ____D () C:\Program Files (x86)\MeldaProduction
2014-05-30 08:18 - 2014-05-30 09:42 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\MeldaProduction
2014-05-30 08:18 - 2014-05-30 08:18 - 00000000 ____D () C:\ProgramData\MeldaProduction
2014-05-30 08:13 - 2014-05-30 08:13 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-29 19:41 - 2014-05-29 19:41 - 02347384 _____ (ESET) C:\Users\Jeremy\Desktop\esetsmartinstaller_enu.exe
2014-05-29 19:41 - 2014-05-29 19:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 00:57 - 2014-05-28 00:57 - 00000933 _____ () C:\Users\Jeremy\Desktop\JRT.txt
2014-05-28 00:51 - 2014-05-28 00:51 - 01016261 _____ (Thisisu) C:\Users\Jeremy\Desktop\JRT.exe
2014-05-28 00:40 - 2014-05-28 00:46 - 00000000 ____D () C:\AdwCleaner
2014-05-28 00:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-27 22:15 - 2014-05-27 22:15 - 01327971 _____ () C:\Users\Jeremy\Desktop\adwcleaner_3.211.exe
2014-05-27 22:08 - 2014-05-27 22:08 - 00045410 _____ () C:\Users\Jeremy\Desktop\malwarebytes.txt
2014-05-27 03:57 - 2014-05-27 03:57 - 00000000 ____D () C:\Program Files (x86)\jaiztmoe@hotmail.com
2014-05-27 03:57 - 2014-05-27 03:57 - 00000000 ____D () C:\Program Files (x86)\AccountFacebook
2014-05-27 03:40 - 2014-05-27 03:40 - 00000944 _____ () C:\Users\Jeremy\Documents\hosts.txt
2014-05-27 03:31 - 2014-05-27 03:31 - 00003202 _____ () C:\Windows\System32\Tasks\{8B53DC0F-F1AA-4AA8-9191-FAC29058B16C}
2014-05-27 03:31 - 2014-05-27 03:31 - 00000000 ____D () C:\ProgramData\AprelTech
2014-05-26 08:24 - 2014-06-17 02:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 08:22 - 2014-05-26 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-26 08:22 - 2014-05-26 08:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-26 08:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMacros
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\Program Files\Ipswitch
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\Program Files (x86)\Ipswitch
2014-05-24 06:52 - 2014-05-24 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-24 06:52 - 2014-05-24 06:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-24 05:18 - 2014-05-24 05:18 - 04748896 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup414.exe
2014-05-23 10:23 - 2014-05-23 10:23 - 00001855 _____ () C:\Windows\SysWOW64\collectionCache.bnk
 
==================== One Month Modified Files and Folders =======
 
2014-06-22 00:49 - 2014-06-22 00:48 - 00057082 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-06-22 00:49 - 2014-06-22 00:47 - 00023703 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-06-22 00:49 - 2014-06-22 00:47 - 00000000 ____D () C:\FRST
2014-06-22 00:46 - 2014-06-22 00:46 - 02083328 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-06-22 00:33 - 2014-05-22 06:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 00:14 - 2013-09-05 18:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 22:45 - 2012-02-03 05:22 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\foobar2000
2014-06-21 22:08 - 2013-12-15 02:00 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job
2014-06-21 21:01 - 2012-02-03 04:04 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\vlc
2014-06-21 21:01 - 2012-01-20 18:32 - 01928932 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 04:33 - 2014-05-22 06:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 01:08 - 2013-12-15 02:00 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job
2014-06-21 00:28 - 2009-07-14 00:45 - 00020480 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 00:28 - 2009-07-14 00:45 - 00020480 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 17:56 - 2014-05-16 23:04 - 00001842 _____ () C:\Windows\Sandboxie.ini
2014-06-20 09:14 - 2014-06-20 09:12 - 00000053 _____ () C:\Users\Jeremy\Desktop\Music Video Views.txt
2014-06-19 04:28 - 2014-05-22 06:22 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 04:28 - 2014-05-22 06:22 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 06:17 - 2012-02-03 05:04 - 00000623 _____ () C:\Users\Jeremy\Desktop\Cue Up.txt
2014-06-17 20:08 - 2014-02-08 08:15 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps
2014-06-17 18:47 - 2014-06-13 07:38 - 00001232 _____ () C:\Windows\setupact.log
2014-06-17 18:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 18:46 - 2014-06-17 18:46 - 00080016 _____ () C:\Windows\PFRO.log
2014-06-17 18:46 - 2011-02-10 10:02 - 00000000 ____D () C:\Windows\panther
2014-06-17 06:27 - 2014-06-16 22:32 - 00000000 ____D () C:\Users\Jeremy\Desktop\- Texts
2014-06-17 04:39 - 2012-02-25 05:54 - 00000132 _____ () C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-06-17 02:26 - 2014-05-26 08:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 02:09 - 2014-06-17 02:08 - 00000000 ____D () C:\Users\Jeremy\Desktop\Bleeping Computer.com
2014-06-17 02:03 - 2014-06-17 02:03 - 00688992 ____R (Swearware) C:\Users\Jeremy\Desktop\dds.com
2014-06-15 19:53 - 2012-02-07 05:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\WrestlingAudio.com
2014-06-15 01:12 - 2014-06-13 14:17 - 00002122 _____ () C:\Users\Jeremy\Desktop\Rkill.txt
2014-06-14 23:29 - 2014-06-14 23:29 - 00000070 _____ () C:\Users\Jeremy\Desktop\BleepingComputer.txt
2014-06-14 23:29 - 2014-06-14 11:21 - 00001796 _____ () C:\Users\Jeremy\Desktop\chrome.exe.lnk
2014-06-14 19:53 - 2014-06-02 14:18 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe
2014-06-14 09:53 - 2013-12-09 14:35 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Spotify
2014-06-14 09:35 - 2014-06-14 09:35 - 00679056 _____ () C:\Users\Jeremy\Desktop\CodecPackage.exe
2014-06-14 09:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 02:11 - 2014-05-09 00:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-14 02:05 - 2014-06-15 09:11 - 00606643 _____ () C:\Users\Jeremy\Desktop\Your Time (Final Mix).ses
2014-06-13 14:22 - 2014-06-13 14:22 - 00415744 _____ (Farbar) C:\Users\Jeremy\Desktop\FSS.exe
2014-06-13 14:17 - 2014-06-13 14:17 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Jeremy\Desktop\rkill.exe
2014-06-13 14:17 - 2014-06-13 14:17 - 01061112 _____ (Bleeping Computer, LLC) C:\Users\Jeremy\Desktop\rkill64.exe
2014-06-13 13:32 - 2014-05-22 06:22 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 08:02 - 2012-05-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-13 07:59 - 2013-12-09 14:35 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Spotify
2014-06-13 07:54 - 2014-06-13 07:54 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-13 07:54 - 2014-05-10 06:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 07:54 - 2013-03-08 01:47 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-13 07:53 - 2014-06-13 07:53 - 00284224 _____ (Mozilla) C:\Users\Jeremy\Desktop\Firefox Setup Stub 30.0.exe
2014-06-13 07:38 - 2014-06-13 07:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-11 13:25 - 2014-06-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dasample GlaceVerb
2014-06-11 07:05 - 2013-07-22 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 07:03 - 2012-02-03 04:13 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 07:02 - 2012-02-03 08:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 16:55 - 2014-06-10 16:55 - 00562067 _____ (xwen.ca ) C:\Users\Jeremy\Desktop\YRefresher_1_20_Setup.exe
2014-06-10 16:55 - 2014-06-10 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YRefresher
2014-06-10 16:55 - 2014-06-10 16:55 - 00000000 ____D () C:\Program Files (x86)\YRefresher
2014-06-10 12:05 - 2014-06-10 12:05 - 00002161 _____ () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-06-10 12:04 - 2014-06-10 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-10 12:04 - 2014-06-10 12:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-10 12:03 - 2014-06-10 12:03 - 05461664 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-06-08 05:13 - 2014-06-13 12:39 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-13 12:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 02:45 - 2014-06-01 02:57 - 00854367 _____ () C:\Users\Jeremy\Desktop\SecurityCheck.exe
2014-06-05 12:36 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Speech
2014-06-04 15:25 - 2013-07-04 21:57 - 00000000 ____D () C:\Program Files\iZotope
2014-06-04 15:25 - 2013-06-09 19:21 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-06-03 10:38 - 2013-05-14 09:46 - 00000000 ____D () C:\Users\Jeremy\Desktop\Market
2014-06-03 10:36 - 2014-06-03 10:36 - 00003192 _____ () C:\Windows\System32\Tasks\{FE8CF7AE-0509-4B9A-8EAE-8237AA2A4DCD}
2014-06-02 15:19 - 2014-06-02 15:19 - 00325019 _____ () C:\Users\Jeremy\Desktop\Debbie..zip
2014-06-02 14:17 - 2014-06-02 14:16 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-02 14:16 - 2014-06-02 14:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-02 14:16 - 2014-06-02 14:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-02 14:16 - 2014-06-02 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-02 14:16 - 2014-06-02 14:16 - 00000000 ____D () C:\Program Files\Java
2014-06-02 14:12 - 2014-06-02 14:12 - 30984104 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jre-7u60-windows-x64.exe
2014-06-01 23:11 - 2013-09-05 18:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-01 23:11 - 2013-05-10 04:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-01 23:11 - 2013-05-10 04:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-31 12:53 - 2014-05-31 12:53 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-31 12:53 - 2014-05-31 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-31 12:53 - 2012-02-03 04:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-31 12:50 - 2014-05-31 12:50 - 24677393 _____ () C:\Users\Jeremy\Desktop\vlc-2.1.3-win32.exe
2014-05-31 08:30 - 2014-05-31 08:22 - 18456026 _____ ( ) C:\Users\Jeremy\Desktop\K-Lite_Codec_Pack_1050_Standard.exe
2014-05-30 21:25 - 2014-05-30 21:25 - 00037816 _____ () C:\Users\Jeremy\Desktop\Result.txt
2014-05-30 21:23 - 2014-05-30 21:23 - 00982016 _____ (Farbar) C:\Users\Jeremy\Desktop\MiniToolBox.exe
2014-05-30 21:00 - 2014-05-30 21:00 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Conversations Network
2014-05-30 20:46 - 2014-05-30 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conversations Network Levelator
2014-05-30 20:46 - 2014-05-30 20:46 - 00000000 ____D () C:\Program Files (x86)\Levelator
2014-05-30 19:20 - 2013-07-04 21:28 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\BitComet
2014-05-30 11:08 - 2014-05-30 08:18 - 00000000 ____D () C:\Program Files (x86)\MeldaProduction
2014-05-30 09:42 - 2014-05-30 08:18 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\MeldaProduction
2014-05-30 08:18 - 2014-05-30 08:18 - 00000000 ____D () C:\ProgramData\MeldaProduction
2014-05-30 08:13 - 2014-05-30 08:13 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-30 06:21 - 2014-06-13 12:39 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-13 12:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-13 12:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-13 12:39 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-13 12:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-13 12:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-13 12:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-13 12:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-13 12:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-13 12:39 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-13 12:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-13 12:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-13 12:39 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-13 12:39 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-13 12:39 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-13 12:39 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-13 12:39 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-13 12:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-13 12:39 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-13 12:39 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-13 12:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-13 12:39 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-13 12:39 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-13 12:39 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-13 12:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-13 12:39 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-13 12:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-13 12:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-13 12:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-13 12:39 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-13 12:39 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-13 12:39 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-13 12:39 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-13 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-13 12:39 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-13 12:39 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-13 12:39 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-13 12:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-13 12:39 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-13 12:39 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-13 12:39 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-13 12:39 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-13 12:39 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-13 12:39 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-13 12:39 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-13 12:39 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-13 12:39 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-13 12:39 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-13 12:39 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-13 12:39 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-13 12:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-13 12:39 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 19:41 - 2014-05-29 19:41 - 02347384 _____ (ESET) C:\Users\Jeremy\Desktop\esetsmartinstaller_enu.exe
2014-05-29 19:41 - 2014-05-29 19:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 00:57 - 2014-05-28 00:57 - 00000933 _____ () C:\Users\Jeremy\Desktop\JRT.txt
2014-05-28 00:51 - 2014-05-28 00:51 - 01016261 _____ (Thisisu) C:\Users\Jeremy\Desktop\JRT.exe
2014-05-28 00:48 - 2012-11-06 23:58 - 00000000 ____D () C:\Windows\en
2014-05-28 00:46 - 2014-05-28 00:40 - 00000000 ____D () C:\AdwCleaner
2014-05-28 00:45 - 2013-11-04 05:06 - 00001081 _____ () C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-27 22:15 - 2014-05-27 22:15 - 01327971 _____ () C:\Users\Jeremy\Desktop\adwcleaner_3.211.exe
2014-05-27 22:08 - 2014-05-27 22:08 - 00045410 _____ () C:\Users\Jeremy\Desktop\malwarebytes.txt
2014-05-27 03:59 - 2014-04-04 00:00 - 00000000 ____D () C:\Program Files (x86)\FBP - Facebook Blaster Pro
2014-05-27 03:57 - 2014-05-27 03:57 - 00000000 ____D () C:\Program Files (x86)\jaiztmoe@hotmail.com
2014-05-27 03:57 - 2014-05-27 03:57 - 00000000 ____D () C:\Program Files (x86)\AccountFacebook
2014-05-27 03:40 - 2014-05-27 03:40 - 00000944 _____ () C:\Users\Jeremy\Documents\hosts.txt
2014-05-27 03:31 - 2014-05-27 03:31 - 00003202 _____ () C:\Windows\System32\Tasks\{8B53DC0F-F1AA-4AA8-9191-FAC29058B16C}
2014-05-27 03:31 - 2014-05-27 03:31 - 00000000 ____D () C:\ProgramData\AprelTech
2014-05-26 08:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-26 08:24 - 2013-03-06 00:21 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Malwarebytes
2014-05-26 08:24 - 2013-03-06 00:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-26 08:22 - 2014-05-26 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-26 08:22 - 2014-05-26 08:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-26 00:35 - 2013-08-24 05:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMacros
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\Program Files\Ipswitch
2014-05-25 09:39 - 2014-05-25 09:39 - 00000000 ____D () C:\Program Files (x86)\Ipswitch
2014-05-25 09:39 - 2013-05-12 06:27 - 00000000 ____D () C:\Users\Jeremy\Documents\iMacros
2014-05-24 06:52 - 2014-05-24 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-24 06:52 - 2014-05-24 06:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-24 06:35 - 2012-02-03 03:34 - 00000000 ___RD () C:\Users\Jeremy\Dropbox
2014-05-24 06:13 - 2012-01-20 16:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-24 05:19 - 2013-06-28 10:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 05:18 - 2014-05-24 05:18 - 04748896 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup414.exe
2014-05-23 18:21 - 2014-03-27 12:49 - 00183425 _____ () C:\Users\Jeremy\Desktop\God (Final Mix 2).ses
2014-05-23 10:23 - 2014-05-23 10:23 - 00001855 _____ () C:\Windows\SysWOW64\collectionCache.bnk
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-18 12:09
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Jeremy at 2014-06-22 00:49:55
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.19 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0919-000001000000}) (Version: 9.19.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AAMS Auto Audio Mastering System V2.5 (HKLM-x32\...\AAMS Auto Audio Mastering System V2.5) (Version:  - )
Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0.1 (HKLM-x32\...\Abbeyroadplugins EMI RS 124 Compressor_is1) (Version:  - )
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version:  - )
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
AIPL WarmTone DX v2.2 (HKLM-x32\...\AIPL WarmTone DX v2.2) (Version:  - )
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Antares Microphone Modeler - ZONE (HKLM-x32\...\Antares Microphone Modeler - ZONE) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Blaine's Alias Title (HKLM\...\{2758AEE7-EDC9-49B6-9498-7FF378944F3C}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Bloom/Negative Effects (HKLM\...\{4FC89A20-FA00-4AD7-B5E6-AC64E67C4273}) (Version: 1.1.0 - Blaine's Movie Maker Blog)
Blaine's Cartoonify Effects (HKLM\...\{442935B7-87F8-4D86-9E76-41F5A0D82132}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Color Fade Effects (HKLM\...\{1A2D9795-4979-447B-BB34-B8DE7A45B8CE}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Contrast Effects (HKLM\...\{B9BB9850-4A9F-4D16-8089-82EDA9F69650}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Dreamy Look Title (HKLM\...\{36F14E9E-3F89-43EF-948D-D4E1A9021508}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Speed Effects (HKLM\...\{35F7B5BB-670F-4E71-9ED2-C772F17B3C8F}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Film Looks Effects (HKLM\...\{95BCCCA2-447E-4F8F-A4C5-49D5700BE627}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Letterbox Effects (HKLM\...\{53EE9AAB-CD12-454C-BDD8-32BDC289757F}) (Version: 1.0.3 - Blaine's Movie Maker Blog)
Blaine's Pixelate Effects (HKLM\...\{299687D9-4E2A-41F5-84B4-2145AD3A866A}) (Version: 1.0.2 - Blaine's Movie Maker Blog)
Blaine's TV Signal Effects (HKLM\...\{344B6293-5ED2-4091-A574-8D5D14D65AB3}) (Version: 1.0.0 - Blaine's Movie Maker Blog)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version:  - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH110HS_IXUS125HS) (Version: 1.0.0.7 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
ClickFix Lite for Adobe Audition version 3.04 (remove only) (HKLM-x32\...\ClickFix Lite for Adobe Audition version 3.04) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant)
ContaCam (HKLM-x32\...\ContaCam) (Version: 4.0.5 - Contaware.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Capture 6.8 (HKLM-x32\...\FastStone Capture) (Version: 6.8 - FastStone Soft)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright© 2005-2013 FreeSoundRecorder Technologies, Inc.)
FreeUndelete 2.1.36867.1 (HKLM-x32\...\{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software)
GlaceVerb 1.01 (HKLM-x32\...\GlaceVerb_is1) (Version:  - Dasample)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
iMacros for Chrome File Access 1.0.0.805 (HKCU\...\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1) (Version: 1.0.0.805 - Ipswitch, Inc)
iMacros Version 10.0.1.2816 (x64) (HKLM\...\{9C5118F7-E26D-4fc0-B7F4-4A067A0808FA}_is1) (Version: 10.0.1.2816 - Ipswitch, Inc)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Levelator (HKLM-x32\...\Levelator_is1) (Version:  - The Conversations Network)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Studio 7.2.2 (HKLM-x32\...\MixMeister Studio 7.2.2_is1) (Version:  - )
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Moyea FLV to Video Converter Pro version 1.29.2.11 (HKLM-x32\...\{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1) (Version:  - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3 Song Plays Increaser (HKLM-x32\...\{FBC0353C-CAFA-4648-91BC-9299774A80E8}) (Version: 1.0.3 - mp3songplays.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)
Paltalk Messenger  11.2 (HKLM-x32\...\Paltalk Messenger) (Version: 11.2.0 - AVM Software Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - )
Simple Search-Replace (HKLM-x32\...\{85BEDB91-5AB4-4066-8946-4EE980950F82}) (Version: 1.08.0000 - RJL Software, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Sonic Foundry ACID 4.0e (HKLM-x32\...\{9B7DE025-A6AF-446B-86BE-3BD9604B498A}) (Version: 4.0.408 - Sonic Foundry)
Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)
Universal Audio v4.4.0 Native (HKLM-x32\...\Universal Audio v4.4.0 Native) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{8F32B14E-F85E-482C-BF8C-C04E1A5ADE4F}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Waves Complete V9r1 (HKLM-x32\...\{90000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.0.1 - Waves)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Weeny Free PDF Password Remover 1.1 (HKLM-x32\...\Weeny Free PDF Password Remover_is1) (Version:  - Weeny Software)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
YRefresher 1.20 (HKLM-x32\...\YRefresher_is1) (Version:  - xwen.ca)
 
==================== Restore Points  =========================
 
13-06-2014 23:45:28 Windows Backup
14-06-2014 06:10:47 Windows Update
17-06-2014 11:50:32 Windows Update
21-06-2014 01:19:16 Windows Update
 
==================== Hosts content: ==========================
 
2014-05-27 03:41 - 2014-05-27 03:49 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {000BB44C-CE99-4636-893C-73FD773565F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {683E96DA-D02F-49A0-B2C5-92EE1ABC6674} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: {6D68624E-9CCB-4A52-A71B-8B6E72686DC8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software)
Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {D231BA7A-5F2F-44B0-B6C4-D895CFDEA73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {DACA1686-0AE1-46DD-B241-0901A627F733} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {EE44E6C4-F4D7-46EB-B9D2-0080B4AEE915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-01] (Adobe Systems Incorporated)
Task: {F0EFFE04-2F5C-4341-8D1C-D8FC357FF2C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-20 18:07 - 2011-01-27 11:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-08 02:48 - 2013-11-08 02:48 - 01279512 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
2014-05-21 05:51 - 2014-05-21 05:51 - 01308160 _____ () C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.46.exe
2014-01-27 09:04 - 2014-03-18 20:37 - 01094144 _____ () C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
2013-11-08 01:47 - 2013-11-08 01:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
2014-06-17 18:41 - 2014-06-17 17:18 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061701\algo.dll
2014-06-21 15:31 - 2014-06-21 12:23 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062101\algo.dll
2013-12-15 15:26 - 2013-12-15 15:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-12-21 02:04 - 2013-12-21 02:04 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2014-05-21 05:51 - 2014-05-21 05:51 - 03378688 _____ () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\mozjs.dll
2014-03-28 05:35 - 2014-03-28 05:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-13 13:32 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2013-11-08 01:47 - 2013-11-08 01:47 - 36561408 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll
2013-11-08 01:47 - 2013-11-08 01:47 - 00862208 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BITCOMET_HELPER_SERVICE => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MailWasher.lnk => C:\Windows\pss\MailWasher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tube Bot.lnk => C:\Windows\pss\Tube Bot.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_10354613.lnk => C:\Windows\pss\_uninst_10354613.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_24441005.lnk => C:\Windows\pss\_uninst_24441005.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_51818170.lnk => C:\Windows\pss\_uninst_51818170.lnk.Startup
MSCONFIG\startupreg: AddMeFastBotv4.exe => D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jeremy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrowseForTheCause => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe
MSCONFIG\startupreg: BrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\BrowserSyncSetup.exe"repair update startup
MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: ContaCam => C:\Program Files (x86)\ContaCam\ContaCam.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: EV_Autowatcher_Download-Carbon0x => C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6D3B45FEBE36B822DCB3796A57AA2386 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IEBrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\IE\IEBrowserSync.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: Pinger => "C:\Program Files (x86)\Pinger\Pinger.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe
MSCONFIG\startupreg: tsiVideo => C:\Windows\SysWOW64\rundll32.exe C:\Users\Jeremy\AppData\Local\Temp\\mdi264.dll,runme
MSCONFIG\startupreg: urlspace => C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe -h
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/21/2014 00:23:21 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
Description: Health check failure: 
 hr = 0x8004FE22, HealthStatus: 0x0000000000000800
 
Error: (06/19/2014 10:22:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Share YouTube Videos.exe version 1.0.7.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: c90
 
Start Time: 01cf8bc6b8f97ff3
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
 
Report Id: 23df3a90-f7bd-11e3-bb66-d067e52c8165
 
Error: (06/19/2014 09:59:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Share YouTube Videos.exe version 1.0.7.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1504
 
Start Time: 01cf8bc6a68e43a8
 
Termination Time: 10
 
Application Path: C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
 
Report Id: f44cdf70-f7b9-11e3-bb66-d067e52c8165
 
Error: (06/19/2014 06:21:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Share YouTube Videos.exe version 1.0.7.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 136c
 
Start Time: 01cf8b9975ee677f
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
 
Report Id: 6e4e0e2b-f79b-11e3-bb66-d067e52c8165
 
Error: (06/19/2014 04:35:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Share YouTube Videos.exe version 1.0.7.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 834
 
Start Time: 01cf8af2c8299e99
 
Termination Time: 7
 
Application Path: C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
 
Report Id: add2d21d-f78c-11e3-bb66-d067e52c8165
 
Error: (06/19/2014 04:09:13 AM) (Source: Google Update) (EventID: 20) (User: Jeremy-PC)
Description: Network Request Error.
Error: 0x80040880. Http status code: 200.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x800421f7. Http status code 503.
trying WinHTTP.
Send request returned 0x800421f7. Http status code 503.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x800421f7. Http status code 503.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040880. Http status code 200.
trying WinHTTP.
Send request returned 0x80072efe. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request
 
Error: (06/17/2014 08:08:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17126, time stamp: 0x53882e30
Faulting module name: MSHTML.dll, version: 11.0.9600.17126, time stamp: 0x53884c7d
Exception code: 0xc0000005
Fault offset: 0x0077500e
Faulting process id: 0xa20
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (06/17/2014 08:08:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17126, time stamp: 0x53882e30
Faulting module name: MSHTML.dll, version: 11.0.9600.17126, time stamp: 0x53884c7d
Exception code: 0xc0000005
Fault offset: 0x0077500e
Faulting process id: 0x6e4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (06/17/2014 06:47:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/17/2014 06:47:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (06/20/2014 09:19:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (06/20/2014 09:19:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (06/20/2014 09:19:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (06/20/2014 09:19:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (06/20/2014 09:19:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (06/18/2014 00:19:44 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (06/17/2014 06:47:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (06/15/2014 04:03:16 PM) (Source: DCOM) (EventID: 10016) (User: Jeremy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jeremy-PCJeremyS-1-5-21-4055183432-471262313-3685020261-1000LocalHost (Using LRPC)
 
Error: (06/15/2014 01:02:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (06/14/2014 05:58:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-06 01:34:22.151
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-06 01:34:22.098
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-06 01:34:22.044
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-06 01:34:21.990
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-09 15:23:06.934
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-09 15:23:06.888
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-09 15:23:06.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-09 15:23:06.795
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-27 11:19:20.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-27 11:19:20.872
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 70%
Total physical RAM: 6056.63 MB
Available physical RAM: 1815.76 MB
Total Pagefile: 12111.44 MB
Available Pagefile: 6932.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:243.46 GB) NTFS
Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:278.73 GB) NTFS
Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:140.2 GB) NTFS
Drive f: (Backup) (Fixed) (Total:2794.52 GB) (Free:513.67 GB) NTFS
Drive g: (4TB) (Fixed) (Total:3725.9 GB) (Free:2762.22 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3468B252)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
 
==================== End Of Log ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 22 June 2014 - 07:50 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} -  No File
FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Follow the instructions on this page to repair Internet Explorer.
http://support.microsoft.com/kb/318378

Keep me posted

#5 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 23 June 2014 - 02:38 AM

I got Firefox working yesterday by turning off the hardware accelerator option it had checked, but it would keep freezing up. After running this fix and restarting my computer I still have the same problem. I reset Internet Explorer, but it won't even launch now. It's been a long time since it would launch without running it as administrator. Running it as administrator still won't make it launch now though or give me an error or anything. 


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by Jeremy at 2014-06-23 02:56:28 Run:1
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} -  No File
FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
 
End
*****************
 
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => value deleted successfully.
'HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B24BA06E-FB7B-4757-95C2-DC01125F750E} => value deleted successfully.
'HKCR\CLSID\{B24BA06E-FB7B-4757-95C2-DC01125F750E}'=> Key not found.
C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} => Moved successfully.
C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll not found.
NisSrv => Service deleted successfully.
wlcrasvc => Service deleted successfully.
DfSdkS => Service deleted successfully.
PCDSRVC{1E208CE0-FB7451FF-06020101}_0 => Service deleted successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
 
==== End of Fixlog ====


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 23 June 2014 - 08:23 AM

Do a complete repair of Windows.
It may take awhile but let it finish.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark the following options only.

01 - Reset Registry Permissions
02 - Reset File Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
06 - Repair Windows Firewall
07 - Repair Internet Explorer
08 - Repair MDAC & MS Jet
09 - Repair Hosts File
10 - Remove Policies Set By Infections
11 - Repair Start menu icons Removed by Infections
12 - Repair Icons
13 - Repair Winsock & DNS Cache
14 - Remove Temp Files
15 - Repair Proxy Settings
16 - Unhide Non System Files
17 - Repair Windows Updates
18 - Repair CD/DVD Missing/Not Working
19 - Repair Volume Shawdow Volume Copy Service
20 - Repair Windows Sidebar / Gadgets
21 - Repair MSI (Windows Installer)
22 - Repair Windows Snipping Tool
23 - Repair File Associatesions
24 - Repair Windows Safe Mode
25 - Repair Print Spooler
26 - Restore Important Windows Services
27 - Set Windows Services to Default Startup
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
Let me know what problem persists.

#7 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 25 June 2014 - 02:25 AM

It appears that I'm still having all of the same problems. Firefox freezes up while browsing, Internet Explorer still won't launch, still can't install K-lite codec pack, I get program hangups with my recording software adobe audition and the process rarely gets terminated when I close it which has been going on for at least a year, different programs and applications have hangups many times, I can't launch the Spotify desktop client, the imacros extension will no longer be usable in chrome so I have to keep removing it than re-adding the extension, and I'm still getting all these counts of PUP.Optional.BestBuy,A when I scan with malwarebytes,   
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/25/2014
Scan Time: 3:04:51 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.25.02
Rootkit Database: v2014.06.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jeremy
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 339569
Time Elapsed: 14 min, 43 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 12
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\reg_syntax, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\_metadata, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
 
Files: 179
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cplklnmnlbnpmjogncfgfijoopmnlemp_0.localstorage, Delete-on-Reboot, [5a4cb0cc1a6187af96c60fa3c2400000], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cplklnmnlbnpmjogncfgfijoopmnlemp_0.localstorage-journal, Delete-on-Reboot, [6343413b4d2e1a1c57054e64be4415eb], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\AlertFoxLoginDialog.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\AlertFoxLoginDialog.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\AsyncFileIO.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\badge.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\beforePlay.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\beforePlay.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\bg.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\bg.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\browse.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\browse.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\communicator.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\context.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\extractDialog.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\extractDialog.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\fileView.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\fileView.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\folderView.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\folderView.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\loginDialog.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\loginDialog.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\macroView.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\macroView.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\manifest.json, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\mktree.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\mplayer.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\mrecorder.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\nm_connector.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\npimr.dll, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\options.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\options.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\panel.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\panel.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\passwordDialog.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\passwordDialog.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\rijndael.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\sandbox.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\sandbox.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\SOAPClient.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\treeView.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\treeView.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\utils.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\version.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts\bookmarks_handler.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts\connector.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts\player.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts\recorder.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\content_scripts\si_listener.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editor.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editor.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\saveAsDialog.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\saveAsDialog.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\imacro.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\imacro.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\imacro.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\license_apache.txt, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\license_bsd.txt, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\license_lgpl.txt, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\autocompletion.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\edit_area.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\edit_area.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\edit_area_functions.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\edit_area_loader.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\elements_functions.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\highlight.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\keyboard.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\manage_area.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\regexp.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\reg_syntax.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\resize_area.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\search_replace.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\template.html, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\autocompletion.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\close.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\fullscreen.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\go_to_line.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\help.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\highlight.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\load.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\move.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\newdocument.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\opacity.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\processing.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\redo.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\reset_highlight.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\save.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\search.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\smooth_selection.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\spacer.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\statusbar_resize.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\undo.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\images\word_wrap.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\bg.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\cs.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\de.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\dk.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\en.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\eo.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\es.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\fi.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\fr.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\hr.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\it.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\ja.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\mk.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\nl.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\pl.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\pt.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\ru.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\sk.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\langs\zh.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\reg_syntax\imacro.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\editor\editarea\edit_area\reg_syntax\js.js, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Address.csv, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\ArchivePage.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Eval.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Extract.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\ExtractAndFill.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\ExtractRelative.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\ExtractTable.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\ExtractURL.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\FillForm-XPath.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\FillForm.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Frame.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Loop-Csv-2-Web.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Open6Tabs.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Profiler.xsl, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\SaveAs.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\SlideShow.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\Stopwatch.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\samples\TagPosition.iim, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\folder-up.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\AlertFoxLoginDialog.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\beforePlay.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\browse.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\browse.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\cancel.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\capture.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\close.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\common.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\disk.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\edit-disabled.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\edit.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\editor.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\extractDialog.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\folder-index.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\folderClosed.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\folderOpen.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\help.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\imglog.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\lock.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\loginDialog.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo128.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo16.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo19.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo24.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo38.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\logo48.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\loop-disabled.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\loop.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\macroView.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\mycomputer.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\ok.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\options.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\panel.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\passwordDialog.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\pause.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\play-disabled.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\play.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\record.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\save.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\saveas.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\saveAsDialog.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\settings.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\stop.png, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\treeView.css, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\skin\waiting_16x16.gif, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
PUP.Optional.BestBuy.A, C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.5_0\_metadata\verified_contents.json, Quarantined, [5a4c87f5a4d74fe7c6c85051dc261ce4], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 25 June 2014 - 07:45 AM


Run the AdwCleaner tool and uninstall it.

Download the latest version. Run it and clean everything that is found.

Please download AdwCleaner by Xplode onto your Desktop.

===

I would remove Internet Explorer completely.
This will restore you previous version.

Test it and see if you can get it to work.
Do not install any other version for now.
===

Disable all your Firefox Extensions and plugins.

Are you now able to run it successfully?
===

Keep me posted on these issues.

#9 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 27 June 2014 - 12:14 PM

Rolling back to Internet Explorer 10 doesn't make Internet Explorer work for browsing, but it at least allows one of the programs to work that needs it which is odd. I still want to be able to use it though. How can I enable plugins one at a time in safe mode in Firefox so that I can try to figure out what plugin is possibly making Firefox sluggish?


# AdwCleaner v3.213 - Report created 27/06/2014 at 03:30:49
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jeremy - JEREMY-PC
# Running from : C:\Users\Jeremy\Desktop\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jeremy\AppData\Roaming\GrabPro
File Deleted : C:\Program Files\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\prefs.js ]


[ File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\8f4qdz7l.default-1402660292683\prefs.js ]


[ File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\cgycrtqe.default-1402660470974\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=US&userid=17312381-49b9-a5c2-76e3-62ae3089f924&searchtype=ds&q={searchTerms}&installDate=04/11/2013
Deleted [Search Provider] : hxxp://websearch.searchsun.info/?l=1&q={searchTerms}&pid=1091&r=2014/05/16&hid=2995528146703972875&lg=EN&cc=US&unqvl=52
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3321521&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPA88C99E5-1B14-4E6D-BA58-7448E165894D&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [4309 octets] - [28/05/2014 00:40:04]
AdwCleaner[R1].txt - [1370 octets] - [27/06/2014 03:09:27]
AdwCleaner[S0].txt - [4097 octets] - [28/05/2014 00:45:43]
AdwCleaner[S1].txt - [1979 octets] - [27/06/2014 03:30:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2039 octets] ##########

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 27 June 2014 - 01:15 PM

Type about:addons in the URL line this will give you access to the extensions and plugins.

Disable half of them and test.
if the problem persist then it's one of the other half.

===

For Internet Explorer open the Tools menu > Internet options > Advanced tag
in the bottom Click the Reset button.

Click the Applu button.

How is it now?

#11 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 28 June 2014 - 12:04 PM

Ok I tested it out, and the avast! Online Security 9.0.2013.75 plugin is the culprit. When that is disabled it appears that firefox works how it should. I would still like to have that plugin, but obviously a stable version that doesn't cause problems. Maybe there's an update for it that I need to install? With Internet Explorer I reset it, but it still won't open up a webpage. It says 'A problem displaying msn.com caused Interner Explorer to refresh the webpage using Compatibility view' when I start it up. If I try to go to any web address I get the pop up saying internet Explorer has stopped working..



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 28 June 2014 - 01:14 PM

Look at this article.

http://windows.microsoft.com/en-CA/internet-explorer/use-compatibility-view#ie=ie-11

Add msn.com to the list.

How is it now?

#13 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 01 July 2014 - 09:08 AM

It was already added on it's own. I can't visit any site with Internet Explorer, I just get an error and it has to close. I pretty much still have every problem that I started off with when I first joined this forum initially, and now added problems. I still am constantly infected with PUP.Optional.BestBuy.A no matter how many times it's removed. I still get the error pop-up saying "Not running genuine windows". Since using this site Spotify Desktop Client stopped working, FacebookblasterPro, and Enhanceviews Autowatcher (2 programs I use for marketing purpose) no longer even launch. I appreciate the free assistance very very much so I know beggers can't be choosers, but this is very frustrating being the 5th or 6th time going to a forum and being told to run mostly the same exact programs. I'm guessing it's standard procedure, but I'm just frustrated how my problems don't get solved even though I appreciate all the help that I get.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 01 July 2014 - 10:24 AM

Lets concentrate on the popups

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Internet Explorer
Menu > Internet Options > Advanced tab.
Reset IE bottom of the page.
Click the apply button.

===

If all fails

Launch Notepad, and copy/paste all the blue instructions below to it.
Save in: Desktop
File Name: fixme.reg
Save as Type: All files
Click: Save
 

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]


Then, disconnect from the Internet!
Next,
Back on the Desktop, double-click on the fixme.reg file you just saved and click on Yes when asked to merge the information.

On a Vista or Windows 7 operating system right click on the fixme.reg file and run as Administrator.

Optional if the following programs are in your computer.
Note that since the Domains are deleted SpywareBlaster protection must be re-enabled. Spybot's Immunize feature must be used again, also you have to re-install IE-SpyAd if installed.


Keep me posted.

#15 4youte

4youte
  • Topic Starter

  • Members
  • 173 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 03 July 2014 - 06:59 AM

Ok I did everything, but firefox just crashes each time I try to reset it. Internet Explorer still has the same problems. I think Chrome was the one browser working properly this whole time except that it keeps making imacros unusable where I have to keep removing it than re-adding it. Any idea on how to fix that? I followed your instructions for making the reg file, but when I try to open it I get an error saying it's not a specified registry script. Also, when I right click there is no option to run it as administrator. I believe when I douible click it does run it as administrator since I get the usual pop up I get when I run programs as administrator. I'm curious what does ipconfig /flushdns and ipconfig /renew do? Does that give you a new ip address or refreshes your current one, or either? I know I was instructed to run those things in the past for Internet connection issues.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users