Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pcspeedboost will not go away


  • This topic is locked This topic is locked
17 replies to this topic

#1 moon5252

moon5252

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 03 September 2014 - 04:16 PM

HELP.  I have done everything under the sun to get rid of this and nothing has worked.  A friend managed to get this on his computer and I have been trying for two weeks to get rid of it.  Was not able to get rid of it via a Restore Point because he waited too long and none of the restore points went back far enough.  I was unable to uninstall it either through Windows 7 Uninstall or any other uninstall custom program.  I went through the registry and actually deleted Pcspeedboost and still it returned.  I ran Malware Bytes, Spybot, Adaware and junk tool removal and still it comes back.  I cannot for the life of me find the file or files where it keeps reanimating itself.  I ran all the programs in safe mode and nothing.  The logs from Adaware show the computer is clean as does the junk tool removal.  I am hoping that someone can point me in the right direction so we don't have to reinstall windows 7.  Thanks



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:08:16 PM

Posted 04 September 2014 - 05:59 PM

Hello 

moon5252

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 04 September 2014 - 09:24 PM

Thanks.  I have printed out the instructions and it will be a few days until I can get over to their house and implement this.  As soon as I do, I will post the results.  Thanks again.



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:08:16 PM

Posted 08 September 2014 - 07:12 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 10 September 2014 - 10:15 AM

Hi still here.  I am headed over to their house this very morning and will post it as soon as I run it on their computer.  



#6 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 10 September 2014 - 10:16 AM

I should have it posted within the next hour or so .... sorry for the delay but they have been out of town.  First chance I have to get access to their computer.  Thanks



#7 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 10 September 2014 - 11:30 AM

Here are the results of the scan and both items you requested.  Thank you so much for your help:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2014
Ran by Wbouman (administrator) on WBOUMAN-PC on 10-09-2014 09:23:32
Running from C:\Documents\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Corel, Inc.) C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CinemaNow, Inc.) C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\830\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Run: [Corel Photo Downloader] => C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [522752 2011-09-07] (Corel, Inc.)
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\MountPoints2: {1e46e149-f199-11df-9cd5-0019d145fcf9} - G:\LaunchU3.exe -a
Startup: C:\Users\Wbouman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-22]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [iYogi@iYogi.com] - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi
 
Chrome: 
=======
CHR CustomProfile: C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-16]
CHR Extension: (RealDownloader) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Anti-Banner) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-16]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [fpeifmajolhnfocdndkhkpbdiaohpnmg] - C:\Program Files\iYogi\iYogiPasswordManager\ChromeExtension\ChromeToolBar.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5058256 2014-06-27] (Carbonite, Inc. (www.carbonite.com))
R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [11264 2005-01-10] (VOB Computersysteme GmbH) [File not signed]
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-10-10] (AnchorFree Inc.)
S3 JL2005C; C:\Windows\System32\Drivers\jl2005c.sys [68730 2008-07-15] (Windows ® 2000 DDK provider) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-04-02] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-04-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-16] (Kaspersky Lab ZAO)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171008 2005-07-13] (Pinnacle Systems GmbH) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc)
S3 cpuz136; \??\C:\Users\Wbouman\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-10] (Kaspersky Lab ZAO)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 09:23 - 2014-09-10 09:23 - 00000000 ____D () C:\FRST
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:26 - 2009-06-10 14:39 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140903-102636.backup
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:07 - 2014-08-28 07:09 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-27 23:42 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:42 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 13:16 - 2014-08-27 13:19 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:15 - 2014-08-27 13:18 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-25 11:48 - 2014-09-03 10:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-25 11:48 - 2014-08-25 11:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-08-25 11:26 - 2014-09-10 08:32 - 00000448 _____ () C:\Windows\setupact.log
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:21 - 2014-08-25 10:22 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:53 - 2014-09-03 10:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-25 09:36 - 2014-09-03 11:06 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 06:35 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 06:35 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 06:34 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 06:34 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:58 - 2014-08-20 11:59 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:49 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-08-17 18:19 - 2014-08-18 15:42 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-17 18:19 - 2014-08-17 18:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-17 18:18 - 2014-08-17 18:18 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-17 18:18 - 2014-08-17 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 14:43 - 2014-08-18 14:31 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 05:57 - 2014-08-25 15:15 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 05:16 - 2014-08-14 05:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:07 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:07 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 16:55 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 16:55 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 16:55 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 16:55 - 2014-07-25 06:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 16:55 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 16:55 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 16:55 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 16:55 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 16:55 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 16:55 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 16:55 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 16:55 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 16:55 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 16:55 - 2014-07-25 05:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 16:55 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 16:55 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 16:55 - 2014-07-25 04:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 16:55 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 16:55 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 16:55 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 16:55 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 16:55 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 16:55 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 16:55 - 2014-07-25 04:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 16:55 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 16:55 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 16:55 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 16:55 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 16:55 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 16:55 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 16:55 - 2014-07-13 18:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 16:55 - 2014-06-15 18:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 16:55 - 2014-06-15 18:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 16:55 - 2014-06-15 18:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 16:54 - 2014-08-06 18:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 16:54 - 2014-08-06 18:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 16:54 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 16:54 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 16:54 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 16:54 - 2014-06-03 02:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 16:54 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 09:23 - 2014-09-10 09:23 - 00000000 ____D () C:\FRST
2014-09-10 09:12 - 2012-04-11 08:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 09:12 - 2012-04-11 08:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 09:12 - 2011-07-12 10:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 08:55 - 2013-11-16 12:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-10 08:46 - 2009-12-12 18:38 - 01648053 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 08:40 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 08:40 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 08:32 - 2014-08-25 11:26 - 00000448 _____ () C:\Windows\setupact.log
2014-09-10 08:32 - 2010-02-02 23:22 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 08:32 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 20:27 - 2010-02-02 23:22 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 11:06 - 2014-08-25 09:36 - 00000000 ____D () C:\AdwCleaner
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:20 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-03 10:09 - 2014-08-25 09:53 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 08:28 - 2012-06-21 18:29 - 00000000 ____D () C:\Users\Wbouman\Documents\5 - Share with List
2014-08-28 07:33 - 2007-06-16 14:07 - 00000000 ____D () C:\Temp
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:10 - 2009-12-29 20:58 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Adobe
2014-08-28 07:09 - 2014-08-28 07:07 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-28 03:19 - 2009-07-13 21:33 - 00702416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 19:21 - 2014-06-05 16:54 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - All Jokes
2014-08-27 13:19 - 2014-08-27 13:16 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:18 - 2014-08-27 13:15 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-27 13:02 - 2012-10-19 20:32 - 00000000 ____D () C:\Users\Wbouman\Documents\Camtasia Studio
2014-08-27 08:01 - 2014-02-21 08:08 - 00000000 ____D () C:\Users\Wbouman\Documents\Z3 - Classes
2014-08-26 22:14 - 2010-01-02 22:12 - 00000000 ___RD () C:\Users\Wbouman\Documents\1 - Copy Video
2014-08-25 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2014-08-25 15:15 - 2014-08-15 05:57 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-25 11:51 - 2014-08-25 11:48 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:38 - 2014-05-04 08:24 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 11:00 - 2011-12-04 09:12 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Mozilla
2014-08-25 10:55 - 2012-10-20 20:55 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\CrashDumps
2014-08-25 10:55 - 2009-12-12 18:34 - 00000000 ____D () C:\Windows\Panther
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:22 - 2014-08-25 10:21 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2009-12-12 17:56 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 23:09 - 2009-12-21 04:38 - 00000000 ____D () C:\Users\Wbouman\Documents\4 - Walt
2014-08-22 18:46 - 2014-08-27 23:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 17:42 - 2014-08-27 23:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 17:54 - 2014-04-23 22:17 - 00000000 ____D () C:\Users\Wbouman\Documents\Icons
2014-08-20 17:25 - 2013-11-16 10:27 - 00000000 ____D () C:\Program Files\iYogi Support Dock
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:59 - 2014-08-20 11:58 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-20 11:12 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Wbouman\Documents\SolarCity
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-19 07:17 - 2009-12-30 14:01 - 00000000 ____D () C:\Users\Wbouman\Documents\1 - Copy Photos - 6-13-14
2014-08-19 05:41 - 2009-12-21 17:56 - 00000000 ____D () C:\Users\Wbouman\Documents\Law Enforcement
2014-08-18 19:49 - 2009-12-18 21:43 - 00224728 _____ () C:\Users\Wbouman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 15:42 - 2014-08-17 18:19 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-18 14:59 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-18 14:52 - 2011-06-30 23:23 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-18 14:52 - 2011-06-30 23:22 - 00000000 ____D () C:\Program Files\Yahoo!
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:48 - 2013-11-16 13:09 - 00000000 ____D () C:\Program Files\iYogi
2014-08-18 14:31 - 2014-08-17 14:43 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-18 01:13 - 2011-01-21 11:52 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Deployment
2014-08-18 01:10 - 2014-02-20 08:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Z2 - Every Day Forms Used
2014-08-17 18:19 - 2014-08-17 18:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-17 18:18 - 2014-08-17 18:18 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-17 18:18 - 2014-08-17 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 16:10 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-17 15:10 - 2014-06-07 03:33 - 00043008 ____H () C:\Users\Wbouman\Documents\~WRL0250.tmp
2014-08-17 09:03 - 2011-11-02 06:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Trains
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 06:31 - 2013-11-03 09:25 - 00000000 ____D () C:\Users\Wbouman\Documents\3 - Terrorism Info
2014-08-15 06:29 - 2010-08-11 07:20 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - Information
2014-08-15 06:23 - 2013-09-14 11:36 - 00000000 ____D () C:\Users\Wbouman\Documents\Home Co
2014-08-15 06:10 - 2014-07-19 20:47 - 00000000 ____D () C:\Users\Wbouman\Documents\Military
2014-08-15 06:05 - 2011-05-11 20:49 - 00000000 ____D () C:\Users\Wbouman\Documents\Vehicles
2014-08-15 06:02 - 2014-06-11 11:10 - 00000000 ____D () C:\Users\Wbouman\Documents\Classes
2014-08-15 05:55 - 2014-02-21 08:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Z4 - Quotes
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 18:25 - 2014-06-05 16:55 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - Poems
2014-08-14 05:21 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:53 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 03:34 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 03:17 - 2010-01-16 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:16 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:11 - 2009-12-19 12:17 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 17:51 - 2011-10-19 19:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-13 17:51 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-03 12:00
 
==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2014
Ran by Wbouman (administrator) on WBOUMAN-PC on 10-09-2014 09:23:32
Running from C:\Documents\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Corel, Inc.) C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CinemaNow, Inc.) C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\830\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Run: [Corel Photo Downloader] => C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [522752 2011-09-07] (Corel, Inc.)
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\MountPoints2: {1e46e149-f199-11df-9cd5-0019d145fcf9} - G:\LaunchU3.exe -a
Startup: C:\Users\Wbouman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-22]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [iYogi@iYogi.com] - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi
 
Chrome: 
=======
CHR CustomProfile: C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-16]
CHR Extension: (RealDownloader) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Anti-Banner) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-16]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [fpeifmajolhnfocdndkhkpbdiaohpnmg] - C:\Program Files\iYogi\iYogiPasswordManager\ChromeExtension\ChromeToolBar.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5058256 2014-06-27] (Carbonite, Inc. (www.carbonite.com))
R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [11264 2005-01-10] (VOB Computersysteme GmbH) [File not signed]
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-10-10] (AnchorFree Inc.)
S3 JL2005C; C:\Windows\System32\Drivers\jl2005c.sys [68730 2008-07-15] (Windows ® 2000 DDK provider) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-04-02] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-04-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-16] (Kaspersky Lab ZAO)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171008 2005-07-13] (Pinnacle Systems GmbH) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc)
S3 cpuz136; \??\C:\Users\Wbouman\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-10] (Kaspersky Lab ZAO)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 09:23 - 2014-09-10 09:23 - 00000000 ____D () C:\FRST
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:26 - 2009-06-10 14:39 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140903-102636.backup
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:07 - 2014-08-28 07:09 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-27 23:42 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:42 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 13:16 - 2014-08-27 13:19 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:15 - 2014-08-27 13:18 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-25 11:48 - 2014-09-03 10:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-25 11:48 - 2014-08-25 11:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-08-25 11:26 - 2014-09-10 08:32 - 00000448 _____ () C:\Windows\setupact.log
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:21 - 2014-08-25 10:22 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:53 - 2014-09-03 10:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-25 09:36 - 2014-09-03 11:06 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 06:35 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 06:35 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 06:34 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 06:34 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:58 - 2014-08-20 11:59 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:49 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-08-17 18:19 - 2014-08-18 15:42 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-17 18:19 - 2014-08-17 18:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-17 18:18 - 2014-08-17 18:18 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-17 18:18 - 2014-08-17 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 14:43 - 2014-08-18 14:31 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 05:57 - 2014-08-25 15:15 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 05:16 - 2014-08-14 05:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:07 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:07 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 16:55 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 16:55 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 16:55 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 16:55 - 2014-07-25 06:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 16:55 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 16:55 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 16:55 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 16:55 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 16:55 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 16:55 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 16:55 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 16:55 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 16:55 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 16:55 - 2014-07-25 05:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 16:55 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 16:55 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 16:55 - 2014-07-25 04:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 16:55 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 16:55 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 16:55 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 16:55 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 16:55 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 16:55 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 16:55 - 2014-07-25 04:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 16:55 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 16:55 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 16:55 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 16:55 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 16:55 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 16:55 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 16:55 - 2014-07-13 18:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 16:55 - 2014-06-15 18:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 16:55 - 2014-06-15 18:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 16:55 - 2014-06-15 18:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 16:54 - 2014-08-06 18:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 16:54 - 2014-08-06 18:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 16:54 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 16:54 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 16:54 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 16:54 - 2014-06-03 02:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 16:54 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 09:23 - 2014-09-10 09:23 - 00000000 ____D () C:\FRST
2014-09-10 09:12 - 2012-04-11 08:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 09:12 - 2012-04-11 08:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 09:12 - 2011-07-12 10:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 08:55 - 2013-11-16 12:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-10 08:46 - 2009-12-12 18:38 - 01648053 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 08:40 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 08:40 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 08:32 - 2014-08-25 11:26 - 00000448 _____ () C:\Windows\setupact.log
2014-09-10 08:32 - 2010-02-02 23:22 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 08:32 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 20:27 - 2010-02-02 23:22 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 11:06 - 2014-08-25 09:36 - 00000000 ____D () C:\AdwCleaner
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:20 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-03 10:09 - 2014-08-25 09:53 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 08:28 - 2012-06-21 18:29 - 00000000 ____D () C:\Users\Wbouman\Documents\5 - Share with List
2014-08-28 07:33 - 2007-06-16 14:07 - 00000000 ____D () C:\Temp
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:10 - 2009-12-29 20:58 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Adobe
2014-08-28 07:09 - 2014-08-28 07:07 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-28 03:19 - 2009-07-13 21:33 - 00702416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 19:21 - 2014-06-05 16:54 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - All Jokes
2014-08-27 13:19 - 2014-08-27 13:16 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:18 - 2014-08-27 13:15 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-27 13:02 - 2012-10-19 20:32 - 00000000 ____D () C:\Users\Wbouman\Documents\Camtasia Studio
2014-08-27 08:01 - 2014-02-21 08:08 - 00000000 ____D () C:\Users\Wbouman\Documents\Z3 - Classes
2014-08-26 22:14 - 2010-01-02 22:12 - 00000000 ___RD () C:\Users\Wbouman\Documents\1 - Copy Video
2014-08-25 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2014-08-25 15:15 - 2014-08-15 05:57 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-25 11:51 - 2014-08-25 11:48 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:38 - 2014-05-04 08:24 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 11:00 - 2011-12-04 09:12 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Mozilla
2014-08-25 10:55 - 2012-10-20 20:55 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\CrashDumps
2014-08-25 10:55 - 2009-12-12 18:34 - 00000000 ____D () C:\Windows\Panther
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:22 - 2014-08-25 10:21 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2009-12-12 17:56 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 23:09 - 2009-12-21 04:38 - 00000000 ____D () C:\Users\Wbouman\Documents\4 - Walt
2014-08-22 18:46 - 2014-08-27 23:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 17:42 - 2014-08-27 23:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 17:54 - 2014-04-23 22:17 - 00000000 ____D () C:\Users\Wbouman\Documents\Icons
2014-08-20 17:25 - 2013-11-16 10:27 - 00000000 ____D () C:\Program Files\iYogi Support Dock
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:59 - 2014-08-20 11:58 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-20 11:12 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Wbouman\Documents\SolarCity
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-19 07:17 - 2009-12-30 14:01 - 00000000 ____D () C:\Users\Wbouman\Documents\1 - Copy Photos - 6-13-14
2014-08-19 05:41 - 2009-12-21 17:56 - 00000000 ____D () C:\Users\Wbouman\Documents\Law Enforcement
2014-08-18 19:49 - 2009-12-18 21:43 - 00224728 _____ () C:\Users\Wbouman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 15:42 - 2014-08-17 18:19 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-18 14:59 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-18 14:52 - 2011-06-30 23:23 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-18 14:52 - 2011-06-30 23:22 - 00000000 ____D () C:\Program Files\Yahoo!
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:48 - 2013-11-16 13:09 - 00000000 ____D () C:\Program Files\iYogi
2014-08-18 14:31 - 2014-08-17 14:43 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-18 01:13 - 2011-01-21 11:52 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Deployment
2014-08-18 01:10 - 2014-02-20 08:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Z2 - Every Day Forms Used
2014-08-17 18:19 - 2014-08-17 18:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-17 18:18 - 2014-08-17 18:18 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-17 18:18 - 2014-08-17 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 16:10 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-17 15:10 - 2014-06-07 03:33 - 00043008 ____H () C:\Users\Wbouman\Documents\~WRL0250.tmp
2014-08-17 09:03 - 2011-11-02 06:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Trains
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 06:31 - 2013-11-03 09:25 - 00000000 ____D () C:\Users\Wbouman\Documents\3 - Terrorism Info
2014-08-15 06:29 - 2010-08-11 07:20 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - Information
2014-08-15 06:23 - 2013-09-14 11:36 - 00000000 ____D () C:\Users\Wbouman\Documents\Home Co
2014-08-15 06:10 - 2014-07-19 20:47 - 00000000 ____D () C:\Users\Wbouman\Documents\Military
2014-08-15 06:05 - 2011-05-11 20:49 - 00000000 ____D () C:\Users\Wbouman\Documents\Vehicles
2014-08-15 06:02 - 2014-06-11 11:10 - 00000000 ____D () C:\Users\Wbouman\Documents\Classes
2014-08-15 05:55 - 2014-02-21 08:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Z4 - Quotes
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 18:25 - 2014-06-05 16:55 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - Poems
2014-08-14 05:21 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:53 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 03:34 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 03:17 - 2010-01-16 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:16 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:11 - 2009-12-19 12:17 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 17:51 - 2011-10-19 19:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-13 17:51 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-03 12:00
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-09-2014
Ran by Wbouman at 2014-09-10 09:26:00
Running from C:\Documents\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Altova AltovaXML™ 2009   (HKLM\...\{64966F14-7709-48DF-9C36-36F95A3C7268}) (Version: 2009.00.00 - Altova)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM\...\{CDEE9830-92A2-4A65-8ED7-6804C865BA2F}) (Version:  - ArcSoft)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 5 (HKLM\...\{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}) (Version: 5.1.0 - TechSmith Corporation)
Camtasia Studio 8 (HKLM\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation)
Carbonite (HKLM\...\Carbonite Backup) (Version: 5.5.5 build 4151  (Jun-27-2014) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CinemaNow Media Manager (HKLM\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.0.63 - CinemaNow, Inc.)
Corel Applications (HKLM\...\Corel Applications) (Version:  - )
Corel Painter Photo Essentials 4 (HKLM\...\_{707EB912-C597-49D8-9460-46CC9AB03EBE}) (Version:  - Corel Corporation)
Corel Painter Photo Essentials 4 (Version: 4.1 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.98 - Corel Corporation)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000 - Corel Corporation) Hidden
Corel WordPerfect Suite 8 (HKLM\...\Corel WordPerfect Suite 8) (Version:  - )
DesignPro 5 (HKLM\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (Version: 5.5.708 - Avery Dennison) Hidden
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DiscAPI (Studio 10) (Version: 2.10.0081 - Pinnacle Systems) Hidden
eRepair Excel 1.0 (HKLM\...\eRepair Excel_is1) (Version:  - Recovery Toolbox, Inc.)
Garmin City Navigator North America NT 2011.30 Update (HKLM\...\{C505742A-0F8E-467B-8763-31588A777BC2}) (Version: 14.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 10.2.0.830 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version:  - )
ICA (Version: 1.6.1.98 - Corel Corporation) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IPM_PSP_Pro (Version: 1.00.0000 - Corel Corporation) Hidden
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java™ 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.330 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kaspersky PURE 3.0 (HKLM\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (Version: 13.0.2.558 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mind Visualizer (HKLM\...\Mind Visualizer_is1) (Version:  - InnovationGear.com)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nmap 5.51 (HKLM\...\Nmap) (Version:  - )
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PSPPContent (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (Version: 13.0.0 - Corel Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RAPID (Studio 10) (Version: 1.00.0022 - Pinnacle Systems) Hidden
RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.1 - Roxio) Hidden
Roxio Burn (Version: 1.0.0 - Roxio) Hidden
Roxio Burn Manager (Version: 1.0.0 - Roxio) Hidden
Roxio Burn Manager CDB (Version: 1.0 - Roxio) Hidden
Roxio CinePlayer (Version: 5.3 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (Version: 4.3.0 - Roxio) Hidden
Roxio Creator 2010 (HKLM\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.0 - Roxio)
Roxio Creator 2010 (Version: 1.2.193 - Roxio) Hidden
Roxio Creator 2010 (Version: 5.0.0 - Roxio) Hidden
Roxio Creator 2010 Content (Version: 12.0.013 - Roxio) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
Roxio PhotoShow (HKLM\...\Roxio PhotoShow) (Version: 6.0 - Roxio)
Roxio Venue (Version: 2.2.170 - Sonic Solutions) Hidden
Roxio Video Capture USB (Version: 1.22.0000 - Roxio) Hidden
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Setup (Version: 1.6.1.98 - Corel Corporation) Hidden
Shockwave (HKLM\...\Shockwave) (Version:  - )
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.2.7 - SmartSound Software Inc) Hidden
SolidWorks eDrawings 2011 (HKLM\...\{0B67D40E-01ED-43FC-8BD8-9CD284550766}) (Version: 11.4.113 - Dassault Systèmes SolidWorks Corp.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Studio 10 (HKLM\...\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}) (Version: 10.6 - Pinnacle Systems)
The Print Shop Home and Office Labels (HKLM\...\{909FDB94-8511-47D3-AF00-EEA27FA11E73}) (Version:  - Broderbund LLC)
Uninstall Digital Binoculars Driver (HKLM\...\Digital Binoculars_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
YTD Video Downloader 4.8.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.2 - GreenTree Applications SRL)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1900336560-2753421092-3833253684-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\457\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Restore Points  =========================
 
03-09-2014 15:32:41 Windows Update
10-09-2014 15:39:12 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:04 - 2014-09-03 10:26 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D161730-9407-43B1-B00B-392FE252BE4B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {128C4597-D3EA-49B7-B805-3E72E9D27C17} - System32\Tasks\PCSB_Wbouman_PCSpeedBoost_LogonTask => C:\Program Files\PC SpeedBoost\PCSpeedBoost.exe [2014-08-12] ()
Task: {22537ACE-F2C0-4EEC-B404-FB64108244AB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {27DD5298-0C41-4B01-B255-FE3D59E34A1C} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {33C5A2B1-CE19-49F7-B799-5E173769F17B} - System32\Tasks\PCSB_Wbouman_PCSpeedBoost_RS_DailyTask => C:\Program Files\PC SpeedBoost\PCSpeedBoost.exe [2014-08-12] ()
Task: {3ECE3FDD-CA20-4B6E-A72E-2ADD26BCCF2F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {4B798BB7-E8A7-4B43-BD53-9FF8C5D3B216} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7D3183AC-2402-46B9-9DA1-849ADD5C1EB7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {8F621C38-9930-4672-8A67-68F2B09372CF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {98F2223C-AF3A-4D04-94FE-1DA537DE4B4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02] (Google Inc.)
Task: {A95AB61C-A7F7-4811-A4ED-531754FF8D3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C3009019-33D1-49D5-A5E0-587544BC9E60} - System32\Tasks\PCSB_Wbouman_PCSpeedBoost_RS_WeeklyTask => C:\Program Files\PC SpeedBoost\PCSpeedBoost.exe [2014-08-12] ()
Task: {CAE7223B-3A1B-4CC9-B500-CE8C881CB356} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {D0D19E8A-6AC2-4529-A0E2-4E8BF3BFD2AB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D197E3F3-36F4-4BD9-8486-4510009C9D34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {DD9D2DAC-2039-46E9-8924-9452F3A50DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {F5330E98-2506-4A12-B2BC-DC9BB01CD863} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02] (Google Inc.)
Task: {F80E53EA-E912-410E-9011-7ED79580899D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1900336560-2753421092-3833253684-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-12 03:04 - 2013-01-31 02:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2011-01-26 16:26 - 2007-09-14 09:58 - 00059904 _____ () C:\Program Files\ArcSoft\PhotoImpression 5\share\pihook.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-08-25 11:48 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-25 11:48 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-25 11:48 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-11-29 20:31 - 2012-11-29 20:31 - 00038608 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-08-25 11:48 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-25 11:48 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 00718152 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-14 16:32 - 2014-08-06 20:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: CPMonitor => "C:\Program Files\Roxio 2010\5.0\CPMonitor.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iYogi Support Dock => "C:\Program Files\iYogi Support Dock\SDStartup.exe" C:\Program Files\iYogi Support Dock\iYogiSupportDock.exe
MSCONFIG\startupreg: LaunchList => C:\Program Files\Pinnacle\Studio 10\LaunchList.exe
MSCONFIG\startupreg: PinnacleDriverCheck => C:\Windows\system32\\PSDrvCheck.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/03/2014 00:06:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/03/2014 00:05:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (09/03/2014 00:02:49 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
 
System errors:
=============
Error: (09/10/2014 08:34:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
 
Error: (09/03/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (09/03/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (09/03/2014 11:09:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
 
Error: (09/03/2014 11:03:18 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (09/03/2014 11:03:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (09/03/2014 11:03:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (09/03/2014 11:03:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (09/03/2014 11:03:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (09/03/2014 11:03:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/22/2014 07:50:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 53 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/21/2013 09:42:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (07/27/2013 10:19:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (07/27/2013 10:17:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (07/27/2013 10:17:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 78 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (07/27/2013 10:15:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8690 seconds with 2700 seconds of active time.  This session ended with a crash.
 
Error: (12/29/2012 09:49:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (11/28/2012 11:02:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14650 seconds with 1080 seconds of active time.  This session ended with a crash.
 
Error: (12/11/2011 07:45:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/06/2011 08:05:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-03 12:04:53.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.795
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.795
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-03 12:04:53.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 CPU 6420 @ 2.13GHz
Percentage of memory in use: 54%
Total physical RAM: 3069.92 MB
Available physical RAM: 1408.36 MB
Total Pagefile: 7673.21 MB
Available Pagefile: 5369.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.23 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:29.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 10000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=222.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:08:16 PM

Posted 10 September 2014 - 12:32 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   1.69KB   1 downloads

 

 

PcBoost still coming up?

 

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 10 September 2014 - 01:38 PM

Unfortunately your first set of instructions said nothing about pushing the FIX button first.  I almost did but I followed your first set of instructions according to what you wrote.  I am not at their house at the moment.  I will go back tomorrow or perhaps later today and run the 32 bit program again and this time push fix.  If I know what time you will be at your computer, I could make arrangements to go there at that time.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:08:16 PM

Posted 10 September 2014 - 03:32 PM

Just run the fix and reboot the machine and see if pcboost comes up. Then post the fix log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 10 September 2014 - 03:48 PM

Will do ... thanks .... will see if they will be home in the morning ...... thanks again  .... will keep you informed.



#12 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 September 2014 - 12:59 PM

I ran it again and it gave me this.  When I hit the fix button.  It gave me an error message that said that there was no fixlist found.  Ran it again and got the same message when I hit the fix button.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2014
Ran by Wbouman (administrator) on WBOUMAN-PC on 11-09-2014 10:52:36
Running from C:\Documents\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(CinemaNow, Inc.) C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Corel, Inc.) C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaws.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\830\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Run: [Corel Photo Downloader] => C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [522752 2011-09-07] (Corel, Inc.)
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1900336560-2753421092-3833253684-1000\...\MountPoints2: {1e46e149-f199-11df-9cd5-0019d145fcf9} - G:\LaunchU3.exe -a
Startup: C:\Users\Wbouman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
 
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-22]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-11-16]
FF HKLM\...\Firefox\Extensions: [iYogi@iYogi.com] - C:\Program Files\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi
 
Chrome: 
=======
CHR HomePage: Default -> FAA872E32D65878321C09AE39EB58BDD8DE9AD3E7FE6613EE16FC9F09A71ABC5
CHR DefaultSearchKeyword: Default -> 91A0EB8CDEE23CDA5C1E0C41656C3C20112BFF71034F7C9E462F32674B769AB9
CHR DefaultSearchProvider: Default -> 31683488F3AE4F52289C67091F965D1E252110306C808AF6D4CE4F39EA840C9C
CHR DefaultSearchURL: Default -> B0B8F449FC9BF7FE8C9AB082BEA0E0617BA18C5793CDA1041FD9EBA931D35766
CHR CustomProfile: C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-16]
CHR Extension: (RealDownloader) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Anti-Banner) - C:\Users\Wbouman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-16]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [fpeifmajolhnfocdndkhkpbdiaohpnmg] - C:\Program Files\iYogi\iYogiPasswordManager\ChromeExtension\ChromeToolBar.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-16] (Kaspersky Lab ZAO)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5058256 2014-06-27] (Carbonite, Inc. (www.carbonite.com))
R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [11264 2005-01-10] (VOB Computersysteme GmbH) [File not signed]
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-10-10] (AnchorFree Inc.)
S3 JL2005C; C:\Windows\System32\Drivers\jl2005c.sys [68730 2008-07-15] (Windows ® 2000 DDK provider) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-04-02] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-04-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-16] (Kaspersky Lab ZAO)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171008 2005-07-13] (Pinnacle Systems GmbH) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc)
S3 cpuz136; \??\C:\Users\Wbouman\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-10] (Kaspersky Lab ZAO)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 17:35 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 17:35 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 17:35 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 17:35 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 17:35 - 2014-08-18 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 17:35 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 17:35 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 17:35 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 17:35 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 17:35 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 17:35 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 17:35 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 17:35 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 17:35 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 17:35 - 2014-08-18 14:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 17:35 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 17:35 - 2014-08-18 14:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 17:35 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 17:35 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 17:35 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 17:35 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 17:35 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 17:35 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 17:35 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 17:35 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 17:35 - 2014-08-18 14:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 17:35 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 17:35 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 17:35 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 17:35 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 17:34 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 12:17 - 2014-09-04 18:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 12:17 - 2014-09-04 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 12:17 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 12:17 - 2014-07-06 18:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 12:17 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 12:17 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:23 - 2014-09-11 10:52 - 00000000 ____D () C:\FRST
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:26 - 2009-06-10 14:39 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140903-102636.backup
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:07 - 2014-08-28 07:09 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-27 23:42 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:42 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 13:16 - 2014-08-27 13:19 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:15 - 2014-08-27 13:18 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-25 11:48 - 2014-09-03 10:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-25 11:48 - 2014-08-25 11:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-08-25 11:26 - 2014-09-11 10:45 - 00000560 _____ () C:\Windows\setupact.log
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:21 - 2014-08-25 10:22 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:53 - 2014-09-03 10:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-25 09:36 - 2014-09-03 11:06 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:35 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 06:35 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 06:35 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 06:35 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 06:35 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 06:34 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 06:34 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:58 - 2014-08-20 11:59 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:49 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-08-17 18:19 - 2014-09-10 17:28 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-17 18:19 - 2014-08-18 15:42 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-17 18:18 - 2014-09-10 17:28 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-17 18:18 - 2014-09-10 17:28 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 14:43 - 2014-08-18 14:31 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 05:57 - 2014-08-25 15:15 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 05:16 - 2014-08-14 05:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:07 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:07 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:07 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 16:55 - 2014-07-13 18:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 16:55 - 2014-06-15 18:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 16:55 - 2014-06-15 18:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 16:55 - 2014-06-15 18:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 16:54 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 16:54 - 2014-07-08 18:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 16:54 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 16:54 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 16:54 - 2014-06-03 02:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 16:54 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 16:54 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-11 10:52 - 2014-09-10 09:23 - 00000000 ____D () C:\FRST
2014-09-11 10:51 - 2009-12-12 18:38 - 02045480 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 10:48 - 2013-11-16 12:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-11 10:46 - 2010-02-02 23:22 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-11 10:46 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 10:45 - 2014-08-25 11:26 - 00000560 _____ () C:\Windows\setupact.log
2014-09-11 10:27 - 2010-02-02 23:22 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-11 10:17 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 10:17 - 2009-07-13 21:34 - 00022256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 10:12 - 2012-04-11 08:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 09:51 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 17:34 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 17:29 - 2009-12-19 12:17 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 17:28 - 2014-08-17 18:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-10 17:28 - 2014-08-17 18:18 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 17:28 - 2014-08-17 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 17:27 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 17:24 - 2009-12-12 17:56 - 00774632 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 09:12 - 2012-04-11 08:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 09:12 - 2011-07-12 10:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-04 18:52 - 2014-09-10 12:17 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 18:47 - 2014-09-10 12:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 11:06 - 2014-08-25 09:36 - 00000000 ____D () C:\AdwCleaner
2014-09-03 10:49 - 2014-09-03 10:49 - 00001377 _____ () C:\Users\Wbouman\Desktop\JRT.txt
2014-09-03 10:42 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 10:20 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-03 10:09 - 2014-08-25 09:53 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 08:28 - 2012-06-21 18:29 - 00000000 ____D () C:\Users\Wbouman\Documents\5 - Share with List
2014-08-28 07:33 - 2007-06-16 14:07 - 00000000 ____D () C:\Temp
2014-08-28 07:10 - 2014-08-28 07:10 - 02990121 _____ () C:\Users\Wbouman\Documents\Texas Dad Acquitted in Shooting Death of Drunken Driver Who Killed 2 Son.wmv
2014-08-28 07:10 - 2009-12-29 20:58 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Adobe
2014-08-28 07:09 - 2014-08-28 07:07 - 18961717 _____ () C:\Users\Wbouman\Documents\Fresno Mom Worried About California's Hidden Gas Tax_ California Drivers Alliance.wmv
2014-08-28 03:19 - 2009-07-13 21:33 - 00702416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 19:21 - 2014-06-05 16:54 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - All Jokes
2014-08-27 13:19 - 2014-08-27 13:16 - 11095985 _____ () C:\Users\Wbouman\Documents\Drunk driver killed_ Texas father David Barajas accused of revenge killing man who ran over his sons.wmv
2014-08-27 13:18 - 2014-08-27 13:15 - 34877135 _____ () C:\Users\Wbouman\Documents\Father Accused Of Killing Drunk Driver Who Ran Down His Sons.wmv
2014-08-27 13:13 - 2014-08-27 13:13 - 01239499 _____ () C:\Users\Wbouman\Documents\Texas Dad Charged With Killing Driver Who Killed His Sons.wmv
2014-08-27 13:02 - 2012-10-19 20:32 - 00000000 ____D () C:\Users\Wbouman\Documents\Camtasia Studio
2014-08-27 08:01 - 2014-02-21 08:08 - 00000000 ____D () C:\Users\Wbouman\Documents\Z3 - Classes
2014-08-26 22:14 - 2010-01-02 22:12 - 00000000 ___RD () C:\Users\Wbouman\Documents\1 - Copy Video
2014-08-25 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2014-08-25 15:15 - 2014-08-15 05:57 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - 1-1st Airborne
2014-08-25 11:51 - 2014-08-25 11:48 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-25 11:48 - 2014-08-25 11:48 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-25 11:48 - 2014-08-25 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 11:38 - 2014-05-04 08:24 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-25 11:26 - 2014-08-25 11:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Thunderbird
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-25 11:00 - 2011-12-04 09:12 - 00000000 ____D () C:\Users\Wbouman\AppData\Roaming\Mozilla
2014-08-25 10:55 - 2012-10-20 20:55 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\CrashDumps
2014-08-25 10:55 - 2009-12-12 18:34 - 00000000 ____D () C:\Windows\Panther
2014-08-25 10:46 - 2014-08-25 10:46 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-25 10:46 - 2014-08-25 10:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 10:22 - 2014-08-25 10:21 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-08-25 09:35 - 2014-08-25 09:35 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:35 - 2014-08-25 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-24 23:09 - 2009-12-21 04:38 - 00000000 ____D () C:\Users\Wbouman\Documents\4 - Walt
2014-08-22 18:46 - 2014-08-27 23:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 17:42 - 2014-08-27 23:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 18:00 - 2014-08-20 18:00 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014 - 8-20-14.xlsx
2014-08-20 17:54 - 2014-04-23 22:17 - 00000000 ____D () C:\Users\Wbouman\Documents\Icons
2014-08-20 17:25 - 2013-11-16 10:27 - 00000000 ____D () C:\Program Files\iYogi Support Dock
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-20 12:48 - 2014-08-20 12:48 - 00002108 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-08-20 12:48 - 2014-08-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-08-20 11:59 - 2014-08-20 11:58 - 00000000 ____D () C:\Program Files\PC SpeedBoost
2014-08-20 11:12 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Wbouman\Documents\SolarCity
2014-08-19 10:39 - 2014-09-10 17:35 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 08:25 - 2014-08-19 08:25 - 00002563 _____ () C:\Users\Wbouman\Desktop\Camtasia Recorder 8.lnk
2014-08-19 07:17 - 2009-12-30 14:01 - 00000000 ____D () C:\Users\Wbouman\Documents\1 - Copy Photos - 6-13-14
2014-08-19 05:41 - 2009-12-21 17:56 - 00000000 ____D () C:\Users\Wbouman\Documents\Law Enforcement
2014-08-18 19:49 - 2009-12-18 21:43 - 00224728 _____ () C:\Users\Wbouman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 15:42 - 2014-08-17 18:19 - 00000124 _____ () C:\Users\Wbouman\Desktop\tech support.txt
2014-08-18 15:26 - 2014-09-10 17:35 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 15:08 - 2014-09-10 17:35 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 14:59 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-18 14:57 - 2014-09-10 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 14:57 - 2014-09-10 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 14:52 - 2011-06-30 23:23 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-18 14:52 - 2011-06-30 23:22 - 00000000 ____D () C:\Program Files\Yahoo!
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-08-18 14:50 - 2014-08-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-08-18 14:49 - 2014-08-18 14:49 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-18 14:48 - 2013-11-16 13:09 - 00000000 ____D () C:\Program Files\iYogi
2014-08-18 14:46 - 2014-09-10 17:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 14:45 - 2014-09-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 14:44 - 2014-09-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 14:44 - 2014-09-10 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 14:42 - 2014-09-10 17:35 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 14:39 - 2014-09-10 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 14:39 - 2014-09-10 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 14:37 - 2014-09-10 17:35 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 14:36 - 2014-09-10 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 14:36 - 2014-09-10 17:35 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 14:35 - 2014-09-10 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 14:31 - 2014-08-17 14:43 - 00000000 ____D () C:\Users\Wbouman\Documents\Animals
2014-08-18 14:30 - 2014-09-10 17:35 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 14:27 - 2014-09-10 17:35 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 14:22 - 2014-09-10 17:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 14:19 - 2014-09-10 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 14:17 - 2014-09-10 17:35 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 14:17 - 2014-09-10 17:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 14:15 - 2014-09-10 17:35 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 14:09 - 2014-09-10 17:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 14:08 - 2014-09-10 17:35 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 14:08 - 2014-09-10 17:35 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 14:07 - 2014-09-10 17:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 13:46 - 2014-09-10 17:35 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 13:38 - 2014-09-10 17:35 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 13:36 - 2014-09-10 17:35 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 01:13 - 2011-01-21 11:52 - 00000000 ____D () C:\Users\Wbouman\AppData\Local\Deployment
2014-08-18 01:10 - 2014-02-20 08:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Z2 - Every Day Forms Used
2014-08-17 16:38 - 2014-08-17 16:38 - 00000000 ____D () C:\Program Files\Techinline
2014-08-17 16:10 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-17 15:10 - 2014-06-07 03:33 - 00043008 ____H () C:\Users\Wbouman\Documents\~WRL0250.tmp
2014-08-17 09:03 - 2011-11-02 06:33 - 00000000 ____D () C:\Users\Wbouman\Documents\Trains
2014-08-15 08:07 - 2014-08-15 08:07 - 00069781 _____ () C:\Users\Wbouman\Documents\B2501Roster-CAT--08-2014.xlsx
2014-08-15 06:31 - 2013-11-03 09:25 - 00000000 ____D () C:\Users\Wbouman\Documents\3 - Terrorism Info
2014-08-15 06:29 - 2010-08-11 07:20 - 00000000 ____D () C:\Users\Wbouman\Documents\2 - Information
2014-08-15 06:23 - 2013-09-14 11:36 - 00000000 ____D () C:\Users\Wbouman\Documents\Home Co
2014-08-15 06:10 - 2014-07-19 20:47 - 00000000 ____D () C:\Users\Wbouman\Documents\Military
2014-08-15 06:05 - 2011-05-11 20:49 - 00000000 ____D () C:\Users\Wbouman\Documents\Vehicles
2014-08-15 06:02 - 2014-06-11 11:10 - 00000000 ____D () C:\Users\Wbouman\Documents\Classes
2014-08-15 05:55 - 2014-02-21 08:21 - 00000000 ____D () C:\Users\Wbouman\Documents\Z4 - Quotes
2014-08-15 04:27 - 2014-08-15 04:27 - 00377268 _____ () C:\Users\Wbouman\Documents\Mission Lights.mov
2014-08-14 18:25 - 2014-06-05 16:55 - 00000000 ____D () C:\Users\Wbouman\Documents\Z1 - Poems
2014-08-14 05:21 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Wbouman\Documents\Lighthouses
2014-08-14 03:17 - 2010-01-16 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 17:52 - 2014-08-13 17:52 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-13 17:52 - 2014-08-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-13 17:51 - 2014-08-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-08-13 17:51 - 2011-10-19 19:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-13 17:51 - 2010-05-02 20:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-03 12:00
 
==================== End Of Log ============================


#13 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 September 2014 - 01:01 PM

And Pcspeedboost. is still there ......



#14 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 September 2014 - 01:26 PM

I ran a search of the registry with the program and found these.  Should I delete them from the registry?

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{128C4597-D3EA-49B7-B805-3E72E9D27C17}]
"Path"="\PCSB_Wbouman_PCSpeedBoost_LogonTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33C5A2B1-CE19-49F7-B799-5E173769F17B}]
"Path"="\PCSB_Wbouman_PCSpeedBoost_RS_DailyTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3009019-33D1-49D5-A5E0-587544BC9E60}]
"Path"="\PCSB_Wbouman_PCSpeedBoost_RS_WeeklyTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCSB_Wbouman_PCSpeedBoost_LogonTask]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCSB_Wbouman_PCSpeedBoost_RS_DailyTask]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCSB_Wbouman_PCSpeedBoost_RS_WeeklyTask]
[HKEY_USERS\S-1-5-21-1900336560-2753421092-3833253684-1000\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="PCSpeedBoost.exe"


#15 moon5252

moon5252
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 September 2014 - 04:35 PM

I have deleted all of the above entries in the previous posting from the infected computer.  So far, after three reboots and waiting two hours, Pcspeedboost has not appeared.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users