Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"C:\Program Files(x86)\BrowserSafeguard\BrowswerSafeguard.exe


  • This topic is locked This topic is locked
2 replies to this topic

#1 beyondme

beyondme

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 29 July 2014 - 11:14 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Administrator (administrator)  on 29-07-2014 09:53:26
Running from C:\Users\Administrator\Downloads
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\skwdldhvtp64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\005\cyycfhtzro64.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Administrator\Downloads\FRST64 (2).exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1208712 2014-05-14] (Autodesk, Inc.)
HKU\S-1-5-21-4241230551-3336522968-1408529049-500\...\Run: [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-4241230551-3336522968-1408529049-500\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-06-16] (Google Inc.)
HKU\S-1-5-21-4241230551-3336522968-1408529049-500\...\Policies\Explorer: [] 
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper Live\PCKeeper.exe" /autorun 
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Angelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Administrator\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-11-25]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.yahoo.com/"
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-09]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-09]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-01]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-09]
CHR Extension: (Google Calendar) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-03-01]
CHR Extension: (Pandora) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-03-01]
CHR Extension: (Google Play Music) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-03-01]
CHR Extension: (Google Maps) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-03-01]
CHR Extension: (Pic and Click San Francisco) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpmjmcgjoidcjgdfmeaajknmjcecdii [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-09]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-09]
CHR Extension: (Extutil) - C:\Users\ADMINI~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-22]
CHR Extension: (Managera) - C:\Users\ADMINI~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-22]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AllDaySavingsService64; C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\skwdldhvtp64.exe [172544 2014-07-17] () [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 cyycfhtzro64; C:\Program Files\005\cyycfhtzro64.exe [709120 2014-07-22] () [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-12] (Hewlett-Packard Company)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S2 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2013-10-30] (Devguru Co., Ltd)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [26712 2011-01-18] (JMicron Technology Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-17] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R3 SRS_PremSoundMon; C:\Windows\System32\drivers\srs_PremSoundMon_amd64.sys [158576 2010-04-28] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-13] ()
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}w64; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys [61072 2014-07-22] (StdLib)
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}w64; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys [61112 2014-04-28] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-29 09:53 - 2014-07-29 09:55 - 00025677 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-07-29 09:52 - 2014-07-29 09:53 - 00000000 ___DC () C:\FRST
2014-07-29 09:52 - 2014-07-29 09:52 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64 (2).exe
2014-07-29 09:51 - 2014-07-29 09:51 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64 (1).exe
2014-07-29 09:48 - 2014-07-29 09:48 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-07-29 09:27 - 2014-07-29 09:27 - 00003002 _____ () C:\Windows\System32\Tasks\{766C60C0-EF9C-4B69-A83D-B6FE484D85AB}
2014-07-28 16:26 - 2014-07-28 16:26 - 00003666 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910
2014-07-28 16:26 - 2014-07-28 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\HpUpdate
2014-07-28 16:26 - 2014-07-28 16:26 - 00000000 ____D () C:\Program Files\HP
2014-07-28 14:47 - 2014-07-28 16:37 - 00763205 _____ () C:\Users\Administrator\Documents\Abbey Group LLC_Business Card.avery
2014-07-28 14:31 - 2014-07-28 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DesktopDPO-d00b9882479ed9b4899926f5c7e44f49
2014-07-28 14:30 - 2014-07-28 14:30 - 00001980 _____ () C:\Users\Public\Desktop\Design&Print.lnk
2014-07-28 14:30 - 2014-07-28 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Products
2014-07-28 14:28 - 2014-07-28 14:30 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-07-28 14:25 - 2014-07-28 14:27 - 223022280 _____ (Avery Products Corporation) C:\Users\Administrator\Downloads\DesignPrint-1.0.0.exe
2014-07-27 12:32 - 2014-07-29 09:27 - 00002053 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-27 11:56 - 2014-07-27 11:56 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-07-26 16:59 - 2014-07-26 17:03 - 00000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-07-26 00:47 - 2014-07-29 09:47 - 00000314 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-26 00:47 - 2014-07-26 00:47 - 00003284 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-26 00:47 - 2014-07-26 00:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\RocketUpdater
2014-07-26 00:47 - 2014-07-26 00:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Media Player Classic
2014-07-26 00:46 - 2014-07-26 00:47 - 00683360 _____ () C:\Program Files (x86)\MediaCodec (1).exe
2014-07-26 00:39 - 2014-07-26 00:39 - 00683360 _____ () C:\Program Files (x86)\MediaCodec.exe
2014-07-25 14:29 - 2014-07-25 14:29 - 00003010 _____ () C:\Windows\System32\Tasks\{BB4DB3CF-4185-4986-8285-85344EEA3A5A}
2014-07-25 14:29 - 2014-07-25 14:29 - 00000000 _____ () C:\Windows\SysWOW64\3D_Custom.VTC
2014-07-25 14:29 - 2013-06-11 17:44 - 00010312 _____ () C:\Windows\SysWOW64\Welcome.htm
2014-07-25 14:20 - 2014-07-26 00:21 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\3D Inspection System 11
2014-07-25 14:20 - 2014-07-25 14:29 - 00000000 ____D () C:\Users\Administrator\Documents\3D Inspection System
2014-07-25 14:20 - 2014-07-25 14:20 - 00000000 ____D () C:\Users\Administrator\Documents\3D Inspection System 11
2014-07-25 14:05 - 2014-07-25 14:05 - 00002099 _____ () C:\Users\Public\Desktop\3D Inspection System 12.lnk
2014-07-25 14:05 - 2014-07-25 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Inspection System
2014-07-25 14:03 - 2014-07-25 14:03 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\3D Installation
2014-07-25 13:40 - 2014-07-25 13:40 - 00003066 _____ () C:\Windows\System32\Tasks\{76C20044-83BC-4FFA-B1BB-E6ECD5AB5228}
2014-07-25 13:08 - 2014-07-25 13:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-25 13:05 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-25 13:05 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-25 13:05 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-25 13:05 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-25 12:35 - 2014-07-25 12:35 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Oracle
2014-07-24 18:11 - 2014-07-24 18:11 - 00002166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-24 18:11 - 2014-07-24 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-24 18:11 - 2014-07-24 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-24 17:17 - 2014-07-24 17:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Deployment
2014-07-24 16:42 - 2014-07-24 16:42 - 00003144 _____ () C:\Windows\System32\Tasks\{75EEDB3D-E9B9-4690-8DAC-AFF3CFF029B8}
2014-07-24 16:41 - 2014-07-24 16:41 - 00003144 _____ () C:\Windows\System32\Tasks\{19DB1080-19D7-498E-81D0-E83263CA21F1}
2014-07-24 15:55 - 2014-07-24 15:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Kromtech
2014-07-24 15:54 - 2014-07-24 15:54 - 00000000 ____D () C:\ProgramData\Kromtech
2014-07-24 13:05 - 2014-07-24 13:05 - 00003144 _____ () C:\Windows\System32\Tasks\{E032725D-A0E1-493D-B381-36E2F93EA4EB}
2014-07-24 07:14 - 2014-07-24 07:14 - 00000000 ____D () C:\Users\Administrator\Documents\Inspection Reports
2014-07-24 07:13 - 2014-07-24 07:16 - 00000000 ____D () C:\Users\Administrator\Documents\HomeGauge
2014-07-23 07:50 - 2014-07-23 07:50 - 00003064 _____ () C:\Windows\System32\Tasks\HpWebReg.exe
2014-07-22 16:13 - 2014-07-22 16:13 - 00003432 _____ () C:\Windows\System32\Tasks\BrowserSafeguard
2014-07-22 15:46 - 2014-07-24 17:39 - 10260480 _____ () C:\Users\Administrator\AppData\Local\ChromeHitoryDB
2014-07-22 15:45 - 2014-07-25 09:02 - 00000000 ____D () C:\Program Files (x86)\Open JDK Explorer
2014-07-22 15:45 - 2014-07-22 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
2014-07-22 15:43 - 2014-07-29 09:41 - 00000000 ____D () C:\Program Files\AllDaySavings
2014-07-22 15:43 - 2014-07-22 15:52 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2014-07-22 15:42 - 2014-07-22 15:42 - 00000000 ____D () C:\Program Files\005
2014-07-22 15:39 - 2014-07-22 15:39 - 00321912 _____ (System Applet ) C:\Users\Angelo\Downloads\Java_Updater_Setup (1).exe
2014-07-22 15:31 - 2014-07-22 12:05 - 00061072 _____ (StdLib) C:\Windows\system32\Drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
2014-07-22 14:42 - 2014-07-22 14:42 - 00000043 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG
2014-07-22 13:43 - 2014-07-22 13:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Systweak
2014-07-22 13:43 - 2014-07-22 13:44 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-22 13:43 - 2014-07-22 13:43 - 00003366 _____ () C:\Windows\System32\Tasks\ASP
2014-07-22 13:43 - 2014-07-16 16:43 - 00020280 _____ () C:\Windows\system32\roboot64.exe
2014-07-22 13:42 - 2014-07-22 13:42 - 00679536 _____ ( ) C:\Users\Angelo\Downloads\ZipOpenerSetup.exe
2014-07-22 12:49 - 2014-07-22 12:49 - 00003144 _____ () C:\Windows\System32\Tasks\{4939076A-62B8-42E0-A0A3-69A89D49755D}
2014-07-22 12:46 - 2014-07-22 12:46 - 00003144 _____ () C:\Windows\System32\Tasks\{BE9B4D25-6636-4D79-9234-A2FC7D58BD2F}
2014-07-22 12:42 - 2014-07-22 12:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Inspector Pro
2014-07-21 10:34 - 2014-07-21 10:34 - 01387168 _____ () C:\Users\Angelo\Downloads\setup.exe
2014-07-17 12:56 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-17 12:56 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-17 12:56 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-17 12:56 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-17 12:54 - 2014-07-17 12:56 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 12:46 - 2014-07-17 12:46 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
2014-07-12 07:47 - 2014-07-12 07:47 - 03537390 _____ () C:\Users\Administrator\Downloads\03.wmv
2014-07-10 02:23 - 2014-07-10 02:23 - 00000480 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Login.website
2014-07-10 02:00 - 2014-07-10 02:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-07-10 01:58 - 2014-07-10 01:58 - 00284224 _____ (Mozilla) C:\Users\Administrator\Downloads\Firefox Setup Stub 30.0.exe
2014-07-09 07:10 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 07:10 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 07:10 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 07:10 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 07:10 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 07:10 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 07:10 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 07:10 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 07:10 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 07:10 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 07:10 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 07:10 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 07:10 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 07:10 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 07:10 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 07:10 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 07:10 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 07:10 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 07:10 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 07:10 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 07:10 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 07:10 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 07:10 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 07:10 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 07:10 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 07:10 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 07:10 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 07:10 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 07:10 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 07:10 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 07:10 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 07:10 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 07:10 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 07:10 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 07:10 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 07:10 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 07:10 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 07:10 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 07:10 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 07:10 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 07:10 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 07:10 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 07:10 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 07:10 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 07:10 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 07:10 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 07:10 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 07:10 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 07:10 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 07:10 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 07:10 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 07:10 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 07:10 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 07:10 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 07:10 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 07:10 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 07:10 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:10 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:10 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:10 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:10 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 07:10 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:09 - 2014-07-09 07:09 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 07:07 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:07 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:07 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-05 16:07 - 2014-07-05 16:07 - 00000000 ___SD () C:\Users\Administrator\Documents\My Data Sources
2014-07-01 14:36 - 2014-07-02 07:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Bazwise
2014-07-01 14:36 - 2014-07-01 14:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Bazwise
2014-07-01 14:35 - 2014-07-02 07:22 - 00000000 ____D () C:\ProgramData\Bitser
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Users\Administrator\Documents\Bitser-30-MAR-2014-V100
2014-06-29 16:06 - 2014-06-29 16:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-29 13:09 - 2014-06-29 13:09 - 00002258 _____ () C:\Windows\SysWOW64\collectionCache.bnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-29 09:55 - 2014-07-29 09:53 - 00025677 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-07-29 09:53 - 2014-07-29 09:52 - 00000000 ___DC () C:\FRST
2014-07-29 09:52 - 2014-07-29 09:52 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64 (2).exe
2014-07-29 09:51 - 2014-07-29 09:51 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64 (1).exe
2014-07-29 09:48 - 2014-07-29 09:48 - 02093568 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-07-29 09:47 - 2014-07-26 00:47 - 00000314 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-29 09:41 - 2014-07-22 15:43 - 00000000 ____D () C:\Program Files\AllDaySavings
2014-07-29 09:40 - 2009-07-13 23:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 09:40 - 2009-07-13 23:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 09:37 - 2012-04-24 18:08 - 01570916 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 09:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-07-29 09:33 - 2013-12-14 12:17 - 00000095 _____ () C:\Users\Administrator\.accessibility.properties
2014-07-29 09:33 - 2013-12-09 16:21 - 00000000 ____D () C:\Users\Administrator
2014-07-29 09:33 - 2013-11-16 12:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 09:32 - 2014-05-13 12:41 - 00021616 _____ () C:\Windows\setupact.log
2014-07-29 09:32 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 09:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-07-29 09:31 - 2012-04-24 18:58 - 00503346 _____ () C:\Windows\PFRO.log
2014-07-29 09:30 - 2012-05-11 01:08 - 00000000 ____D () C:\ProgramData\HP
2014-07-29 09:30 - 2012-05-11 01:08 - 00000000 ____D () C:\Program Files (x86)\HP
2014-07-29 09:27 - 2014-07-29 09:27 - 00003002 _____ () C:\Windows\System32\Tasks\{766C60C0-EF9C-4B69-A83D-B6FE484D85AB}
2014-07-29 09:27 - 2014-07-27 12:32 - 00002053 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-29 09:20 - 2014-02-04 09:10 - 00000000 ____D () C:\Users\DefaultAppPool
2014-07-29 09:09 - 2013-02-27 15:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 09:04 - 2013-11-21 17:13 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4241230551-3336522968-1408529049-1000UA.job
2014-07-29 09:03 - 2013-11-16 12:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 08:04 - 2013-11-21 17:13 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4241230551-3336522968-1408529049-1000Core.job
2014-07-29 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-07-28 16:37 - 2014-07-28 14:47 - 00763205 _____ () C:\Users\Administrator\Documents\Abbey Group LLC_Business Card.avery
2014-07-28 16:27 - 2012-04-24 19:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-07-28 16:27 - 2012-04-24 19:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-28 16:26 - 2014-07-28 16:26 - 00003666 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910
2014-07-28 16:26 - 2014-07-28 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\HpUpdate
2014-07-28 16:26 - 2014-07-28 16:26 - 00000000 ____D () C:\Program Files\HP
2014-07-28 14:31 - 2014-07-28 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DesktopDPO-d00b9882479ed9b4899926f5c7e44f49
2014-07-28 14:30 - 2014-07-28 14:30 - 00001980 _____ () C:\Users\Public\Desktop\Design&Print.lnk
2014-07-28 14:30 - 2014-07-28 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Products
2014-07-28 14:30 - 2014-07-28 14:28 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-07-28 14:27 - 2014-07-28 14:25 - 223022280 _____ (Avery Products Corporation) C:\Users\Administrator\Downloads\DesignPrint-1.0.0.exe
2014-07-28 11:14 - 2013-12-12 16:08 - 01949695 _____ () C:\Windows\system32\webservice4.log
2014-07-27 11:58 - 2013-12-12 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\HP
2014-07-27 11:56 - 2014-07-27 11:56 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-07-26 17:03 - 2014-07-26 16:59 - 00000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-07-26 00:47 - 2014-07-26 00:47 - 00003284 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-26 00:47 - 2014-07-26 00:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\RocketUpdater
2014-07-26 00:47 - 2014-07-26 00:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Media Player Classic
2014-07-26 00:47 - 2014-07-26 00:46 - 00683360 _____ () C:\Program Files (x86)\MediaCodec (1).exe
2014-07-26 00:39 - 2014-07-26 00:39 - 00683360 _____ () C:\Program Files (x86)\MediaCodec.exe
2014-07-26 00:21 - 2014-07-25 14:20 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\3D Inspection System 11
2014-07-25 19:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-25 14:29 - 2014-07-25 14:29 - 00003010 _____ () C:\Windows\System32\Tasks\{BB4DB3CF-4185-4986-8285-85344EEA3A5A}
2014-07-25 14:29 - 2014-07-25 14:29 - 00000000 _____ () C:\Windows\SysWOW64\3D_Custom.VTC
2014-07-25 14:29 - 2014-07-25 14:20 - 00000000 ____D () C:\Users\Administrator\Documents\3D Inspection System
2014-07-25 14:20 - 2014-07-25 14:20 - 00000000 ____D () C:\Users\Administrator\Documents\3D Inspection System 11
2014-07-25 14:20 - 2013-07-08 13:00 - 00000000 ____D () C:\Program Files (x86)\3D Inspection System 11
2014-07-25 14:05 - 2014-07-25 14:05 - 00002099 _____ () C:\Users\Public\Desktop\3D Inspection System 12.lnk
2014-07-25 14:05 - 2014-07-25 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Inspection System
2014-07-25 14:03 - 2014-07-25 14:03 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\3D Installation
2014-07-25 14:01 - 2011-10-28 16:41 - 00000000 ___DC () C:\Software
2014-07-25 13:40 - 2014-07-25 13:40 - 00003066 _____ () C:\Windows\System32\Tasks\{76C20044-83BC-4FFA-B1BB-E6ECD5AB5228}
2014-07-25 13:15 - 2009-07-13 23:46 - 00005806 _____ () C:\Windows\DtcInstall.log
2014-07-25 13:09 - 2013-10-06 05:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 13:09 - 2013-10-06 05:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 13:08 - 2014-07-25 13:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-25 13:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-25 13:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-25 12:35 - 2014-07-25 12:35 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Oracle
2014-07-25 09:02 - 2014-07-22 15:45 - 00000000 ____D () C:\Program Files (x86)\Open JDK Explorer
2014-07-25 03:04 - 2013-10-06 05:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 18:11 - 2014-07-24 18:11 - 00002166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-24 18:11 - 2014-07-24 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-24 18:11 - 2014-07-24 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-24 18:11 - 2012-04-24 19:50 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-07-24 18:04 - 2013-03-25 05:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-07-24 17:53 - 2009-07-14 00:13 - 00885462 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-24 17:46 - 2014-06-06 18:29 - 00000000 ___RD () C:\Users\Administrator\Dropbox
2014-07-24 17:45 - 2013-03-25 06:11 - 00000000 ____D () C:\Windows\pss
2014-07-24 17:39 - 2014-07-22 15:46 - 10260480 _____ () C:\Users\Administrator\AppData\Local\ChromeHitoryDB
2014-07-24 17:38 - 2014-07-24 17:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Deployment
2014-07-24 17:35 - 2014-05-24 14:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Spotify
2014-07-24 17:35 - 2014-05-24 14:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Spotify
2014-07-24 17:35 - 2013-12-27 23:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Dropbox
2014-07-24 17:17 - 2013-12-14 12:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Apps\2.0
2014-07-24 16:42 - 2014-07-24 16:42 - 00003144 _____ () C:\Windows\System32\Tasks\{75EEDB3D-E9B9-4690-8DAC-AFF3CFF029B8}
2014-07-24 16:41 - 2014-07-24 16:41 - 00003144 _____ () C:\Windows\System32\Tasks\{19DB1080-19D7-498E-81D0-E83263CA21F1}
2014-07-24 15:55 - 2014-07-24 15:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Kromtech
2014-07-24 15:54 - 2014-07-24 15:54 - 00000000 ____D () C:\ProgramData\Kromtech
2014-07-24 13:18 - 2014-02-03 19:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Google
2014-07-24 13:05 - 2014-07-24 13:05 - 00003144 _____ () C:\Windows\System32\Tasks\{E032725D-A0E1-493D-B381-36E2F93EA4EB}
2014-07-24 07:16 - 2014-07-24 07:13 - 00000000 ____D () C:\Users\Administrator\Documents\HomeGauge
2014-07-24 07:14 - 2014-07-24 07:14 - 00000000 ____D () C:\Users\Administrator\Documents\Inspection Reports
2014-07-23 17:25 - 2014-06-06 18:29 - 00001058 _____ () C:\Users\Administrator\Desktop\Dropbox.lnk
2014-07-23 17:25 - 2014-06-06 18:15 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-23 07:50 - 2014-07-23 07:50 - 00003064 _____ () C:\Windows\System32\Tasks\HpWebReg.exe
2014-07-22 16:13 - 2014-07-22 16:13 - 00003432 _____ () C:\Windows\System32\Tasks\BrowserSafeguard
2014-07-22 15:52 - 2014-07-22 15:43 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2014-07-22 15:45 - 2014-07-22 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
2014-07-22 15:42 - 2014-07-22 15:42 - 00000000 ____D () C:\Program Files\005
2014-07-22 15:39 - 2014-07-22 15:39 - 00321912 _____ (System Applet ) C:\Users\Angelo\Downloads\Java_Updater_Setup (1).exe
2014-07-22 15:32 - 2009-07-13 21:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-22 14:42 - 2014-07-22 14:42 - 00000043 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG
2014-07-22 13:44 - 2014-07-22 13:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Systweak
2014-07-22 13:44 - 2014-07-22 13:43 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-22 13:43 - 2014-07-22 13:43 - 00003366 _____ () C:\Windows\System32\Tasks\ASP
2014-07-22 13:42 - 2014-07-22 13:42 - 00679536 _____ ( ) C:\Users\Angelo\Downloads\ZipOpenerSetup.exe
2014-07-22 12:49 - 2014-07-22 12:49 - 00003144 _____ () C:\Windows\System32\Tasks\{4939076A-62B8-42E0-A0A3-69A89D49755D}
2014-07-22 12:46 - 2014-07-22 12:46 - 00003144 _____ () C:\Windows\System32\Tasks\{BE9B4D25-6636-4D79-9234-A2FC7D58BD2F}
2014-07-22 12:42 - 2014-07-22 12:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Inspector Pro
2014-07-22 12:05 - 2014-07-22 15:31 - 00061072 _____ (StdLib) C:\Windows\system32\Drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
2014-07-21 12:38 - 2014-05-21 14:27 - 00000000 ____D () C:\Users\Angelo\Documents\610 Randolph 2
2014-07-21 10:34 - 2014-07-21 10:34 - 01387168 _____ () C:\Users\Angelo\Downloads\setup.exe
2014-07-21 09:50 - 2012-04-24 19:36 - 00000000 ____D () C:\Users\Angelo\Documents\Online Purchases
2014-07-17 12:56 - 2014-07-17 12:54 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 12:56 - 2013-10-31 17:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 12:56 - 2012-09-04 07:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 12:46 - 2014-07-17 12:46 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
2014-07-17 11:05 - 2014-04-02 13:28 - 00000000 ____D () C:\Users\Administrator\Documents\IRS
2014-07-16 16:43 - 2014-07-22 13:43 - 00020280 _____ () C:\Windows\system32\roboot64.exe
2014-07-12 12:22 - 2013-12-27 23:18 - 00000000 ___RD () C:\Users\Angelo\Dropbox
2014-07-12 08:05 - 2012-04-24 20:03 - 00000000 ____D () C:\Users\Angelo\AppData\Roaming\Mozilla
2014-07-12 07:59 - 2014-05-04 07:47 - 00000000 ____D () C:\Users\Angelo\AppData\Roaming\DropboxMaster
2014-07-12 07:59 - 2013-12-27 23:15 - 00000000 ____D () C:\Users\Angelo\AppData\Roaming\Dropbox
2014-07-12 07:59 - 2013-11-21 17:13 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4241230551-3336522968-1408529049-1000UA
2014-07-12 07:59 - 2013-11-21 17:13 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4241230551-3336522968-1408529049-1000Core
2014-07-12 07:47 - 2014-07-12 07:47 - 03537390 _____ () C:\Users\Administrator\Downloads\03.wmv
2014-07-11 03:02 - 2014-07-17 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-17 12:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-17 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-17 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 07:24 - 2013-11-15 12:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-10 07:17 - 2009-07-13 23:45 - 05146576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 03:22 - 2009-07-14 02:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:06 - 2012-04-24 20:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 03:05 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:02 - 2012-04-24 16:52 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 02:25 - 2014-02-26 12:49 - 00000000 ____D () C:\Users\Angelo\Documents\Facebook
2014-07-10 02:23 - 2014-07-10 02:23 - 00000480 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Login.website
2014-07-10 02:00 - 2014-07-10 02:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-07-10 01:58 - 2014-07-10 01:58 - 00284224 _____ (Mozilla) C:\Users\Administrator\Downloads\Firefox Setup Stub 30.0.exe
2014-07-09 07:09 - 2014-07-09 07:09 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 07:09 - 2013-07-12 13:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 07:09 - 2013-02-27 15:38 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 07:09 - 2013-02-27 15:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-05 16:07 - 2014-07-05 16:07 - 00000000 ___SD () C:\Users\Administrator\Documents\My Data Sources
2014-07-05 14:43 - 2013-12-09 16:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-07-02 08:43 - 2014-06-06 20:09 - 00000000 ____D () C:\Users\Administrator\Documents\Outlook Files
2014-07-02 08:06 - 2013-12-09 16:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-02 07:22 - 2014-07-01 14:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Bazwise
2014-07-02 07:22 - 2014-07-01 14:35 - 00000000 ____D () C:\ProgramData\Bitser
2014-07-01 14:36 - 2014-07-01 14:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Bazwise
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Users\Administrator\Documents\Bitser-30-MAR-2014-V100
2014-06-29 21:09 - 2014-07-25 13:05 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 21:04 - 2014-07-25 13:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 16:06 - 2014-06-29 16:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-29 13:09 - 2014-06-29 13:09 - 00002258 _____ () C:\Windows\SysWOW64\collectionCache.bnk
 
Files to move or delete:
====================
C:\Users\Administrator\DriverUpdate-setup.exe
C:\ProgramData\dsgsdgdsgdsgw.bat
C:\ProgramData\dsgsdgdsgdsgw.reg
C:\Users\Angelo\SketchUpPro-en.exe
 
 
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\temp\12691uninstall.exe
C:\Users\Administrator\AppData\Local\temp\AcDeltree.exe
C:\Users\Administrator\AppData\Local\temp\CloudBackup8242.exe
C:\Users\Administrator\AppData\Local\temp\DIFxAPI.dll
C:\Users\Administrator\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu8iwh1.dll
C:\Users\Administrator\AppData\Local\temp\HPInstaller.exe
C:\Users\Administrator\AppData\Local\temp\ICReinstall_MediaCodec.exe
C:\Users\Administrator\AppData\Local\temp\ICReinstall_ZipOpenerSetup.exe
C:\Users\Administrator\AppData\Local\temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Administrator\AppData\Local\temp\nsaAC28.exe
C:\Users\Administrator\AppData\Local\temp\nsb10F3.exe
C:\Users\Administrator\AppData\Local\temp\nsfB03E.exe
C:\Users\Administrator\AppData\Local\temp\nsuC84E.tmp.exe
C:\Users\Administrator\AppData\Local\temp\nsvD667.exe
C:\Users\Administrator\AppData\Local\temp\nsvDBE4.exe
C:\Users\Administrator\AppData\Local\temp\System.Data.SQLite.dll
C:\Users\Administrator\AppData\Local\temp\System.Data.SQLite27393.dll
C:\Users\Administrator\AppData\Local\temp\System.Data.SQLite67751.dll
C:\Users\Administrator\AppData\Local\temp\UNINSTALL.EXE
C:\Users\Angelo\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuhtbx8.dll
C:\Users\Angelo\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Angelo\AppData\Local\temp\lowproc.exe
C:\Users\Angelo\AppData\Local\temp\stubhelper.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 04:53
 
==================== End Of Log ============================

Edited by hamluis, 29 July 2014 - 11:24 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 03 August 2014 - 11:15 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/542635 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 08 August 2014 - 11:20 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users