Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware I can't get rid of.


  • This topic is locked This topic is locked
129 replies to this topic

#1 Ftron

Ftron

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 12 October 2014 - 10:15 AM

 
My computer is really acting crazy. Her is a list of some of the things that I see happening. It’s running windows 8.1
 
 
 
Operating system files like, Thumbs.db and desktop.ini keep showing up on my desktop, and when I plug in a USB drive they show up there.
 
 
 
I did go to option files and checked, Hide extensions for known file types, hide protected operating system files, and hide folder merge conflicts. Once I click apply and ok, those file do disappear. But when I turn off the computer and turn it back on, the files reappear everywhere I mentioned before. Also, the check marks I put in options file, to hide this file are also gone.
 
 
 
Another thing it didn't do before, but is doing now, is putting a Recycle Bin file in all the USB drives, I plug into the computer.
 
 
 
Every time I restart the computer, all the icons and file on the desktop get moved around.
 
 
 
The internet is now freezing every once in a while, and it is slow.
 
 
 
Back button does not work on the first click. If I click it more then one time, it will go back more then 2 pages.
 
 
 
Another thing the computer is does is, it’s putting the word (doc) at the end of all my documents. It did not do this before.
 
 
 
I would hate to have to do a factory restore on this computer.
 
 
 
Can anyone help? Please
 
 
I did run the following scans, Rkill, AdwCleaner, Malwarebytes, and ESET.
 
When I ran ESET scanner and it found 2 threads. (Win/Systweak.k) and (JS.Kryptik.ASG Trojan). ESET scanner gave me the option to Delete quarantined files, or Uninstall application on close. I chose, delete quarantined files. But as soon as I click on Delete  quarantined files, a small window popped up saying, ESET Online scanner container has stopped working. Then below that, is says, A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available. I have ran this scan twice and both times I have gotten the same message. So I assume those bad file never got deleted.  I’m thinking these 2 files are the one causing my problem. [/size]

C:\Users\Crom-Fam\AppData\Local\Microsoft\Windows\INetCache\IE\BOQO31EV\experts[1].htm JS/Kryptik.ASG trojan cleaned by deleting - quarantined
C:\Users\Crom-Fam\Downloads\tall_230803320975765390.exe Win32/Systweak.K potentially unwanted application deleted - quarantined

# AdwCleaner v3.311 - Report created 11/10/2014 at 09:20:35
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Crom : Fam
# Running from : C:\Users\Cintron-Fam\Downloads\AdwCleaner (5).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2349 octets] - [03/10/2014 19:49:30]
AdwCleaner[R1].txt - [2413 octets] - [03/10/2014 19:55:08]
AdwCleaner[R2].txt - [976 octets] - [10/10/2014 13:53:22]
AdwCleaner[R3].txt - [1035 octets] - [10/10/2014 14:23:44]
AdwCleaner[R4].txt - [897 octets] - [11/10/2014 09:20:35]
AdwCleaner[S0].txt - [2194 octets] - [03/10/2014 19:57:19]
AdwCleaner[S1].txt - [1097 octets] - [10/10/2014 14:26:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1076 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/11/2014
Scan Time: 9:33:33 AM
Logfile: Malwarebytes Text.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.11.05
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Crom-Fam

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318915
Time Elapsed: 7 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/11/2014 09:16:21 AM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* MsKeyboardFilter [Missing Service]
* CSC [Missing Service]
* E1G60 [Missing Service]
* HdAudAddService [Missing Service]
* kbldfltr [Missing Service]
* storvsp [Missing Service]
* Vid [Missing Service]
* vmbusr [Missing Service]
* vpcivsp [Missing Service]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\olepro32.dll : 0 : 09/08/2014 11:47 AM : d41d8cd98f00b204e9800998ecf8427e [NoSig]
+-> C:\WINDOWS\SysWOW64\olepro32.dll : 80,384 : 08/21/2013 11:54 PM : 0fc9b04c7f729498b41a19fa55c33573 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.3.9600.16384_none_ceb37f1a1d4ddbbc\olepro32.dll : 80,384 : 08/21/2013 11:54 PM : 0fc9b04c7f729498b41a19fa55c33573 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 activate.adobe.com

Program finished at: 10/11/2014 09:17:00 AM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)

Attached Files


Edited by Oh My!, 22 October 2014 - 08:59 AM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:48 AM

Posted 17 October 2014 - 10:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/551678 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 22 October 2014 - 08:58 AM

Greetings Ftron and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 22 October 2014 - 04:53 PM

Attached are the files you requested.
 
Let me know if you need anything else.
 
Thank you

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Cintron-Fam at 2014-10-22 14:45:21
Running from C:\Users\Cintron-Fam\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.1.0 - ashampoo GmbH & Co. KG)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube Downloader 4.0.283 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Officejet 4630 series Basic Device Software (HKLM\...\{29B1CB33-32C3-4762-85DA-8CEADDC36EA7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
JFK Reloaded 1.1 (HKLM-x32\...\JFK Reloaded) (Version: 1.1 - JFK Reloaded)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0b - G17 Media)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Masque IGT Slots Texas Tea (HKLM-x32\...\{C5A17C43-4712-4B16-B80C-ED3FF97500C2}) (Version: 1.0.0 - Masque Publishing)
McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{B1D45D48-A4D4-495F-A693-681EA9846754}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
S.W.A.T. 4 (HKLM-x32\...\S.W.A.T. 4_is1) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.41 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TrojanHunter 5.6 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.6 - Bytelayer AB)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
Youtube Video Downloader PRO 3.9.0.2 (HKLM-x32\...\Youtube Video Downloader PRO 3.9.0.2) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
ZW3D 2014 Eng (HKLM-x32\...\{73992224-30C2-4403-BD76-B5EFBA81BCDE}) (Version: 5.1.14.0723 - ZWCAD Software Co.,Ltd)
ZW3D 2014 Eng (x32 Version: 5.1.14.0723 - ZWCAD Software Co.,Ltd) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

03-10-2014 18:58:38 McAfee Vulnerability Scanner
10-10-2014 11:47:45 McAfee Vulnerability Scanner
15-10-2014 23:18:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
17-10-2014 11:27:40 McAfee Vulnerability Scanner

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2014-06-14 23:38 - 00000852 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {16D60241-F62C-4B31-8D61-0F591840F5C7} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {1A84C8D8-C7C7-4395-954E-D0EBD01F0021} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BB94930-DD81-481B-9994-C8738D50A69E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7CD5658A-CCC4-4012-B23A-E72FD28B9415} - System32\Tasks\HP AR Program Upload - 3a5f1deeccf248cda88b1a784300a67e80546140a9c94aa4be9dd5920a8d6b1c => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {83A8AA3C-2D5E-45BC-A7B6-CFAFECDE0BC0} - System32\Tasks\AdobeAAMUpdater-1.0-Cintron-Cintron-Fam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE492A46-3BA0-4428-AA55-90F80BB8CEDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {AEAA1FC7-5544-4870-95AD-3547B1A9C093} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {AF975485-2A7D-4634-A1DD-CC4D2594B355} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-08] (Google Inc.)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C694DB80-C44A-4C93-825D-11AB946F9C60} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {CA48AE57-DF44-49EF-BDD9-84B2AFA299D7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D0C25C99-C4B0-43C7-B2E3-3E88FCA97A6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-08] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DE36E94F-72CA-4FC1-96BF-CF326362DC40} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 15:50 - 2012-09-03 15:50 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2012-09-03 15:48 - 2012-09-03 15:48 - 00022528 _____ () C:\windows\system32\BsTrace.dll
2012-09-03 15:50 - 2012-09-03 15:50 - 00054784 _____ () C:\windows\system32\BlueSoleilCSps.dll
2012-09-03 15:01 - 2012-09-03 15:01 - 00356352 _____ () C:\windows\system32\BsExtendFunc.dll
2012-08-29 14:02 - 2012-08-29 14:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 14:02 - 2012-08-29 14:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 14:02 - 2012-08-29 14:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-08-27 14:33 - 2014-08-27 14:33 - 00120224 _____ () C:\Users\Cintron-Fam\AppData\Local\assembly\dl3\PN8ZAGCT.MVC\EXHXOJ34.TOT\614e8cbb\0057376b_1086cd01\HPItunesModule.DLL
2014-08-22 14:52 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-22 14:52 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-22 14:52 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-22 14:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\olepro32.dll
2014-08-22 14:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-09-03 15:48 - 2012-09-03 15:48 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-09-03 15:52 - 2012-09-03 15:52 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\versit.dll
2012-09-03 15:01 - 2012-09-03 15:01 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\SCChangeMonitor.dll
2012-09-03 15:50 - 2012-09-03 15:50 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-09-03 15:50 - 2012-09-03 15:50 - 00054784 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\HtmPrintHelper.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\RaBLE.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\DebugLevel.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\legap.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\RaGATT.dll
2012-08-14 14:24 - 2012-08-14 14:24 - 00323648 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 21:28 - 2012-05-02 21:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-11-14 23:25 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-11-14 23:18 - 2012-07-18 04:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-09-03 15:48 - 2012-09-03 15:48 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2014-10-15 23:06 - 2014-10-09 22:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-15 23:06 - 2014-10-09 22:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-09-08 11:47 - 2014-09-08 11:47 - 00000000 _____ () C:\WINDOWS\SYSTEM32\nvwgf2um.dll
2014-10-15 23:06 - 2014-10-09 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-15 23:06 - 2014-10-09 22:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-15 23:06 - 2014-10-09 22:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Cintron-Fam\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKCU\...\StartupApproved\Run: => "uTorrent"

========================= Accounts: ==========================

Administrator (S-1-5-21-1243641044-1690248659-814325947-500 - Administrator - Disabled)
Cintron-Fam (S-1-5-21-1243641044-1690248659-814325947-1001 - Administrator - Enabled) => C:\Users\Cintron-Fam
Guest (S-1-5-21-1243641044-1690248659-814325947-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1243641044-1690248659-814325947-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-1243641044-1690248659-814325947-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2014 02:27:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ce4

Start Time: 01cfee251656f5aa

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 09d8b2f9-5a19-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 01:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18a4

Start Time: 01cfee20e5744dac

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: d8f444fa-5a14-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 01:27:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1040

Start Time: 01cfee1cb48fd12f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: a80c782d-5a10-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 00:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 824

Start Time: 01cfee1883ae7eee

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 772dea40-5a0c-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 00:27:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1850

Start Time: 01cfee1452cc3f9d

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 464adf81-5a08-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 11:57:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1fe0

Start Time: 01cfee1021e8102f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 15651de4-5a04-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 11:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bfc

Start Time: 01cfee0bf105c64c

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: e48280b1-59ff-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:57:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dcc

Start Time: 01cfee07c021715c

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: b3a0dc7a-59fb-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c04

Start Time: 01cfee038f3ccf5f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 82bb9f20-59f7-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:00:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19d8

Start Time: 01cfedff5e566d29

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: ab402b51-59f3-11e4-bea6-689423a0840a

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (10/17/2014 02:29:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (10/17/2014 02:29:19 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (10/17/2014 02:27:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly. It has done this 1 time(s).

Error: (10/17/2014 02:26:07 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (10/17/2014 02:26:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:24:46 PM on ‎10/‎17/‎2014 was unexpected.

Error: (10/17/2014 09:51:06 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (10/17/2014 07:31:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (10/17/2014 07:31:32 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (10/17/2014 07:22:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (10/17/2014 07:21:58 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.


Microsoft Office Sessions:
=========================
Error: (10/22/2014 02:27:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605ce401cfee251656f5aa4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe09d8b2f9-5a19-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 01:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2060518a401cfee20e5744dac4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exed8f444fa-5a14-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 01:27:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605104001cfee1cb48fd12f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exea80c782d-5a10-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 00:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2060582401cfee1883ae7eee4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe772dea40-5a0c-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 00:27:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605185001cfee1452cc3f9d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe464adf81-5a08-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 11:57:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206051fe001cfee1021e8102f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe15651de4-5a04-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 11:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206051bfc01cfee0bf105c64c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exee48280b1-59ff-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:57:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605dcc01cfee07c021715c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exeb3a0dc7a-59fb-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206051c0401cfee038f3ccf5f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe82bb9f20-59f7-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/22/2014 10:00:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2060519d801cfedff5e566d294294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exeab402b51-59f3-11e4-bea6-689423a0840amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


==================== Memory info ===========================

Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 20%
Total physical RAM: 12227.55 MB
Available physical RAM: 9714.02 MB
Total Pagefile: 12915.55 MB
Available Pagefile: 9281.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1841.23 GB) (Free:1581.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.87 GB) (Free:2.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:0.02 GB) (Free:0.01 GB) FAT
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:1816.44 GB) (Free:1231.12 GB) NTFS
Drive k: (Main Drive 2) (Fixed) (Total:46.58 GB) (Free:46.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 27BACF3B)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 28808994)
Partition 1: (Not Active) - (Size=1816.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46.6 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 15.6 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Cintron-Fam (administrator) on CINTRON on 22-10-2014 14:44:34
Running from C:\Users\Cintron-Fam\Downloads
Loaded Profile: Cintron-Fam (Available profiles: Cintron-Fam)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(BitTorrent Inc.) C:\Users\Cintron-Fam\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364544 2012-09-03] (IVT Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe [1082832 2014-08-20] (Mischel Internet Security)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1243641044-1690248659-814325947-1001\...\Run: [uTorrent] => C:\Users\Cintron-Fam\AppData\Roaming\uTorrent\uTorrent.exe [1689680 2014-10-17] (BitTorrent Inc.)
HKU\S-1-5-21-1243641044-1690248659-814325947-1001\...\MountPoints2: {20807b8c-0eb9-11e4-be81-689423a0840a} - "L:\LaunchU3.exe" -a
HKU\S-1-5-21-1243641044-1690248659-814325947-1001\...\MountPoints2: {377d3566-45c0-11e4-be91-689423a0840a} - "L:\LGAutoRun.exe"
Startup: C:\Users\Cintron-Fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4630 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {D025AA54-DA48-4388-9A2D-A6865324FDBE} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D025AA54-DA48-4388-9A2D-A6865324FDBE} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {D025AA54-DA48-4388-9A2D-A6865324FDBE} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cintron-Fam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.yahoo.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-08]
CHR Extension: (Google Drive) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-08]
CHR Extension: (YouTube) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-08]
CHR Extension: (Google Search) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-08]
CHR Extension: (Google Wallet) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-08]
CHR Extension: (Gmail) - C:\Users\Cintron-Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1602560 2012-09-03] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-09-03] (IVT Corporation) [File not signed]
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-27] (Microsoft Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-27] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-09-19] (IDT, Inc.) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-08-27] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-27] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 14:44 - 2014-10-22 14:45 - 00022111 _____ () C:\Users\Cintron-Fam\Downloads\FRST.txt
2014-10-22 14:44 - 2014-10-22 14:44 - 02110976 _____ (Farbar) C:\Users\Cintron-Fam\Downloads\FRST64.exe
2014-10-22 14:44 - 2014-10-22 14:44 - 00000000 ____D () C:\FRST
2014-10-22 14:43 - 2014-10-22 14:43 - 01102336 _____ (Farbar) C:\Users\Cintron-Fam\Downloads\FRST.exe
2014-10-22 14:43 - 2014-10-22 14:43 - 01102336 _____ (Farbar) C:\Users\Cintron-Fam\Downloads\FRST (1).exe
2014-10-22 12:12 - 2014-10-22 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-22 11:23 - 2014-10-22 11:23 - 00020062 _____ () C:\Users\Cintron-Fam\Downloads\TP001196055 (1).cab
2014-10-22 11:22 - 2014-10-22 11:22 - 00020062 _____ () C:\Users\Cintron-Fam\Downloads\TP001196055.cab
2014-10-22 11:21 - 2014-10-22 11:21 - 00049684 _____ () C:\Users\Cintron-Fam\Downloads\TS102810126 (2).dotx
2014-10-22 11:17 - 2014-10-22 11:17 - 00049684 _____ () C:\Users\Cintron-Fam\Downloads\TS102810126.dotx
2014-10-22 11:17 - 2014-10-22 11:17 - 00049684 _____ () C:\Users\Cintron-Fam\Downloads\TS102810126 (1).dotx
2014-10-22 10:12 - 2014-10-22 10:12 - 00001369 _____ () C:\Users\Cintron-Fam\Downloads\payments.csv
2014-10-21 11:05 - 2014-10-21 11:06 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (8).jnlp
2014-10-20 15:10 - 2014-10-20 15:10 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (7).jnlp
2014-10-20 11:14 - 2014-10-20 11:14 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (6).jnlp
2014-10-20 09:03 - 2014-10-20 09:03 - 00688992 _____ (Swearware) C:\Users\Cintron-Fam\Downloads\dds.com
2014-10-17 21:07 - 2014-10-17 21:07 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (5).jnlp
2014-10-17 10:25 - 2014-10-17 10:25 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (4).jnlp
2014-10-17 07:28 - 2014-10-17 07:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-16 16:30 - 2014-10-16 16:30 - 02347384 _____ (ESET) C:\Users\Cintron-Fam\Downloads\esetsmartinstaller_enu (2).exe
2014-10-16 15:03 - 2014-10-16 15:03 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (3).jnlp
2014-10-16 14:44 - 2014-10-16 14:44 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (2).jnlp
2014-10-16 14:05 - 2014-10-16 14:06 - 02347384 _____ (ESET) C:\Users\Cintron-Fam\Downloads\esetsmartinstaller_enu (1).exe
2014-10-16 14:05 - 2014-10-16 14:05 - 02347384 _____ (ESET) C:\Users\Cintron-Fam\Downloads\esetsmartinstaller_enu.exe
2014-10-16 14:01 - 2014-10-16 14:01 - 00401920 _____ (Farbar) C:\Users\Cintron-Fam\Downloads\MiniToolBox.exe
2014-10-16 13:40 - 2014-10-16 13:40 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Cintron-Fam\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-16 12:11 - 2014-10-16 12:11 - 01976320 _____ () C:\Users\Cintron-Fam\Downloads\AdwCleaner.exe
2014-10-16 12:08 - 2014-10-16 12:08 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Cintron-Fam\Downloads\rkill.exe
2014-10-16 10:35 - 2014-10-16 10:35 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader (1).jnlp
2014-10-16 10:33 - 2014-10-16 10:34 - 00001552 _____ () C:\Users\Cintron-Fam\Downloads\Scottrader.jnlp
2014-10-15 22:23 - 2014-09-27 18:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 22:22 - 2014-09-07 23:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 22:22 - 2014-09-07 21:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 22:22 - 2014-09-07 21:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 22:22 - 2014-09-07 20:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 22:22 - 2014-09-07 20:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 22:22 - 2014-09-07 20:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 22:22 - 2014-09-07 20:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 22:22 - 2014-09-07 20:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 22:22 - 2014-09-07 20:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 22:22 - 2014-09-07 20:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 22:22 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 22:22 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 22:22 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 22:22 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 22:22 - 2014-09-03 20:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 22:22 - 2014-09-03 19:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 22:22 - 2014-09-03 19:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 22:21 - 2014-10-09 18:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-15 22:21 - 2014-10-08 18:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-15 22:21 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 22:21 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 22:21 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 22:21 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 22:21 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 22:21 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 22:21 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 22:21 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 22:21 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 22:21 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 22:21 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 22:21 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 22:21 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 22:21 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 22:21 - 2014-09-18 21:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-15 22:21 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 22:21 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 22:21 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 22:21 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 22:21 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 22:21 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 22:21 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 22:21 - 2014-09-18 20:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 22:21 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 22:21 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 22:21 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 22:21 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 22:21 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 22:21 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 22:21 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 22:21 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 22:21 - 2014-09-13 02:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 22:21 - 2014-09-13 02:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 22:21 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 22:21 - 2014-09-13 01:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-15 22:21 - 2014-09-03 20:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 22:21 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 22:21 - 2014-08-28 21:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 22:21 - 2014-08-28 19:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 22:21 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 22:21 - 2014-08-16 00:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 22:21 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 22:21 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 22:21 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 22:21 - 2014-08-15 23:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 22:21 - 2014-08-15 23:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 22:21 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 22:21 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 22:21 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 22:21 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 22:21 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 22:21 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 22:21 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 22:21 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 22:21 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 22:21 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 22:21 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 22:21 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 22:21 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 22:21 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 22:21 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 22:21 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 22:21 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 22:21 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 22:21 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 22:21 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 22:21 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 22:21 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 22:21 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 22:21 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 22:21 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 22:21 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 22:21 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 22:21 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 22:21 - 2014-07-31 19:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 19:50 - 2014-10-15 19:50 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\eTeks
2014-10-15 19:40 - 2014-10-15 19:40 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\ZWSOFT
2014-10-15 19:36 - 2014-10-15 20:11 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\ZW3D 2014 Eng
2014-10-15 19:36 - 2014-10-15 19:36 - 00000000 ____D () C:\Users\Cintron-Fam\Documents\ZW3D
2014-10-15 19:36 - 2014-10-15 19:36 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\ZWMold4.0
2014-10-15 19:36 - 2014-10-15 19:36 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-10-15 19:20 - 2014-10-15 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZWSOFT
2014-10-15 19:19 - 2014-10-15 19:19 - 00000000 ____D () C:\Program Files (x86)\ZWSOFT
2014-10-15 19:12 - 2014-10-15 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-10-15 19:11 - 2014-10-15 19:12 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2014-10-15 19:09 - 2014-10-15 19:12 - 726080568 _____ () C:\Users\Cintron-Fam\Downloads\ZW3D2014SPEng_x86.exe
2014-10-15 19:02 - 2014-10-15 19:04 - 41239456 _____ (eTeks ) C:\Users\Cintron-Fam\Downloads\SweetHome3D-4.4-windows.exe
2014-10-14 17:33 - 2014-10-15 16:19 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Rosie Job
2014-10-11 09:33 - 2014-10-16 13:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 09:33 - 2014-10-16 13:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 09:33 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-11 09:33 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-11 09:33 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-06 17:37 - 2014-10-13 14:16 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Bleeping Computer
2014-10-06 09:00 - 2014-10-06 09:00 - 00003560 _____ () C:\WINDOWS\System32\Tasks\HP AR Program Upload - 3a5f1deeccf248cda88b1a784300a67e80546140a9c94aa4be9dd5920a8d6b1c
2014-10-05 09:34 - 2014-10-05 09:34 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-03 20:23 - 2014-10-03 20:24 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Envolope Printer
2014-10-03 19:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-10-03 19:48 - 2014-10-16 12:14 - 00000000 ____D () C:\AdwCleaner
2014-09-30 20:13 - 2014-09-30 20:13 - 00000000 ____D () C:\Users\Cintron-Fam\Documents\Rockstar Games
2014-09-30 19:54 - 2014-09-30 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCPD First Response
2014-09-29 19:16 - 2014-09-29 19:16 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\Unity
2014-09-29 19:15 - 2014-09-29 19:15 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Local\Unity
2014-09-29 17:43 - 2014-09-29 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-26 19:24 - 2014-09-26 19:24 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-24 15:49 - 2014-09-24 15:49 - 00000000 ____D () C:\WINDOWS\Minidump

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 14:44 - 2014-07-06 13:00 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\uTorrent
2014-10-22 14:10 - 2014-06-08 13:52 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-22 14:06 - 2014-08-27 14:32 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{609BE8E9-1AFC-4951-92C7-9CCF8DD5816E}
2014-10-22 14:00 - 2014-08-27 13:06 - 01941891 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-22 14:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-22 12:22 - 2014-06-07 23:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1243641044-1690248659-814325947-1001
2014-10-22 06:10 - 2014-06-08 13:52 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 05:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-20 15:12 - 2012-09-10 18:54 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-10-20 15:09 - 2012-11-14 23:40 - 00004524 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-10-20 15:09 - 2012-11-14 23:40 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-10-20 12:08 - 2014-08-27 14:34 - 00000000 ___DO () C:\Users\Cintron-Fam\OneDrive
2014-10-20 08:58 - 2014-06-10 23:23 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Bernie
2014-10-19 22:34 - 2013-08-22 10:46 - 00309163 _____ () C:\WINDOWS\setupact.log
2014-10-18 13:16 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-18 06:05 - 2014-06-08 13:52 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 06:05 - 2014-06-08 13:52 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 14:33 - 2014-03-18 06:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-17 14:29 - 2014-06-08 13:54 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-17 14:27 - 2014-08-27 13:12 - 00000000 ____D () C:\Users\Cintron-Fam
2014-10-17 14:26 - 2014-08-27 13:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-17 14:26 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-17 07:28 - 2014-08-22 09:52 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 07:28 - 2014-08-22 09:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 07:28 - 2014-07-06 13:02 - 00000886 _____ () C:\Users\Cintron-Fam\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-17 03:24 - 2014-06-09 00:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-17 03:22 - 2014-06-09 00:12 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 22:48 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-16 12:52 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-16 12:15 - 2014-03-18 05:54 - 00012996 _____ () C:\WINDOWS\PFRO.log
2014-10-16 11:53 - 2014-08-22 11:26 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Computer
2014-10-16 11:51 - 2014-06-21 00:30 - 00128360 _____ () C:\Users\Cintron-Fam\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 11:17 - 2013-08-22 10:44 - 05049448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 11:15 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-16 11:15 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-16 11:15 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-16 11:15 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-16 11:15 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-15 23:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-15 23:39 - 2014-07-14 11:52 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-15 19:18 - 2014-06-12 00:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-15 14:40 - 2014-08-31 11:54 - 00469504 ___SH () C:\Users\Cintron-Fam\Desktop\Thumbs.db
2014-10-10 14:51 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-05 11:27 - 2014-08-27 15:23 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-10-04 17:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\System
2014-10-03 14:59 - 2014-07-18 12:49 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-29 18:45 - 2013-08-22 11:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-29 18:45 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 17:43 - 2014-06-08 13:52 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Local\Google
2014-09-29 17:43 - 2014-06-08 13:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-26 06:40 - 2014-07-21 18:28 - 00000000 ____D () C:\Users\Cintron-Fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-26 06:40 - 2014-07-21 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-26 06:40 - 2014-06-27 14:14 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-25 17:00 - 2014-07-21 13:53 - 00000000 ____D () C:\Users\Cintron-Fam\Desktop\Cheito Payments
2014-09-24 15:49 - 2014-06-07 22:41 - 00156864 ____N () C:\WINDOWS\Minidump\092414-16187-01.dmp

Some content of TEMP:
====================
C:\Users\Cintron-Fam\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Cintron-Fam\AppData\Local\Temp\Quarantine.exe
C:\Users\Cintron-Fam\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-17 14:37

==================== End Of Log ============================

Attached Files


Edited by Oh My!, 22 October 2014 - 05:15 PM.
Logs posted


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 22 October 2014 - 05:51 PM

Greetings and welcome.

There is evidence of pirated software on your computer. Before we can continue on I will ask you to remove it. Please let me know if you are willing to do so.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 23 October 2014 - 03:03 PM

Greetings and welcome.

There is evidence of pirated software on your computer. Before we can continue on I will ask you to remove it. Please let me know if you are willing to do so.

 I am willing to do so. Thank  you



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 23 October 2014 - 03:57 PM

Very good, let me know when that has been done and we will continue on.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 23 October 2014 - 08:57 PM

I said i am willing to fix the problem on my computer, because i thought you were going to tell me step by step how to do it. Without your help i can not do this. 

 

Thanks



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 23 October 2014 - 09:04 PM

The question is whether or not you are willing to remove the pirated and illegal software on your computer.  If you are willing to do that then once you have done that we can start with the instructions to address your malware issues.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 23 October 2014 - 09:06 PM

Maybe there is some miscommunication. When you said you are willing to fix the "problem" I did not read that to mean remove the software. Is that what you mean by "problem?"


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 24 October 2014 - 10:04 AM

Oh, Now I understand. You are saying that I myself installed pirate software. Yes I m willing to remove that. But since I don't recall installing it, will you be so kind as to tell me which one it is.

 

Thank you.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 24 October 2014 - 10:42 AM

Sure, please do this.

===================================================

Uninstalling a Program using Add/Remove Program

--------------------

I recommend the uninstalling of the below listed program(s).
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

Adobe Photoshop CS5

  • Reboot your computer
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Are we all set now?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 24 October 2014 - 03:47 PM

Sure, please do this.

===================================================

Uninstalling a Program using Add/Remove Program

--------------------

I recommend the uninstalling of the below listed program(s).

  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

Adobe Photoshop CS5

  • Reboot your computer
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Are we all set now?

 

 I have removed photoshop.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:48 PM

Posted 24 October 2014 - 04:57 PM

Thank you.

Please copy and paste all information in your reply unless I request you attach the file.

Before taking our next steps we need to cut and paste the FRST program from your Downloads folder to your Desktop.

Running from C:\Users\Cintron-Fam\Downloads


Can you tell me if these look familiar to you?

C:\Users\Cintron-Fam\Downloads\TP001196055 (1).cab
C:\Users\Cintron-Fam\Downloads\TP001196055.cab
C:\Users\Cintron-Fam\Downloads\TS102810126 (2).dotx
C:\Users\Cintron-Fam\Downloads\TS102810126.dotx
C:\Users\Cintron-Fam\Downloads\TS102810126 (1).dotx



Please consider and do this.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I recommend uninstalling Spybot Search & Destroy at least while we are addressing your issues. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
C:\Users\Cintron-Fam\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Cintron-Fam\AppData\Local\Temp\Quarantine.exe
C:\Users\Cintron-Fam\AppData\Local\Temp\sqlite3.dll
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Files look familiar?
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Ftron

Ftron
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:12:48 AM

Posted 25 October 2014 - 11:56 AM

I Uninstalled the programs you recommended that I should Uninstall and everything else you said to do.

 

 

 

This is what i got under Fixlog.txt

 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2014
Ran by Cintron-Fam at 2014-10-25 12:51:45 Run:2
Running from C:\Users\Cintron-Fam\Desktop
Loaded Profile: Cintron-Fam (Available profiles: Cintron-Fam)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
C:\Users\Cintron-Fam\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Cintron-Fam\AppData\Local\Temp\Quarantine.exe
C:\Users\Cintron-Fam\AppData\Local\Temp\sqlite3.dll
*****************
 
BthAvrcpTg => Service not found.
BthHFEnum => Service not found.
bthhfhid => Service not found.
"C:\Users\Cintron-Fam\AppData\Local\Temp\drm_dyndata_7380014.dll" => File/Directory not found.
"C:\Users\Cintron-Fam\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Cintron-Fam\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
 
==== End of Fixlog ====
 
Let me know what else i need to do. 
Thank you





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users