Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Programs start automatically, popups, couldn't install Mbam


  • This topic is locked This topic is locked
29 replies to this topic

#1 Twin B

Twin B

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 02 September 2014 - 09:22 PM

I was working with Broni in the Am I Infected forum & was instructed to create new topic in in this section. Here is the link, the title of the topic is the same in both forums: 

 

http://www.bleepingcomputer.com/forums/t/546172/programs-start-automatically-popups-cannot-install-mbam/

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.21.2
Run by Elise at 19:54:06 on 2014-09-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3835.2151 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Safari\Safari.exe
C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\splwow64.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3282134&octid=CT3282134&SearchSource=61&CUI=UN31266680868004247&UM=UM_ID&UP=SP7F319DEC-6EC4-417C-948E-C457CF7BF66F&SSPV=
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: WiseConvert B Toolbar: {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll
mURLSearchHooks: WiseConvert B Toolbar: {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Speed Test: {1B084C86-9657-42F9-A5E5-AC8DD832CDE9} - C:\Program Files (x86)\Speed Test\ScriptHost.dll
BHO: WiseConvert B Toolbar: {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll
BHO: PriceCHop: {3C7F44CD-40A5-090A-925D-B0EC3E40520B} - 
BHO: SAVeMasS: {56660CF0-CABC-152A-A23C-B47AAFF00449} - 
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: WiseConvert B Toolbar: {2713B394-286F-4D7C-89EA-4174EEAB9F5A} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: WiseConvert B Toolbar: {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [Facebook Update] "C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [HP ENVY 110 series (NET)] "C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN193C22XF05RB:NW" -scfn "HP ENVY 110 series (NET)" -AutoStart 1
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Driver Restore] C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe /applicationMode:systemTray /showWelcome:false
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect"
StartupFolder: C:\Users\Elise\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
StartupFolder: C:\Users\Elise\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{4F28A38E-5277-4C69-AF05-DE43523C7E0B} : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{4F28A38E-5277-4C69-AF05-DE43523C7E0B}\140707C656023547F62756 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{4F28A38E-5277-4C69-AF05-DE43523C7E0B}\84F4D454D223131323 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{87BD0187-877E-4830-8B88-630E4EBAB11F} : DHCPNameServer = 192.168.0.1 205.171.3.25
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
x64-BHO: Speed Test: {1B084C86-9657-42F9-A5E5-AC8DD832CDE9} - C:\Program Files (x86)\Speed Test\ScriptHost64.dll
x64-BHO: PriceCHop: {3C7F44CD-40A5-090A-925D-B0EC3E40520B} - C:\Program Files (x86)\PriceCHop\EYS6S6psL.x64.dll
x64-BHO: SAVeMasS: {56660CF0-CABC-152A-A23C-B47AAFF00449} - C:\Program Files (x86)\SAVeMasS\4V3sT8.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe
x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/06/21 01:57:10];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-6-21 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-6-21 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-16 202752]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-5 338168]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-1-27 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [2013-5-18 132504]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2010-5-17 1615176]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-6 2184496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-21 295424]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-6-21 38456]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-7-22 36424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 CltMngSvc;Search Protect Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-8-31 2998232]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-27 111616]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-6-21 239136]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-6 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-9 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-09-03 00:44:15 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-02 03:41:24 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-09-01 23:18:18 -------- d-----w- C:\Windows\pss
2014-08-29 15:09:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-29 14:53:08 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-29 14:53:08 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-29 14:53:07 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-29 14:53:07 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-29 14:53:06 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-29 14:53:06 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-29 14:52:55 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-29 14:52:55 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-28 17:05:15 -------- d-sh--w- C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 17:05:15 -------- d-sh--w- C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 16:52:32 128728 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-28 16:52:16 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-28 16:52:16 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-08-28 04:51:04 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-08-28 04:51:04 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-08-28 04:46:59 810176 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-08-28 04:31:53 -------- d-----w- C:\Program Files\iPod
2014-08-28 04:31:44 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-28 04:31:44 -------- d-----w- C:\Program Files\iTunes
2014-08-28 04:31:44 -------- d-----w- C:\Program Files (x86)\iTunes
2014-08-06 06:41:23 -------- d-----w- C:\Users\Elise\AppData\Roaming\Optimizer Pro
2014-08-06 06:34:13 -------- d-----w- C:\Users\Elise\AppData\Roaming\Performersoft
2014-08-06 06:34:05 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2014-08-06 06:34:04 -------- d-----w- C:\Program Files (x86)\Video Performer
2014-08-06 06:34:01 -------- d-----w- C:\Program Files (x86)\Speed Test
2014-08-06 06:33:58 3421696 ----a-w- C:\Windows\performersoftsetup.dll
2014-08-06 06:33:58 -------- d-----w- C:\Users\Elise\AppData\Local\speedtest199
2014-08-06 06:33:58 -------- d-----w- C:\Program Files (x86)\PC Performer
2014-08-06 06:26:12 -------- d-----w- C:\Program Files (x86)\LiveSupport
2014-08-06 06:26:06 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2014-08-06 06:25:41 -------- d-----w- C:\ProgramData\Trusted Publisher
2014-08-06 06:25:35 -------- d-----w- C:\Program Files (x86)\PC_Booster
2014-08-06 06:25:27 -------- d-----w- C:\ProgramData\PriceCHop
2014-08-06 06:25:25 -------- d-----w- C:\Program Files (x86)\PriceCHop
2014-08-06 06:25:20 -------- d-----w- C:\ProgramData\f37dee9e04f41f9c
2014-08-06 06:25:19 -------- d-----w- C:\Users\Elise\AppData\Local\Packages
2014-08-06 06:25:19 -------- d-----w- C:\ProgramData\SAVeMasS
2014-08-06 06:25:16 -------- d-----w- C:\Users\Elise\AppData\Local\Torch
2014-08-06 06:25:16 -------- d-----w- C:\Users\Elise\AppData\Local\Chromatic Browser
2014-08-06 06:25:16 -------- d-----w- C:\Program Files (x86)\SAVeMasS
2014-08-06 06:25:15 -------- d-----w- C:\Users\Elise\AppData\Local\Comodo
2014-08-06 06:05:22 -------- d-----w- C:\9dce5f092a6de9880e097ba42f84
.
==================== Find3M  ====================
.
2014-08-31 09:00:12 7443416 ----a-w- C:\Windows\apppatch\spbin\SPVC32.dll
2014-08-31 09:00:12 5489112 ----a-w- C:\Windows\apppatch\spbin\cltmng.exe
2014-08-31 09:00:12 4813272 ----a-w- C:\Windows\apppatch\spbin\SPVC64.dll
2014-08-31 09:00:12 232408 ----a-w- C:\Windows\apppatch\spbin\SPVC64Loader.dll
2014-08-31 09:00:12 232408 ----a-w- C:\Windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-08-31 09:00:12 187352 ----a-w- C:\Windows\apppatch\spbin\SPVC32Loader.dll
2014-08-31 09:00:12 1726936 ----a-w- C:\Windows\apppatch\spbin\SPTool64.exe
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-07-26 02:59:14 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-26 02:59:14 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-26 02:59:07 19178160 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 19:54:32.66 ===============
 

 

 

 

Attached Files


I've learned blood is not thicker than money. 

 


BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 03 September 2014 - 06:07 PM

:welcome:

Hello Twin B,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 03 September 2014 - 08:26 PM

Hi Jo*: my name is Joe too, thanks for helping me with this problem. Here are the logs:

 

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Flash Player 14.0.0.145  
 Adobe Reader XI  
 Google Chrome 34.0.1847.131  
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log`````````````````````` 
 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Elise (administrator) on DAVIS-PC on 03-09-2014 19:19:43
Running from C:\Users\Elise\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
() C:\ProgramData\Trusted Publisher\PC_Booster\PC_Booster.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(Facebook) C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] => C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-05-18] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Facebook Update] => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-03] (Facebook Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-28] (Google Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Driver Restore] => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [3598712 2013-04-29] (PC Drivers Headquarters)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-07-29] (PC Utilities Software Limited)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [LiveSupport] => C:\Program Files (x86)\LiveSupport\LiveSupport.exe [1005056 2014-03-18] (PC Utilities Software Limited)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs:  C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL => C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
URLSearchHook: HKLM-x32 - WiseConvert B Toolbar - {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - WiseConvert B Toolbar - {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {28915790-0a6f-4257-8a56-df65647be253} URL = http://www.searchalgo.com/search.html?&q={searchTerms}&cid=4301
SearchScopes: HKCU - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = 
BHO: Speed Test -> {1B084C86-9657-42F9-A5E5-AC8DD832CDE9} -> C:\Program Files (x86)\Speed Test\ScriptHost64.dll (BestOffers)
BHO: PriceCHop -> {3C7F44CD-40A5-090A-925D-B0EC3E40520B} -> C:\Program Files (x86)\PriceCHop\EYS6S6psL.x64.dll ()
BHO: SAVeMasS -> {56660CF0-CABC-152A-A23C-B47AAFF00449} -> C:\Program Files (x86)\SAVeMasS\4V3sT8.x64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Speed Test -> {1B084C86-9657-42F9-A5E5-AC8DD832CDE9} -> C:\Program Files (x86)\Speed Test\ScriptHost.dll (BestOffers)
BHO-x32: WiseConvert B Toolbar -> {2713b394-286f-4d7c-89ea-4174eeab9f5a} -> C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll (Conduit Ltd.)
BHO-x32: PriceCHop -> {3C7F44CD-40A5-090A-925D-B0EC3E40520B} -> C:\Program Files (x86)\PriceCHop\EYS6S6psL.dll No File
BHO-x32: SAVeMasS -> {56660CF0-CABC-152A-A23C-B47AAFF00449} -> C:\Program Files (x86)\SAVeMasS\4V3sT8.dll No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - WiseConvert B Toolbar - {2713b394-286f-4d7c-89ea-4174eeab9f5a} - C:\Program Files (x86)\WiseConvert_B\prxtbWise.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {2713B394-286F-4D7C-89EA-4174EEAB9F5A} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Elise\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-08]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-09-09]
FF HKCU\...\Firefox\Extensions: [speedtest199@BestOffers] - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
FF Extension: Speed Test - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers [2014-08-06]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR NewTab: Profile 1 -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"
CHR Profile: C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-25]
CHR Extension: (Google Drive) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-06]
CHR Extension: (YouTube) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd [2014-08-06]
CHR Extension: (Google Search) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-25]
CHR Extension: (Speed Dial) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2014-01-25]
CHR Extension: (Chrome to Mobile) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-26]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido [2014-08-06]
CHR Extension: (Fantasy Ocean Theme [FVD]) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkddicbjcpofnodmnjdanbnaphfjifdf [2014-01-25]
CHR Extension: (Google Wallet) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
CHR Extension: (Gmail) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd\1.0 [2014-08-06]
CHR Extension: (Extutil) - C:\Users\Elise\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\Elise\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2013-12-28]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido\1.0 [2014-08-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-11] (Symantec Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-03 19:19 - 2014-09-03 19:20 - 00027244 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-03 19:19 - 2014-09-03 19:19 - 00000000 ____D () C:\FRST
2014-09-03 19:18 - 2014-09-03 19:19 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-02 19:54 - 2014-09-02 19:58 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:54 - 2014-09-02 19:58 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:17 - 2014-09-02 19:18 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 18:44 - 2014-09-03 19:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-02 18:41 - 2014-09-02 19:04 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-02 18:37 - 2014-09-02 18:39 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 17:37 - 2014-09-02 17:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-01 21:41 - 2014-09-02 17:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-01 21:41 - 2014-09-02 13:14 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:39 - 2014-09-01 21:40 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:27 - 2014-09-01 20:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 17:18 - 2014-09-02 17:31 - 00000000 ____D () C:\Windows\pss
2014-09-01 12:31 - 2014-09-01 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-08-29 09:09 - 2014-09-02 17:40 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-29 09:09 - 2014-09-02 17:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-29 09:04 - 2014-08-29 09:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 08:53 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-29 08:53 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-29 08:53 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-29 08:53 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-29 08:52 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-29 08:52 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 10:52 - 2014-09-02 18:44 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 10:52 - 2014-09-02 18:43 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 10:52 - 2014-09-02 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-28 10:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 22:51 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-27 22:51 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-27 22:47 - 2014-07-25 06:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-27 22:47 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-27 22:47 - 2014-07-15 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-27 22:47 - 2014-07-15 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-27 22:47 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-27 22:47 - 2014-06-03 04:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-27 22:47 - 2014-06-03 03:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-27 22:46 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 22:46 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 22:46 - 2014-08-22 18:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 22:46 - 2014-07-31 17:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 22:46 - 2014-07-31 17:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-27 22:46 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 22:46 - 2014-07-25 08:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 08:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-27 22:46 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-27 22:46 - 2014-07-25 07:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 07:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 07:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 22:46 - 2014-07-25 07:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 07:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 22:46 - 2014-07-25 07:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-27 22:46 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-27 22:46 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-27 22:46 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-27 22:46 - 2014-07-25 06:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 22:46 - 2014-07-25 06:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-27 22:46 - 2014-07-25 06:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-27 22:46 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 22:46 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-27 22:46 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 22:46 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-27 22:46 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 22:46 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:26 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 22:26 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 22:26 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 22:26 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 22:26 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 22:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
2014-08-06 00:41 - 2014-09-02 18:07 - 00003244 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-08-06 00:41 - 2014-08-06 00:41 - 00000000 ____D () C:\Users\Elise\Documents\Optimizer Pro
2014-08-06 00:41 - 2014-08-06 00:41 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Optimizer Pro
2014-08-06 00:35 - 2014-08-06 00:35 - 00001081 _____ () C:\Users\Elise\Desktop\Video Performer.lnk
2014-08-06 00:35 - 2014-08-06 00:35 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
2014-08-06 00:34 - 2014-09-03 19:05 - 00003250 _____ () C:\Windows\System32\Tasks\PC Performer Logon Scan
2014-08-06 00:34 - 2014-08-28 11:03 - 00000000 ____D () C:\Program Files (x86)\Speed Test
2014-08-06 00:34 - 2014-08-06 01:43 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-06 00:34 - 2014-08-06 00:35 - 00000000 ____D () C:\Program Files (x86)\Video Performer
2014-08-06 00:34 - 2014-08-06 00:34 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-06 00:34 - 2014-08-06 00:34 - 00003438 _____ () C:\Windows\System32\Tasks\PC Performer Scheduled Scan
2014-08-06 00:34 - 2014-08-06 00:34 - 00001969 _____ () C:\Users\Elise\Desktop\Sync Folder.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00001244 _____ () C:\Users\Elise\Desktop\Speed Test.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00001087 _____ () C:\Users\Elise\Desktop\MyPC Backup.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Performersoft
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Mozilla
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-06 00:33 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Local\speedtest199
2014-08-06 00:33 - 2014-08-06 00:33 - 01233032 _____ (VideoPerformer) C:\Users\Elise\Downloads\VideoPerformerSetup.exe
2014-08-06 00:33 - 2014-08-06 00:33 - 00001050 _____ () C:\Users\Elise\Desktop\PC Performer.lnk
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 ____D () C:\Program Files (x86)\PC Performer
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 _____ () C:\END
2014-08-06 00:33 - 2014-07-02 10:43 - 03421696 _____ (Performersoft, LLC.) C:\Windows\performersoftsetup.dll
2014-08-06 00:26 - 2014-09-01 23:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-08-06 00:26 - 2014-08-06 00:26 - 00001139 _____ () C:\Users\Elise\Desktop\LiveSupport.lnk
2014-08-06 00:26 - 2014-08-06 00:26 - 00001062 _____ () C:\Users\Elise\Desktop\Optimizer Pro.lnk
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\Program Files (x86)\LiveSupport
2014-08-06 00:25 - 2014-09-03 19:04 - 00000476 ____H () C:\Windows\Tasks\PC_Booster-S-493389286.job
2014-08-06 00:25 - 2014-09-02 19:06 - 00000000 ____D () C:\Program Files (x86)\PC_Booster
2014-08-06 00:25 - 2014-08-28 11:04 - 00000000 ____D () C:\Program Files (x86)\SAVeMasS
2014-08-06 00:25 - 2014-08-28 11:04 - 00000000 ____D () C:\Program Files (x86)\PriceCHop
2014-08-06 00:25 - 2014-08-27 22:22 - 00002722 _____ () C:\Windows\System32\Tasks\PC_Booster-S-493389286
2014-08-06 00:25 - 2014-08-06 00:25 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Packages
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\SAVeMasS
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\PriceCHop
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\f37dee9e04f41f9c
2014-08-06 00:22 - 2014-08-06 00:22 - 00989560 _____ (are) C:\Users\Elise\Downloads\converted file.exe
2014-08-06 00:05 - 2014-08-06 00:05 - 00000000 ____D () C:\9dce5f092a6de9880e097ba42f84
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-03 19:20 - 2014-09-03 19:19 - 00027244 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-03 19:19 - 2014-09-03 19:19 - 00000000 ____D () C:\FRST
2014-09-03 19:19 - 2014-09-03 19:18 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:11 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 19:11 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-03 19:08 - 2010-06-21 02:50 - 01157279 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 19:08 - 2009-07-13 23:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-03 19:06 - 2013-03-02 15:56 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-03 19:05 - 2014-08-06 00:34 - 00003250 _____ () C:\Windows\System32\Tasks\PC Performer Logon Scan
2014-09-03 19:05 - 2009-07-13 20:34 - 00000466 _____ () C:\Windows\win.ini
2014-09-03 19:04 - 2014-08-06 00:25 - 00000476 ____H () C:\Windows\Tasks\PC_Booster-S-493389286.job
2014-09-03 19:04 - 2013-03-03 21:17 - 00000000 ____D () C:\Users\Elise\Tracing
2014-09-03 19:04 - 2011-10-28 22:02 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 19:03 - 2014-09-02 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-03 19:03 - 2010-06-21 02:53 - 00340510 _____ () C:\Windows\PFRO.log
2014-09-03 19:03 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 19:03 - 2009-07-13 22:51 - 00069659 _____ () C:\Windows\setupact.log
2014-09-02 20:05 - 2011-10-12 22:33 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA.job
2014-09-02 20:05 - 2011-10-12 22:32 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core.job
2014-09-02 20:04 - 2011-05-18 14:38 - 00000000 ____D () C:\Users\Elise\AppData\Local\Apple Computer
2014-09-02 19:59 - 2012-07-28 21:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-02 19:59 - 2011-10-28 22:02 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-02 19:58 - 2014-09-02 19:54 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:58 - 2014-09-02 19:54 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:18 - 2014-09-02 19:17 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 19:06 - 2014-08-06 00:25 - 00000000 ____D () C:\Program Files (x86)\PC_Booster
2014-09-02 19:04 - 2014-09-02 18:41 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-02 18:44 - 2014-08-28 10:52 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-02 18:43 - 2014-08-28 10:52 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-02 18:39 - 2014-09-02 18:37 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:35 - 2010-09-13 17:19 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 18:07 - 2014-08-06 00:41 - 00003244 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-09-02 17:46 - 2014-09-01 21:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-02 17:40 - 2014-08-29 09:09 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-02 17:40 - 2014-08-29 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-02 17:40 - 2014-08-28 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-02 17:38 - 2014-09-02 17:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-02 17:34 - 2013-03-03 21:05 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Skype
2014-09-02 17:31 - 2014-09-01 17:18 - 00000000 ____D () C:\Windows\pss
2014-09-02 13:14 - 2014-09-01 21:41 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 23:03 - 2014-08-06 00:26 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:40 - 2014-09-01 21:39 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:28 - 2014-09-01 20:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 12:32 - 2014-09-01 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-09-01 12:26 - 2009-07-13 22:45 - 00366808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 09:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-29 09:05 - 2014-08-29 09:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 09:05 - 2010-04-25 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 09:00 - 2013-08-27 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-29 08:56 - 2010-09-09 11:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-28 22:16 - 2010-04-25 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 11:04 - 2014-08-06 00:25 - 00000000 ____D () C:\Program Files (x86)\SAVeMasS
2014-08-28 11:04 - 2014-08-06 00:25 - 00000000 ____D () C:\Program Files (x86)\PriceCHop
2014-08-28 11:03 - 2014-08-06 00:34 - 00000000 ____D () C:\Program Files (x86)\Speed Test
2014-08-28 10:52 - 2011-05-18 14:46 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Malwarebytes
2014-08-28 10:52 - 2010-09-09 16:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:22 - 2014-08-06 00:25 - 00002722 _____ () C:\Windows\System32\Tasks\PC_Booster-S-493389286
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
2014-08-22 20:07 - 2014-08-27 22:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 19:45 - 2014-08-27 22:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 18:59 - 2014-08-27 22:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-06 03:59 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-08-06 03:21 - 2012-11-16 10:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-06 03:21 - 2012-11-16 10:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-06 03:03 - 2012-11-16 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 01:43 - 2014-08-06 00:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-06 00:41 - 2014-08-06 00:41 - 00000000 ____D () C:\Users\Elise\Documents\Optimizer Pro
2014-08-06 00:41 - 2014-08-06 00:41 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Optimizer Pro
2014-08-06 00:35 - 2014-08-06 00:35 - 00001081 _____ () C:\Users\Elise\Desktop\Video Performer.lnk
2014-08-06 00:35 - 2014-08-06 00:35 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
2014-08-06 00:35 - 2014-08-06 00:34 - 00000000 ____D () C:\Program Files (x86)\Video Performer
2014-08-06 00:34 - 2014-08-06 00:34 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-06 00:34 - 2014-08-06 00:34 - 00003438 _____ () C:\Windows\System32\Tasks\PC Performer Scheduled Scan
2014-08-06 00:34 - 2014-08-06 00:34 - 00001969 _____ () C:\Users\Elise\Desktop\Sync Folder.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00001244 _____ () C:\Users\Elise\Desktop\Speed Test.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00001087 _____ () C:\Users\Elise\Desktop\MyPC Backup.lnk
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Performersoft
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Mozilla
2014-08-06 00:34 - 2014-08-06 00:34 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-06 00:34 - 2014-08-06 00:33 - 00000000 ____D () C:\Users\Elise\AppData\Local\speedtest199
2014-08-06 00:33 - 2014-08-06 00:33 - 01233032 _____ (VideoPerformer) C:\Users\Elise\Downloads\VideoPerformerSetup.exe
2014-08-06 00:33 - 2014-08-06 00:33 - 00001050 _____ () C:\Users\Elise\Desktop\PC Performer.lnk
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 ____D () C:\Program Files (x86)\PC Performer
2014-08-06 00:33 - 2014-08-06 00:33 - 00000000 _____ () C:\END
2014-08-06 00:26 - 2014-08-06 00:26 - 00001139 _____ () C:\Users\Elise\Desktop\LiveSupport.lnk
2014-08-06 00:26 - 2014-08-06 00:26 - 00001062 _____ () C:\Users\Elise\Desktop\Optimizer Pro.lnk
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
2014-08-06 00:26 - 2014-08-06 00:26 - 00000000 ____D () C:\Program Files (x86)\LiveSupport
2014-08-06 00:25 - 2014-08-06 00:25 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Guest
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Packages
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Elise\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\Users\Administrator
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\SAVeMasS
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\PriceCHop
2014-08-06 00:25 - 2014-08-06 00:25 - 00000000 ____D () C:\ProgramData\f37dee9e04f41f9c
2014-08-06 00:25 - 2011-10-28 22:02 - 00000000 ____D () C:\Users\Elise\AppData\Local\Google
2014-08-06 00:25 - 2011-10-28 22:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-06 00:25 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-06 00:25 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-08-06 00:22 - 2014-08-06 00:22 - 00989560 _____ (are) C:\Users\Elise\Downloads\converted file.exe
2014-08-06 00:09 - 2011-05-08 15:08 - 00000000 ____D () C:\Users\Elise
2014-08-06 00:05 - 2014-08-06 00:05 - 00000000 ____D () C:\9dce5f092a6de9880e097ba42f84
 
Some content of TEMP:
====================
C:\Users\Elise\AppData\Local\Temp\CloudBackup3726.exe
C:\Users\Elise\AppData\Local\Temp\DefaultAssets.exe
C:\Users\Elise\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\Elise\AppData\Local\Temp\dotNetFx40_Client_x86_x64.exe
C:\Users\Elise\AppData\Local\Temp\InstallNorton.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Elise\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\Elise\AppData\Local\Temp\nscA6C8.exe
C:\Users\Elise\AppData\Local\Temp\nsx51A6.exe
C:\Users\Elise\AppData\Local\Temp\optprosetup.exe
C:\Users\Elise\AppData\Local\Temp\ose00000.exe
C:\Users\Elise\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\Elise\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Elise\AppData\Local\Temp\setup.exe
C:\Users\Elise\AppData\Local\Temp\SPSetup.exe
C:\Users\Elise\AppData\Local\Temp\SPStub.exe
C:\Users\Elise\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Elise\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Elise\AppData\Local\Temp\_PC_DRIVERS_HQAssets.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-06 03:51
 
==================== End Of Log ========

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Elise at 2014-09-03 19:21:11
Running from C:\Users\Elise\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0416.541.8279 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0416.541.8279 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help English (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help French (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help German (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - ATI) Hidden
ccc-utility64 (Version: 2010.0416.541.8279 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2527 - CyberLink Corp.) Hidden
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Dexter Screen Saver (HKLM-x32\...\Dexter Screen Saver) (Version:  - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Driver Restore (HKLM-x32\...\{273130E8-117C-4237-A0FA-83EBBF11E051}) (Version: 8.1 - Driver Restore)
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP ENVY 110 series Basic Device Software (HKLM\...\{9EDA8125-D287-4AD1-BE32-6B105A275645}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3822 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.0.3822 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.2.2513 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.2.2513 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3903 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.0.3903 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2511 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.0.2511 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}) (Version: 1.0.9.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2261 - HP Photo Creations Powered by RocketLife)
HP Power Plan Utility (HKLM-x32\...\{F6B6A150-08FA-46D5-808A-EB638269551D}) (Version: 1.0.6 - Hewlett-Packard)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.2.12.0 - DeviceVM Inc.)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{5BF97E02-2F6A-412A-BB4D-B6E2DC65FCA7}) (Version: 5.20.205 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Tone Control (HKLM\...\{9207D4A1-586E-49CA-A002-FC9F475AB1A3}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0188 (HKLM-x32\...\{7D2B5801-18A1-428D-A601-EE0D30CCF060}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}) (Version: 4.0.4.2 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.11 - Hulu LLC)
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LiveSupport (HKLM-x32\...\LiveSupport_is1) (Version: 1.2.8.0 - PC Utilities Software Limited) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.71.0 - Symantec Corporation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
PC Performer (HKLM-x32\...\PC Performer_is1) (Version:  - PerformerSoft, LLC.) <==== ATTENTION
PC_Booster (HKLM-x32\...\S-493389286) (Version: 3.0.0.1802 - PremiumSoft) <==== ATTENTION
PC_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}) (Version:  - Certified Publisher) <==== ATTENTION
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PriceCHop (HKLM-x32\...\{B945F928-45A2-231E-495F-38C40CA198E9}) (Version: 2.1.0.1195 - PericceChop)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Rosetta Stone Ltd Services (HKLM-x32\...\{3212AA30-4503-4D30-ADF3-F0DA00C3FDCC}) (Version: 3.2.13 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale.8F5798B43604FA41C65B6F3DA7D3E38B6B065643.1) (Version: 4.0.17.0 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.0.12 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.0.17.0 - Rosetta Stone, Ltd) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.262 - Hewlett-Packard) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAVeMasS (HKLM-x32\...\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}) (Version: 2.1.0.1195 - SaveMMasss)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Speed Test App (HKLM-x32\...\Speed Test) (Version: 4.0.0.0 - Speed Analysis) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Validity Sensors DDK (HKLM\...\{EE5017A6-7525-4EE9-99DA-2EF1F6C16B1B}) (Version: 4.1.129.0 - Validity Sensors, Inc.)
Video Performer (HKLM-x32\...\Video Performer) (Version:  - PerformerSoft LLC) <==== ATTENTION
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WiseConvert B Toolbar (HKLM-x32\...\WiseConvert_B Toolbar) (Version: 6.10.3.27 - WiseConvert B)
WiseFixer 4.0 (HKLM\...\{900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1) (Version: 4.0 - FoxthSoft)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
03-05-2014 11:25:12 Windows Update
09-05-2014 18:12:14 Windows Modules Installer
21-05-2014 21:25:35 Windows Update
20-07-2014 23:08:56 Scheduled Checkpoint
06-08-2014 05:56:04 Windows Update
06-08-2014 06:13:00 Windows Update
06-08-2014 09:00:20 Windows Update
28-08-2014 04:15:10 Scheduled Checkpoint
28-08-2014 04:25:22 Windows Update
29-08-2014 14:52:01 Windows Update
03-09-2014 01:04:27 Malwarebytes Anti-Rootkit Restore Point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01A81881-AFDC-4803-A741-FAFE1A55F190} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2014-07-02] (PerformerSoft LLC) <==== ATTENTION
Task: {0A78E1E3-892D-4F5F-9A6B-8327B7E49AB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {171F0C90-012D-4414-B45D-A2E62A685563} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {21ABF540-FCA7-4DD4-8E1F-542116768CA1} - System32\Tasks\PC_Booster-S-493389286 => c:\programdata\trusted publisher\pc_booster\PC_Booster.exe [2013-08-27] () <==== ATTENTION
Task: {21D864BA-17CC-4038-BD3C-9E7F88D9DDC2} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {220AD511-8456-43E4-9974-11F53D420F17} - System32\Tasks\PC Performer Logon Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2014-07-02] (PerformerSoft LLC) <==== ATTENTION
Task: {22C75CE9-9DBC-48F0-B69A-3F2EBDFE0E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {29ABF11E-A4A0-4B2C-8505-60639487E44A} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {538389B7-73E9-4423-8E71-4DFB7378C56F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {63CD6880-5052-4679-9DEF-7453F12413EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-03] (Facebook Inc.)
Task: {6D5878E9-0E82-4BCB-9D89-E0839973C997} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {71296CFF-CB66-4E1B-8A88-E4126F271067} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {8215CB46-F388-44F1-BA63-599FED8CB1D3} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {91A534DC-D3CB-4A32-83E4-5704A6001687} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-07-29] (PC Utilities Software Limited) <==== ATTENTION
Task: {A4F5BA8C-E9BB-4B2D-AAEC-1BC347B925FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-25] (Adobe Systems Incorporated)
Task: {A88857FE-F4B7-4B6B-916C-690D817155B3} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {B7562B8E-9DBF-4817-B144-39DC19E08C9C} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: {BB45F6D2-157E-47D7-A26B-5F703661E8BE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-03] (Facebook Inc.)
Task: {BEC78F7C-871D-4548-9B78-F98F088272D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF865694-7106-481C-8AFA-B933FDA4BA23} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: {D2A21310-4744-4ED6-AC3E-117DD902C715} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-21] (Hewlett-Packard Company)
Task: {DF293CE5-60BB-4800-BD60-5D65399F7805} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {DFEA982E-9F26-4D3D-AE26-2AEE99B406BF} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {F0C282FA-3D5B-4BFE-AA71-F255A24111CF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-03-31] () <==== ATTENTION
Task: {FDD05C01-2E66-4FB7-A07D-15BD7B1B8D2F} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core.job => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA.job => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job => C:\Program Files (x86)\Norton PC Checkup 3.0\NLAppLauncher.exe
Task: C:\Windows\Tasks\PC_Booster-S-493389286.job => c:\programdata\trusted publisher\pc_booster\PC_Booster.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2010-01-18 16:04 - 2010-01-18 16:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 01082880 _____ () c:\programdata\trusted publisher\pc_booster\PC_Booster.exe
2010-01-20 17:20 - 2010-01-20 17:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2013-04-29 12:26 - 2013-04-29 12:26 - 00653704 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\ThemePack.DriverRestore.dll
2013-04-29 11:52 - 2013-04-29 11:52 - 00326048 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\Agent.Communication.XmlSerializers.dll
2014-07-22 07:07 - 2014-07-22 07:07 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-07-22 07:02 - 2014-07-22 07:02 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2010-03-09 15:34 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-21 02:48 - 2010-06-21 02:48 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-01-22 11:30 - 2010-01-22 11:30 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/02/2014 05:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x638
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/02/2014 05:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msnmsgr.exe, version: 14.0.8089.726, time stamp: 0x4a6ce533
Faulting module name: msnmsgr.exe, version: 14.0.8089.726, time stamp: 0x4a6ce533
Exception code: 0xc0000005
Fault offset: 0x0019d071
Faulting process id: 0xb00
Faulting application start time: 0xmsnmsgr.exe0
Faulting application path: msnmsgr.exe1
Faulting module path: msnmsgr.exe2
Report Id: msnmsgr.exe3
 
Error: (09/01/2014 11:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d
Faulting module name: NPSWF32_14_0_0_145.dll_unloaded, version: 0.0.0.0, time stamp: 0x53aa1b9a
Exception code: 0xc0000005
Fault offset: 0x6ea7f981
Faulting process id: 0x218
Faulting application start time: 0xWebKit2WebProcess.exe0
Faulting application path: WebKit2WebProcess.exe1
Faulting module path: WebKit2WebProcess.exe2
Report Id: WebKit2WebProcess.exe3
 
Error: (09/01/2014 08:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x708
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:36:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x680
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:34:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x52c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:29:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x754
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x41c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/29/2014 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 805199
 
Error: (08/29/2014 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 805199
 
 
System errors:
=============
Error: (09/03/2014 07:06:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/03/2014 07:05:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/03/2014 07:05:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (09/03/2014 07:04:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/03/2014 07:04:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (09/02/2014 07:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/02/2014 07:08:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (09/02/2014 07:07:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/02/2014 07:07:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/02/2014 07:07:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Turion™ II P520 Dual-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 3834.9 MB
Available physical RAM: 2207.58 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 5458.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:275.87 GB) (Free:15.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.92 GB) (Free:3.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F1977E89)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log =======================

I've learned blood is not thicker than money. 

 


#4 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 04 September 2014 - 12:44 AM

Hello Twin B,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 06 September 2014 - 02:28 PM

AdwCleaner has been running for over 48 hours now, with the message 'Pending. Please uncheck elements you don't want to remove'

 

It's an old machine and the hard drive is not very big; should I let it continue to run or try something else? 


I've learned blood is not thicker than money. 

 


#6 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 06 September 2014 - 02:46 PM

click on the Report button...
a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 06 September 2014 - 05:36 PM

# AdwCleaner v3.309 - Report created 04/09/2014 at 08:57:24
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Elise - DAVIS-PC
# Running from : C:\Users\Elise\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : BackupStack
Service Found : CltMngSvc
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Elise\AppData\Roaming\LiveSupport.exe_log.txt
File Found : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\Elise\AppData\Roaming\regsvr32.exe_log.txt
File Found : C:\Users\Elise\Desktop\LiveSupport.lnk
File Found : C:\Users\Elise\Desktop\MyPC Backup.lnk
File Found : C:\Users\Elise\Desktop\Optimizer Pro.lnk
File Found : C:\Users\Elise\Desktop\PC Performer.lnk
File Found : C:\Users\Elise\Desktop\Speed Test.lnk
File Found : C:\Users\Elise\Desktop\Sync Folder.lnk
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\LiveSupport
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\Program Files (x86)\PC Performer
Folder Found : C:\Program Files (x86)\PC_booster
Folder Found : C:\Program Files (x86)\PriceCHop
Folder Found : C:\Program Files (x86)\SAVeMasS
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\Speed Test
Folder Found : C:\Program Files (x86)\Video Performer
Folder Found : C:\Program Files (x86)\WiseConvert_B
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Folder Found : C:\ProgramData\PriceCHop
Folder Found : C:\ProgramData\SAVeMasS
Folder Found : C:\ProgramData\Trusted Publisher
Folder Found : C:\SearchProtect
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Elise\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Elise\AppData\Local\Conduit
Folder Found : C:\Users\Elise\AppData\Local\SearchProtect
Folder Found : C:\Users\Elise\AppData\Local\torch
Folder Found : C:\Users\Elise\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Elise\AppData\LocalLow\Conduit
Folder Found : C:\Users\Elise\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Elise\AppData\LocalLow\WiseConvert_B
Folder Found : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
Folder Found : C:\Users\Elise\AppData\Roaming\Optimizer Pro
Folder Found : C:\Users\Elise\AppData\Roaming\pccustubinstaller
Folder Found : C:\Users\Elise\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\Elise\Documents\Optimizer Pro
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Found : C:\Windows\SysWOW64\SearchProtect
 
***** [ Scheduled Tasks ] *****
 
Task Found : LaunchSignup
Task Found : Optimizer Pro Schedule
Task Found : Scheduled Update for Ask Toolbar
Task Found : PC_Booster-S-493389286
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\WiseConvert_B
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\LiveSupport
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\PerformerSoft
Key Found : HKCU\Software\performersoft llc
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\WiseConvert_B
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\LiveSupport
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\PerformerSoft
Key Found : [x64] HKCU\Software\performersoft llc
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\WiseConvert_B
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Found : HKLM\SOFTWARE\Classes\PericceChop.PericceChop
Key Found : HKLM\SOFTWARE\Classes\PericceChop.PericceChop.1.0
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\SaveMMasss.SaveMMasss
Key Found : HKLM\SOFTWARE\Classes\SaveMMasss.SaveMMasss.1.0
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282134
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0CF16F45-1FC5-4D54-BC8C-12CB79E42D95}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B39466E5-4052-4771-8BF8-C017045C8A43}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B945F928-45A2-231E-495F-38C40CA198E9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-493389286
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Performer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert_B Toolbar
Key Found : HKLM\SOFTWARE\PC_Booster
Key Found : HKLM\SOFTWARE\PerformerSoft
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\WiseConvert_B
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Found : [x64] HKLM\SOFTWARE\DeviceVM
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3282134&octid=CT3282134&SearchSource=61&CUI=UN31266680868004247&UM=UM_ID&UP=SP7F319DEC-6EC4-417C-948E-C457CF7BF66F&SSPV=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www.searchalgo.com/?cid=4301
 
-\\ Google Chrome v36.0.1985.125
 
*************************
 
AdwCleaner[R0].txt - [24242 octets] - [04/09/2014 08:57:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24303 octets] ##########

I've learned blood is not thicker than money. 

 


#8 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 06 September 2014 - 05:50 PM

did Malwarebytes Anti-Rootkit find anything?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 06 September 2014 - 06:12 PM

Sorry, I forgot to mention MBAR didn't find anything. 


I've learned blood is not thicker than money. 

 


#10 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 07 September 2014 - 06:28 AM

Hello Twin B,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 07 September 2014 - 08:56 AM

Quick question: When I sent you the results of the AdwCleaner scan in my last post I left the program open, didn't close it, so it's still running and on my screen with that message "Pending. Please uncheck elements you don't want to remove". I can close the program and begin the scan again but as it is now the 'scan' button is grayed out and the clean, report and uninstall options are available, not grayed out. I can close the program, open it again and begin the scan if that's what you want me to do; or I can just click the 'clean' button. 

 

Should I close the program, start it again, then run another scan and follow your instructions? 

 

Thanks.


I've learned blood is not thicker than money. 

 


#12 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 07 September 2014 - 08:59 AM

just click the 'clean' button.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 07 September 2014 - 09:45 AM

# AdwCleaner v3.309 - Report created 07/09/2014 at 08:07:01
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Elise - DAVIS-PC
# Running from : C:\Users\Elise\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : BackupStack
Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\PriceCHop
Folder Deleted : C:\ProgramData\SAVeMasS
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\LiveSupport
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\PC Performer
Folder Deleted : C:\Program Files (x86)\PC_booster
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Speed Test
Folder Deleted : C:\Program Files (x86)\Video Performer
Folder Deleted : C:\Program Files (x86)\PriceCHop
Folder Deleted : C:\Program Files (x86)\SAVeMasS
Folder Deleted : C:\Program Files (x86)\WiseConvert_B
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Elise\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Elise\AppData\Local\Conduit
Folder Deleted : C:\Users\Elise\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Elise\AppData\Local\torch
Folder Deleted : C:\Users\Elise\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Elise\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Elise\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Elise\AppData\LocalLow\WiseConvert_B
Folder Deleted : C:\Users\Elise\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Elise\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\Elise\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
Folder Deleted : C:\Users\Elise\Documents\Optimizer Pro
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\minceiafoihijggfalpennhcmkmbcido
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Elise\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Elise\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Elise\Desktop\LiveSupport.lnk
File Deleted : C:\Users\Elise\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Elise\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\Elise\Desktop\PC Performer.lnk
File Deleted : C:\Users\Elise\Desktop\Speed Test.lnk
File Deleted : C:\Users\Elise\Desktop\Sync Folder.lnk
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : LaunchSignup
Task Deleted : Optimizer Pro Schedule
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : PC_Booster-S-493389286
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\PericceChop.PericceChop
Key Deleted : HKLM\SOFTWARE\Classes\PericceChop.PericceChop.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveMMasss.SaveMMasss
Key Deleted : HKLM\SOFTWARE\Classes\SaveMMasss.SaveMMasss.1.0
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-493389286
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282134
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2713B394-286F-4D7C-89EA-4174EEAB9F5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{332CDD17-CC24-41CF-A9D6-207FE50210E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0CF16F45-1FC5-4D54-BC8C-12CB79E42D95}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B39466E5-4052-4771-8BF8-C017045C8A43}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{2713B394-286F-4D7C-89EA-4174EEAB9F5A}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C7F44CD-40A5-090A-925D-B0EC3E40520B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56660CF0-CABC-152A-A23C-B47AAFF00449}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\WiseConvert_B
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WiseConvert_B
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\PC_Booster
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\WiseConvert_B
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Performer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B945F928-45A2-231E-495F-38C40CA198E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert_B Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v36.0.1985.125
 
*************************
 
AdwCleaner[R0].txt - [24648 octets] - [04/09/2014 08:57:24]
AdwCleaner[S0].txt - [24028 octets] - [07/09/2014 08:07:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24089 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Elise on Sun 09/07/2014 at  8:17:06.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{28915790-0a6f-4257-8a56-df65647be253}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{98EBB173-8F3C-40D9-96D4-149AE4C43948}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CCB7769E-AEEE-4969-B02C-6AF5239CF1F1}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/07/2014 at  8:24:25.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Elise (administrator) on DAVIS-PC on 07-09-2014 08:30:56
Running from C:\Users\Elise\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Facebook) C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] => C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-05-18] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Facebook Update] => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-03] (Facebook Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-28] (Google Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Driver Restore] => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [3598712 2013-04-29] (PC Drivers Headquarters)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM-x32 - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Elise\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-08]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-09-09]
FF HKCU\...\Firefox\Extensions: [speedtest199@BestOffers] - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
FF Extension: Speed Test - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers [2014-08-06]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR NewTab: Profile 1 -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"
CHR Profile: C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-25]
CHR Extension: (Google Drive) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-06]
CHR Extension: (YouTube) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd [2014-08-06]
CHR Extension: (Google Search) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-25]
CHR Extension: (Speed Dial) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2014-01-25]
CHR Extension: (Chrome to Mobile) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-26]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido [2014-08-06]
CHR Extension: (Fantasy Ocean Theme [FVD]) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkddicbjcpofnodmnjdanbnaphfjifdf [2014-01-25]
CHR Extension: (Google Wallet) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
CHR Extension: (Gmail) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd\1.0 [2014-08-06]
CHR Extension: (Extutil) - C:\Users\Elise\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\Elise\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2013-12-28]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido\1.0 [2014-08-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-11] (Symantec Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 08:24 - 2014-09-07 08:24 - 00001361 _____ () C:\Users\Elise\Desktop\JRT.txt
2014-09-07 08:17 - 2014-09-07 08:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-07 08:16 - 2014-09-07 08:16 - 01016261 _____ (Thisisu) C:\Users\Elise\Downloads\JRT.exe
2014-09-07 08:12 - 2014-09-07 08:12 - 00024390 _____ () C:\Users\Elise\Desktop\AdwCleaner[S0].txt
2014-09-07 08:09 - 2014-09-07 08:09 - 00000012 ____H () C:\dvmexp.idx
2014-09-07 08:09 - 2014-09-07 08:09 - 00000000 ___HD () C:\dvmexp
2014-09-07 08:08 - 2014-09-07 08:09 - 00000000 ____D () C:\temp
2014-09-04 08:57 - 2014-09-07 08:07 - 00000000 ____D () C:\AdwCleaner
2014-09-04 08:56 - 2014-09-04 08:56 - 01370467 _____ () C:\Users\Elise\Downloads\AdwCleaner.exe
2014-09-04 08:35 - 2014-09-04 08:36 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1-1.07.0.1012.exe
2014-09-03 19:21 - 2014-09-03 19:21 - 00045903 _____ () C:\Users\Elise\Downloads\Addition.txt
2014-09-03 19:19 - 2014-09-07 08:30 - 00021946 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-03 19:19 - 2014-09-07 08:30 - 00000000 ____D () C:\FRST
2014-09-03 19:18 - 2014-09-03 19:19 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-02 19:54 - 2014-09-02 19:58 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:54 - 2014-09-02 19:58 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:17 - 2014-09-02 19:18 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 18:44 - 2014-09-04 08:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-02 18:41 - 2014-09-04 08:56 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-02 18:37 - 2014-09-02 18:39 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 17:37 - 2014-09-02 17:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-01 21:41 - 2014-09-02 17:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-01 21:41 - 2014-09-02 13:14 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:39 - 2014-09-01 21:40 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:27 - 2014-09-01 20:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 17:18 - 2014-09-02 17:31 - 00000000 ____D () C:\Windows\pss
2014-09-01 12:31 - 2014-09-01 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-08-29 09:09 - 2014-09-02 17:40 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-29 09:09 - 2014-09-02 17:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-29 09:04 - 2014-08-29 09:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 08:53 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-29 08:53 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-29 08:53 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-29 08:53 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-29 08:52 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-29 08:52 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 10:52 - 2014-09-04 08:39 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 10:52 - 2014-09-04 08:38 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 10:52 - 2014-09-02 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-28 10:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 22:51 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-27 22:51 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-27 22:47 - 2014-07-25 06:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-27 22:47 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-27 22:47 - 2014-07-15 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-27 22:47 - 2014-07-15 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-27 22:47 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-27 22:47 - 2014-06-03 04:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-27 22:47 - 2014-06-03 03:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-27 22:46 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 22:46 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 22:46 - 2014-08-22 18:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 22:46 - 2014-07-31 17:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 22:46 - 2014-07-31 17:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-27 22:46 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 22:46 - 2014-07-25 08:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 08:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-27 22:46 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-27 22:46 - 2014-07-25 07:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 07:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 07:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 22:46 - 2014-07-25 07:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 07:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 22:46 - 2014-07-25 07:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-27 22:46 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-27 22:46 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-27 22:46 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-27 22:46 - 2014-07-25 06:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 22:46 - 2014-07-25 06:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-27 22:46 - 2014-07-25 06:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-27 22:46 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 22:46 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-27 22:46 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 22:46 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-27 22:46 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 22:46 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:26 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 22:26 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 22:26 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 22:26 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 22:26 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 22:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 08:31 - 2014-09-03 19:19 - 00021946 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-07 08:30 - 2014-09-03 19:19 - 00000000 ____D () C:\FRST
2014-09-07 08:24 - 2014-09-07 08:24 - 00001361 _____ () C:\Users\Elise\Desktop\JRT.txt
2014-09-07 08:17 - 2014-09-07 08:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-07 08:16 - 2014-09-07 08:16 - 01016261 _____ (Thisisu) C:\Users\Elise\Downloads\JRT.exe
2014-09-07 08:16 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-07 08:16 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-07 08:12 - 2014-09-07 08:12 - 00024390 _____ () C:\Users\Elise\Desktop\AdwCleaner[S0].txt
2014-09-07 08:10 - 2013-03-03 21:17 - 00000000 ____D () C:\Users\Elise\Tracing
2014-09-07 08:10 - 2011-10-28 22:02 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 08:09 - 2014-09-07 08:09 - 00000012 ____H () C:\dvmexp.idx
2014-09-07 08:09 - 2014-09-07 08:09 - 00000000 ___HD () C:\dvmexp
2014-09-07 08:09 - 2014-09-07 08:08 - 00000000 ____D () C:\temp
2014-09-07 08:09 - 2010-06-21 02:53 - 00348416 _____ () C:\Windows\PFRO.log
2014-09-07 08:09 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 08:09 - 2009-07-13 22:51 - 00069771 _____ () C:\Windows\setupact.log
2014-09-07 08:08 - 2010-06-21 02:50 - 01319171 _____ () C:\Windows\WindowsUpdate.log
2014-09-07 08:07 - 2014-09-04 08:57 - 00000000 ____D () C:\AdwCleaner
2014-09-07 08:05 - 2011-10-12 22:33 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA.job
2014-09-07 07:59 - 2012-07-28 21:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 07:59 - 2011-10-28 22:02 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 07:28 - 2014-08-06 00:34 - 00003250 _____ () C:\Windows\System32\Tasks\PC Performer Logon Scan
2014-09-07 07:28 - 2009-07-13 20:34 - 00000466 _____ () C:\Windows\win.ini
2014-09-06 21:33 - 2013-03-03 21:05 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Skype
2014-09-06 21:33 - 2011-10-12 22:32 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core.job
2014-09-06 10:11 - 2009-07-13 23:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 12:41 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-09-04 08:56 - 2014-09-04 08:56 - 01370467 _____ () C:\Users\Elise\Downloads\AdwCleaner.exe
2014-09-04 08:56 - 2014-09-02 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-04 08:56 - 2014-09-02 18:41 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-04 08:39 - 2014-08-28 10:52 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 08:38 - 2014-08-28 10:52 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-04 08:36 - 2014-09-04 08:35 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1-1.07.0.1012.exe
2014-09-03 19:21 - 2014-09-03 19:21 - 00045903 _____ () C:\Users\Elise\Downloads\Addition.txt
2014-09-03 19:19 - 2014-09-03 19:18 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-02 20:04 - 2011-05-18 14:38 - 00000000 ____D () C:\Users\Elise\AppData\Local\Apple Computer
2014-09-02 19:58 - 2014-09-02 19:54 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:58 - 2014-09-02 19:54 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:18 - 2014-09-02 19:17 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 18:39 - 2014-09-02 18:37 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:35 - 2010-09-13 17:19 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 17:46 - 2014-09-01 21:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-02 17:40 - 2014-08-29 09:09 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-02 17:40 - 2014-08-29 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-02 17:40 - 2014-08-28 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-02 17:38 - 2014-09-02 17:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-02 17:31 - 2014-09-01 17:18 - 00000000 ____D () C:\Windows\pss
2014-09-02 13:14 - 2014-09-01 21:41 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:40 - 2014-09-01 21:39 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:28 - 2014-09-01 20:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 12:32 - 2014-09-01 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-09-01 12:26 - 2009-07-13 22:45 - 00366808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 09:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-29 09:05 - 2014-08-29 09:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 09:05 - 2010-04-25 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 09:00 - 2013-08-27 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-29 08:56 - 2010-09-09 11:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-28 22:16 - 2010-04-25 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 10:52 - 2011-05-18 14:46 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Malwarebytes
2014-08-28 10:52 - 2010-09-09 16:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
2014-08-22 20:07 - 2014-08-27 22:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 19:45 - 2014-08-27 22:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 18:59 - 2014-08-27 22:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
Some content of TEMP:
====================
C:\Users\Elise\AppData\Local\Temp\CloudBackup3726.exe
C:\Users\Elise\AppData\Local\Temp\DefaultAssets.exe
C:\Users\Elise\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\Elise\AppData\Local\Temp\dotNetFx40_Client_x86_x64.exe
C:\Users\Elise\AppData\Local\Temp\InstallNorton.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Elise\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Elise\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\Elise\AppData\Local\Temp\nscA6C8.exe
C:\Users\Elise\AppData\Local\Temp\nsx51A6.exe
C:\Users\Elise\AppData\Local\Temp\optprosetup.exe
C:\Users\Elise\AppData\Local\Temp\ose00000.exe
C:\Users\Elise\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\Elise\AppData\Local\Temp\Quarantine.exe
C:\Users\Elise\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Elise\AppData\Local\Temp\setup.exe
C:\Users\Elise\AppData\Local\Temp\SPStub.exe
C:\Users\Elise\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Elise\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Elise\AppData\Local\Temp\_PC_DRIVERS_HQAssets.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 00:33
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Elise at 2014-09-03 19:21:11
Running from C:\Users\Elise\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0416.541.8279 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0416.541.8279 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help English (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help French (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help German (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - ATI) Hidden
ccc-utility64 (Version: 2010.0416.541.8279 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2527 - CyberLink Corp.) Hidden
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Dexter Screen Saver (HKLM-x32\...\Dexter Screen Saver) (Version:  - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Driver Restore (HKLM-x32\...\{273130E8-117C-4237-A0FA-83EBBF11E051}) (Version: 8.1 - Driver Restore)
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP ENVY 110 series Basic Device Software (HKLM\...\{9EDA8125-D287-4AD1-BE32-6B105A275645}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3822 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.0.3822 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.2.2513 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.2.2513 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3903 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.0.3903 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2511 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.0.2511 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}) (Version: 1.0.9.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2261 - HP Photo Creations Powered by RocketLife)
HP Power Plan Utility (HKLM-x32\...\{F6B6A150-08FA-46D5-808A-EB638269551D}) (Version: 1.0.6 - Hewlett-Packard)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.2.12.0 - DeviceVM Inc.)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{5BF97E02-2F6A-412A-BB4D-B6E2DC65FCA7}) (Version: 5.20.205 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Tone Control (HKLM\...\{9207D4A1-586E-49CA-A002-FC9F475AB1A3}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0188 (HKLM-x32\...\{7D2B5801-18A1-428D-A601-EE0D30CCF060}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}) (Version: 4.0.4.2 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.11 - Hulu LLC)
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LiveSupport (HKLM-x32\...\LiveSupport_is1) (Version: 1.2.8.0 - PC Utilities Software Limited) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.71.0 - Symantec Corporation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
PC Performer (HKLM-x32\...\PC Performer_is1) (Version:  - PerformerSoft, LLC.) <==== ATTENTION
PC_Booster (HKLM-x32\...\S-493389286) (Version: 3.0.0.1802 - PremiumSoft) <==== ATTENTION
PC_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}) (Version:  - Certified Publisher) <==== ATTENTION
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PriceCHop (HKLM-x32\...\{B945F928-45A2-231E-495F-38C40CA198E9}) (Version: 2.1.0.1195 - PericceChop)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Rosetta Stone Ltd Services (HKLM-x32\...\{3212AA30-4503-4D30-ADF3-F0DA00C3FDCC}) (Version: 3.2.13 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale.8F5798B43604FA41C65B6F3DA7D3E38B6B065643.1) (Version: 4.0.17.0 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.0.12 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.0.17.0 - Rosetta Stone, Ltd) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.262 - Hewlett-Packard) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAVeMasS (HKLM-x32\...\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}) (Version: 2.1.0.1195 - SaveMMasss)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Speed Test App (HKLM-x32\...\Speed Test) (Version: 4.0.0.0 - Speed Analysis) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Validity Sensors DDK (HKLM\...\{EE5017A6-7525-4EE9-99DA-2EF1F6C16B1B}) (Version: 4.1.129.0 - Validity Sensors, Inc.)
Video Performer (HKLM-x32\...\Video Performer) (Version:  - PerformerSoft LLC) <==== ATTENTION
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WiseConvert B Toolbar (HKLM-x32\...\WiseConvert_B Toolbar) (Version: 6.10.3.27 - WiseConvert B)
WiseFixer 4.0 (HKLM\...\{900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1) (Version: 4.0 - FoxthSoft)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
03-05-2014 11:25:12 Windows Update
09-05-2014 18:12:14 Windows Modules Installer
21-05-2014 21:25:35 Windows Update
20-07-2014 23:08:56 Scheduled Checkpoint
06-08-2014 05:56:04 Windows Update
06-08-2014 06:13:00 Windows Update
06-08-2014 09:00:20 Windows Update
28-08-2014 04:15:10 Scheduled Checkpoint
28-08-2014 04:25:22 Windows Update
29-08-2014 14:52:01 Windows Update
03-09-2014 01:04:27 Malwarebytes Anti-Rootkit Restore Point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01A81881-AFDC-4803-A741-FAFE1A55F190} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2014-07-02] (PerformerSoft LLC) <==== ATTENTION
Task: {0A78E1E3-892D-4F5F-9A6B-8327B7E49AB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {171F0C90-012D-4414-B45D-A2E62A685563} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {21ABF540-FCA7-4DD4-8E1F-542116768CA1} - System32\Tasks\PC_Booster-S-493389286 => c:\programdata\trusted publisher\pc_booster\PC_Booster.exe [2013-08-27] () <==== ATTENTION
Task: {21D864BA-17CC-4038-BD3C-9E7F88D9DDC2} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {220AD511-8456-43E4-9974-11F53D420F17} - System32\Tasks\PC Performer Logon Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2014-07-02] (PerformerSoft LLC) <==== ATTENTION
Task: {22C75CE9-9DBC-48F0-B69A-3F2EBDFE0E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {29ABF11E-A4A0-4B2C-8505-60639487E44A} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {538389B7-73E9-4423-8E71-4DFB7378C56F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {63CD6880-5052-4679-9DEF-7453F12413EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-03] (Facebook Inc.)
Task: {6D5878E9-0E82-4BCB-9D89-E0839973C997} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {71296CFF-CB66-4E1B-8A88-E4126F271067} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {8215CB46-F388-44F1-BA63-599FED8CB1D3} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {91A534DC-D3CB-4A32-83E4-5704A6001687} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-07-29] (PC Utilities Software Limited) <==== ATTENTION
Task: {A4F5BA8C-E9BB-4B2D-AAEC-1BC347B925FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-25] (Adobe Systems Incorporated)
Task: {A88857FE-F4B7-4B6B-916C-690D817155B3} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {B7562B8E-9DBF-4817-B144-39DC19E08C9C} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: {BB45F6D2-157E-47D7-A26B-5F703661E8BE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-03] (Facebook Inc.)
Task: {BEC78F7C-871D-4548-9B78-F98F088272D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF865694-7106-481C-8AFA-B933FDA4BA23} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: {D2A21310-4744-4ED6-AC3E-117DD902C715} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-21] (Hewlett-Packard Company)
Task: {DF293CE5-60BB-4800-BD60-5D65399F7805} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {DFEA982E-9F26-4D3D-AE26-2AEE99B406BF} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {F0C282FA-3D5B-4BFE-AA71-F255A24111CF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-03-31] () <==== ATTENTION
Task: {FDD05C01-2E66-4FB7-A07D-15BD7B1B8D2F} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-04-29] (PC Drivers Headquarters)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core.job => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA.job => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job => C:\Program Files (x86)\Norton PC Checkup 3.0\NLAppLauncher.exe
Task: C:\Windows\Tasks\PC_Booster-S-493389286.job => c:\programdata\trusted publisher\pc_booster\PC_Booster.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2010-01-18 16:04 - 2010-01-18 16:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 01082880 _____ () c:\programdata\trusted publisher\pc_booster\PC_Booster.exe
2010-01-20 17:20 - 2010-01-20 17:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2013-04-29 12:26 - 2013-04-29 12:26 - 00653704 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\ThemePack.DriverRestore.dll
2013-04-29 11:52 - 2013-04-29 11:52 - 00326048 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\Agent.Communication.XmlSerializers.dll
2014-07-22 07:07 - 2014-07-22 07:07 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-07-22 07:02 - 2014-07-22 07:02 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2010-03-09 15:34 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-21 02:48 - 2010-06-21 02:48 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-01-22 11:30 - 2010-01-22 11:30 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/02/2014 05:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x638
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/02/2014 05:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msnmsgr.exe, version: 14.0.8089.726, time stamp: 0x4a6ce533
Faulting module name: msnmsgr.exe, version: 14.0.8089.726, time stamp: 0x4a6ce533
Exception code: 0xc0000005
Fault offset: 0x0019d071
Faulting process id: 0xb00
Faulting application start time: 0xmsnmsgr.exe0
Faulting application path: msnmsgr.exe1
Faulting module path: msnmsgr.exe2
Report Id: msnmsgr.exe3
 
Error: (09/01/2014 11:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d
Faulting module name: NPSWF32_14_0_0_145.dll_unloaded, version: 0.0.0.0, time stamp: 0x53aa1b9a
Exception code: 0xc0000005
Fault offset: 0x6ea7f981
Faulting process id: 0x218
Faulting application start time: 0xWebKit2WebProcess.exe0
Faulting application path: WebKit2WebProcess.exe1
Faulting module path: WebKit2WebProcess.exe2
Report Id: WebKit2WebProcess.exe3
 
Error: (09/01/2014 08:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x708
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:36:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x680
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:34:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x52c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:29:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x754
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/01/2014 05:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x41c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/29/2014 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 805199
 
Error: (08/29/2014 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 805199
 
 
System errors:
=============
Error: (09/03/2014 07:06:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/03/2014 07:05:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/03/2014 07:05:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (09/03/2014 07:04:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/03/2014 07:04:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (09/02/2014 07:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/02/2014 07:08:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (09/02/2014 07:07:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/02/2014 07:07:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/02/2014 07:07:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Turion™ II P520 Dual-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 3834.9 MB
Available physical RAM: 2207.58 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 5458.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:275.87 GB) (Free:15.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.92 GB) (Free:3.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F1977E89)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================
 
 
"How is the computer running now?" None of the popups are coming now but I'd have to restart the machine to know for sure because that's when most of them happened. Thanks, Joe.

I've learned blood is not thicker than money. 

 


#14 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:13 AM

Posted 07 September 2014 - 10:12 AM

Hello Twin B,
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop, in your case Running from C:\Users\Elise\Downloads) as fixlist.txt

 
start
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
EmptyTemp:
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.



***


FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 Twin B

Twin B
  • Topic Starter

  • Members
  • 233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:06:13 PM

Posted 07 September 2014 - 10:39 AM

Log after I ran FRST with the 'fix' button:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by Elise at 2014-09-07 09:21:55 Run:1
Running from C:\Users\Elise\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
EmptyTemp:
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC}" => Key not found.
gupdate => Service deleted successfully.
gupdatem => Service deleted successfully.
EmptyTemp: => Removed 16.8 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Elise (administrator) on DAVIS-PC on 07-09-2014 09:29:11
Running from C:\Users\Elise\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Facebook) C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] => C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-05-18] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Facebook Update] => C:\Users\Elise\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-03] (Facebook Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-28] (Google Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [Driver Restore] => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [3598712 2013-04-29] (PC Drivers Headquarters)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2675101617-3368369058-924250244-1001\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKCU - {EA9D37F0-EFFC-48C7-AFBC-BA8073D648CC} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Elise\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Elise\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-08]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-09-09]
FF HKCU\...\Firefox\Extensions: [speedtest199@BestOffers] - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
FF Extension: Speed Test - C:\Users\Elise\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers [2014-08-06]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR NewTab: Profile 1 -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"
CHR Profile: C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-25]
CHR Extension: (Google Drive) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-06]
CHR Extension: (YouTube) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd [2014-08-06]
CHR Extension: (Google Search) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-25]
CHR Extension: (Speed Dial) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2014-01-25]
CHR Extension: (Chrome to Mobile) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-26]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido [2014-08-06]
CHR Extension: (Fantasy Ocean Theme [FVD]) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkddicbjcpofnodmnjdanbnaphfjifdf [2014-01-25]
CHR Extension: (Google Wallet) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
CHR Extension: (Gmail) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-25]
CHR Extension: (SAVeMasS) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmedbkgdocmbakmijnefpnpaeldcemjd\1.0 [2014-08-06]
CHR Extension: (PriceCHop) - C:\Users\Elise\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\minceiafoihijggfalpennhcmkmbcido\1.0 [2014-08-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-11] (Symantec Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 08:24 - 2014-09-07 08:24 - 00001361 _____ () C:\Users\Elise\Desktop\JRT.txt
2014-09-07 08:17 - 2014-09-07 08:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-07 08:16 - 2014-09-07 08:16 - 01016261 _____ (Thisisu) C:\Users\Elise\Downloads\JRT.exe
2014-09-07 08:12 - 2014-09-07 08:12 - 00024390 _____ () C:\Users\Elise\Desktop\AdwCleaner[S0].txt
2014-09-07 08:09 - 2014-09-07 09:26 - 00000012 ____H () C:\dvmexp.idx
2014-09-07 08:09 - 2014-09-07 08:09 - 00000000 ___HD () C:\dvmexp
2014-09-07 08:08 - 2014-09-07 08:09 - 00000000 ____D () C:\temp
2014-09-04 08:57 - 2014-09-07 08:07 - 00000000 ____D () C:\AdwCleaner
2014-09-04 08:56 - 2014-09-04 08:56 - 01370467 _____ () C:\Users\Elise\Downloads\AdwCleaner.exe
2014-09-04 08:35 - 2014-09-04 08:36 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1-1.07.0.1012.exe
2014-09-03 19:21 - 2014-09-03 19:21 - 00045903 _____ () C:\Users\Elise\Downloads\Addition.txt
2014-09-03 19:19 - 2014-09-07 09:29 - 00021210 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-03 19:19 - 2014-09-07 09:29 - 00000000 ____D () C:\FRST
2014-09-03 19:18 - 2014-09-03 19:19 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-02 19:54 - 2014-09-02 19:58 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:54 - 2014-09-02 19:58 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:17 - 2014-09-02 19:18 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 18:44 - 2014-09-04 08:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-02 18:41 - 2014-09-04 08:56 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-02 18:37 - 2014-09-02 18:39 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 17:37 - 2014-09-02 17:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-01 21:41 - 2014-09-02 17:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-01 21:41 - 2014-09-02 13:14 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:39 - 2014-09-01 21:40 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:27 - 2014-09-01 20:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 17:18 - 2014-09-02 17:31 - 00000000 ____D () C:\Windows\pss
2014-09-01 12:31 - 2014-09-01 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-08-29 09:09 - 2014-09-02 17:40 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-29 09:09 - 2014-09-02 17:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-29 09:04 - 2014-08-29 09:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 08:53 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-29 08:53 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-29 08:53 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-29 08:53 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-29 08:53 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-29 08:52 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-29 08:52 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 10:52 - 2014-09-04 08:39 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 10:52 - 2014-09-04 08:38 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 10:52 - 2014-09-02 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-28 10:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 22:51 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-27 22:51 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-27 22:47 - 2014-07-25 06:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-27 22:47 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-27 22:47 - 2014-07-15 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-27 22:47 - 2014-07-15 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-27 22:47 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-27 22:47 - 2014-06-03 04:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-27 22:47 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-27 22:47 - 2014-06-03 03:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-27 22:47 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-27 22:46 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 22:46 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 22:46 - 2014-08-22 18:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 22:46 - 2014-07-31 17:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 22:46 - 2014-07-31 17:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-27 22:46 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 22:46 - 2014-07-25 08:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 08:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-27 22:46 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-27 22:46 - 2014-07-25 07:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 22:46 - 2014-07-25 07:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 22:46 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 07:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 07:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 22:46 - 2014-07-25 07:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-27 22:46 - 2014-07-25 07:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 22:46 - 2014-07-25 07:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-27 22:46 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-27 22:46 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-27 22:46 - 2014-07-25 06:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-27 22:46 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-27 22:46 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-27 22:46 - 2014-07-25 06:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 22:46 - 2014-07-25 06:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 22:46 - 2014-07-25 06:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-27 22:46 - 2014-07-25 06:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 06:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-27 22:46 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-27 22:46 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-27 22:46 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-27 22:46 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-27 22:46 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 22:46 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-27 22:46 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-27 22:46 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 22:46 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-27 22:46 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-27 22:46 - 2014-07-25 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-27 22:46 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-27 22:46 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 22:46 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-27 22:46 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-27 22:46 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:31 - 2014-08-27 22:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:26 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 22:26 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 22:26 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 22:26 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 22:26 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 22:26 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 22:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 22:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 09:30 - 2014-09-03 19:19 - 00021210 _____ () C:\Users\Elise\Downloads\FRST.txt
2014-09-07 09:29 - 2014-09-03 19:19 - 00000000 ____D () C:\FRST
2014-09-07 09:26 - 2014-09-07 08:09 - 00000012 ____H () C:\dvmexp.idx
2014-09-07 09:26 - 2014-08-06 00:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-07 09:26 - 2013-03-03 21:17 - 00000000 ____D () C:\Users\Elise\Tracing
2014-09-07 09:26 - 2011-10-28 22:02 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 09:25 - 2010-06-21 02:53 - 00406796 _____ () C:\Windows\PFRO.log
2014-09-07 09:25 - 2010-06-21 02:50 - 01339881 _____ () C:\Windows\WindowsUpdate.log
2014-09-07 09:25 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 09:25 - 2009-07-13 22:51 - 00069827 _____ () C:\Windows\setupact.log
2014-09-07 09:21 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-07 09:15 - 2013-03-03 21:05 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Skype
2014-09-07 08:59 - 2012-07-28 21:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 08:59 - 2011-10-28 22:02 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 08:24 - 2014-09-07 08:24 - 00001361 _____ () C:\Users\Elise\Desktop\JRT.txt
2014-09-07 08:17 - 2014-09-07 08:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-07 08:16 - 2014-09-07 08:16 - 01016261 _____ (Thisisu) C:\Users\Elise\Downloads\JRT.exe
2014-09-07 08:16 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-07 08:16 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-07 08:12 - 2014-09-07 08:12 - 00024390 _____ () C:\Users\Elise\Desktop\AdwCleaner[S0].txt
2014-09-07 08:09 - 2014-09-07 08:09 - 00000000 ___HD () C:\dvmexp
2014-09-07 08:09 - 2014-09-07 08:08 - 00000000 ____D () C:\temp
2014-09-07 08:07 - 2014-09-04 08:57 - 00000000 ____D () C:\AdwCleaner
2014-09-07 08:05 - 2011-10-12 22:33 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001UA.job
2014-09-07 07:28 - 2014-08-06 00:34 - 00003250 _____ () C:\Windows\System32\Tasks\PC Performer Logon Scan
2014-09-07 07:28 - 2009-07-13 20:34 - 00000466 _____ () C:\Windows\win.ini
2014-09-06 21:33 - 2011-10-12 22:32 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2675101617-3368369058-924250244-1001Core.job
2014-09-06 10:11 - 2009-07-13 23:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 12:41 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-09-04 08:56 - 2014-09-04 08:56 - 01370467 _____ () C:\Users\Elise\Downloads\AdwCleaner.exe
2014-09-04 08:56 - 2014-09-02 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-04 08:56 - 2014-09-02 18:41 - 00000000 ____D () C:\Users\Elise\Desktop\mbar
2014-09-04 08:39 - 2014-08-28 10:52 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 08:38 - 2014-08-28 10:52 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-04 08:36 - 2014-09-04 08:35 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1-1.07.0.1012.exe
2014-09-03 19:21 - 2014-09-03 19:21 - 00045903 _____ () C:\Users\Elise\Downloads\Addition.txt
2014-09-03 19:19 - 2014-09-03 19:18 - 02104832 _____ (Farbar) C:\Users\Elise\Downloads\FRST64.exe
2014-09-03 19:17 - 2014-09-03 19:17 - 01096704 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2014-09-03 19:08 - 2014-09-03 19:08 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck-1.exe
2014-09-02 20:04 - 2011-05-18 14:38 - 00000000 ____D () C:\Users\Elise\AppData\Local\Apple Computer
2014-09-02 19:58 - 2014-09-02 19:54 - 00025760 _____ () C:\Users\Elise\Desktop\dds.txt
2014-09-02 19:58 - 2014-09-02 19:54 - 00019951 _____ () C:\Users\Elise\Desktop\attach.txt
2014-09-02 19:50 - 2014-09-02 19:50 - 00688992 ____R (Swearware) C:\Users\Elise\Downloads\dds.com
2014-09-02 19:18 - 2014-09-02 19:17 - 00002658 _____ () C:\Users\Elise\Desktop\Rkill.txt
2014-09-02 18:39 - 2014-09-02 18:37 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Elise\Downloads\mbar-1.07.0.1012.exe
2014-09-02 18:35 - 2010-09-13 17:19 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-09-02 18:21 - 2014-09-02 18:21 - 00854417 _____ () C:\Users\Elise\Downloads\SecurityCheck.exe
2014-09-02 17:46 - 2014-09-01 21:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-02 17:40 - 2014-08-29 09:09 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-02 17:40 - 2014-08-29 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-02 17:40 - 2014-08-28 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-02 17:38 - 2014-09-02 17:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-3.0.2.1012.exe
2014-09-02 17:31 - 2014-09-01 17:18 - 00000000 ____D () C:\Windows\pss
2014-09-02 13:14 - 2014-09-01 21:41 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-01 21:41 - 2014-09-01 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-01 21:40 - 2014-09-01 21:39 - 19021464 _____ (SUPERAntiSpyware) C:\Users\Elise\Downloads\SUPERAntiSpyware.exe
2014-09-01 20:28 - 2014-09-01 20:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-2.0.2.1012.exe
2014-09-01 12:32 - 2014-09-01 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2-1.0.2.1012.exe
2014-09-01 12:26 - 2009-07-13 22:45 - 00366808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 09:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-29 09:05 - 2014-08-29 09:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elise\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 09:05 - 2010-04-25 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 09:00 - 2013-08-27 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-29 08:56 - 2010-09-09 11:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-28 22:16 - 2010-04-25 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-28 15:02 - 2014-08-28 15:02 - 00000490 _____ () C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieUserList
2014-08-28 11:05 - 2014-08-28 11:05 - 00000000 __SHD () C:\Users\Elise\AppData\Local\EmieSiteList
2014-08-28 10:52 - 2011-05-18 14:46 - 00000000 ____D () C:\Users\Elise\AppData\Roaming\Malwarebytes
2014-08-28 10:52 - 2010-09-09 16:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 22:33 - 2014-08-27 22:33 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-27 22:33 - 2014-08-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-27 22:33 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 22:31 - 2014-08-27 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup.exe
2014-08-27 22:20 - 2014-08-27 22:20 - 00248184 _____ (Fusion Install ) C:\Users\Elise\Downloads\flashplayerpro_Setup (1).exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00730112 _____ (Load With) C:\Users\Elise\Downloads\Father King - Emancipator HD.mp3.exe
2014-08-22 20:07 - 2014-08-27 22:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 19:45 - 2014-08-27 22:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 18:59 - 2014-08-27 22:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 00:33
 
==================== End Of Log =============
 
 
After I ran FRST with the 'fix' button and then rebooted, these messages appeared before I ran FRST the second time:
 
User Account Control: Do you want jucheck.exe to make changes? (I clicked no)
Do you want Java auto updater to make changes? (I clicked no)

Edited by Twin B, 07 September 2014 - 10:59 AM.

I've learned blood is not thicker than money. 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users