Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Owner (administrator) on OWNER-PC on 19-10-2014 12:14:50
Running from C:\Users\Owner\Downloads
Loaded Profile: Owner (Available profiles: Owner & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Curse) C:\Users\Owner\AppData\Local\Apps\2.0\Y1RRBR7Y.797\BJMC19N9.W2P\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Corel Corporation) C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\CorelDRW.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-422040510-2405641811-1513485937-1000\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs-x32: c:\progra~2\sw-boo~1\assist~1.dll => "c:\progra~2\sw-boo~1\assist~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x583220E06105CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.allsearches.info/?l=1&q={searchTerms}&pid=945&r=2014/10/16&hid=12827458011353005973&lg=EN&cc=US&unqvl=64
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.allsearches.info/?l=1&q={searchTerms}&pid=945&r=2014/10/16&hid=12827458011353005973&lg=EN&cc=US&unqvl=64
SearchScopes: HKCU - DefaultScope {B4599768-F3E0-446B-9CC6-2AF6E72456EA} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US0D20141017&p={SearchTerms}
SearchScopes: HKCU - {28482CA7-C094-4BA0-99E2-A295FF5A0207} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {5F0E1667-80D4-4326-9464-440EF6571D19} URL = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20130311,17118,0,18,0
SearchScopes: HKCU - {B4599768-F3E0-446B-9CC6-2AF6E72456EA} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US0D20141017&p={SearchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
BHO: NextCoup -> {a1ff7bdb-fb04-45e3-8f7f-69f7c15ce637} -> C:\Program Files (x86)\NextCoup\pFNTkfheimkWtm.x64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: NextCoup -> {e7d3ae70-f156-46d5-be16-9eebd51e86ab} -> C:\Program Files (x86)\NextCoup\i309X1EgMaRBR7.x64.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
BHO-x32: NextCoup -> {a1ff7bdb-fb04-45e3-8f7f-69f7c15ce637} -> C:\Program Files (x86)\NextCoup\pFNTkfheimkWtm.dll No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: NextCoup -> {e7d3ae70-f156-46d5-be16-9eebd51e86ab} -> C:\Program Files (x86)\NextCoup\i309X1EgMaRBR7.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ixgln5xn.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchUrl: http://websearch.allsearches.info/?pid=945&r=2014/10/16&hid=12827458011353005973&lg=EN&cc=US&unqvl=64&l=1&q=
FF Homepage: hxxp://websearch.allsearches.info/?pid=945&r=2014/10/16&hid=12827458011353005973&lg=EN&cc=US&unqvl=64
FF SearchEngineOrder.1: WebSearch
FF DefaultSearchEngine: WebSearch
FF SelectedSearchEngine: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.allsearches.info/?pid=945&r=2014/10/16&hid=12827458011353005973&lg=EN&cc=US&unqvl=64&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ixgln5xn.default\user.js
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ixgln5xn.default\searchplugins\safesearch.xml
FF Extension: McAfee SafeKey - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ixgln5xn.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2014-10-17]
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-10-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-17]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee SafeKey) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2014-10-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-12]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-13]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-13]
CHR Extension: (NextCoup) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\damjpaghdlldnhfkfjhlpkagboklfebj [2014-10-17]
CHR Extension: (NextCoup) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanjgonigpejjggdhaimiojpfimipeog [2014-10-17]
CHR Extension: (SiteAdvisor) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-17]
CHR Extension: (AdBlock) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17]
CHR Extension: (GoSave) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkkpaahpjpiklnmonaocmhnnllpgfnda [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-17]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2014-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [obcjlnjgjjgghcedkcohaeboelbblehc] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-17] (SurfRight B.V.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S2 d0e87c27; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 V0520Vid; C:\Windows\System32\DRIVERS\V0520Vid.sys [280704 2011-09-02] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 12:14 - 2014-10-19 12:15 - 00024032 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-10-19 12:14 - 2014-10-19 12:14 - 00000000 ____D () C:\FRST
2014-10-19 12:13 - 2014-10-19 12:13 - 02112000 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-10-19 10:34 - 2014-10-19 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-19 00:59 - 2014-10-19 01:01 - 00000000 ____D () C:\Users\Owner\Desktop\G reikalai
2014-10-18 22:12 - 2014-10-19 00:57 - 00000000 ____D () C:\Users\Owner\Desktop\OTL reports
2014-10-18 22:06 - 2014-10-18 22:06 - 00055594 _____ () C:\Users\Owner\Downloads\Extras.Txt
2014-10-18 22:05 - 2014-10-18 22:05 - 00134022 _____ () C:\Users\Owner\Downloads\OTL.Txt
2014-10-18 21:50 - 2014-10-18 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Desktop\OTL.exe
2014-10-18 08:30 - 2014-10-18 08:30 - 00275440 _____ () C:\Windows\Minidump\101814-25786-01.dmp
2014-10-17 20:50 - 2014-10-17 20:50 - 00008764 _____ () C:\Windows\system32\.crusader
2014-10-17 20:40 - 2014-10-17 20:40 - 00001893 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-17 20:40 - 2014-10-17 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-17 20:40 - 2014-10-17 20:40 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-17 20:39 - 2014-10-17 20:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-17 20:38 - 2014-10-17 20:38 - 11194928 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2014-10-17 17:43 - 2014-10-17 17:44 - 00000000 ____D () C:\Program Files (x86)\SafeKey
2014-10-17 17:43 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-10-17 17:42 - 2014-10-17 17:42 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-10-17 17:41 - 2014-10-17 17:43 - 00000000 ____D () C:\Program Files\McAfee
2014-10-17 17:41 - 2014-10-17 17:41 - 00000000 ____D () C:\Program Files\McAfee.com
2014-10-17 17:40 - 2014-10-17 17:47 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-17 17:34 - 2014-10-18 09:26 - 00000000 ____D () C:\Quarantine
2014-10-17 17:34 - 2014-10-17 17:43 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-10-17 17:34 - 2014-10-17 17:35 - 00000000 ____D () C:\Program Files\stinger
2014-10-17 17:34 - 2014-10-17 17:34 - 00000000 ____D () C:\Users\Owner\Desktop\MCafee
2014-10-17 17:34 - 2014-07-18 09:01 - 00189912 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2014-10-17 17:16 - 2014-10-17 17:16 - 00000000 ____D () C:\Users\Owner\AppData\Local\Citrix
2014-10-17 17:16 - 2014-10-17 17:16 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-10-17 12:05 - 2014-10-17 20:51 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2014-10-17 12:04 - 2014-10-17 12:04 - 06451168 _____ (Security Stronghold ) C:\Users\Owner\Downloads\StrongholdAntiMalware.exe
2014-10-17 10:01 - 2014-10-17 10:01 - 00000000 ____D () C:\Windows\Temp92496F2E-2788-7FB9-29C0-6E1E6C05FD02-Signatures
2014-10-17 10:00 - 2014-10-17 10:00 - 00000000 ____D () C:\Windows\Temp584BBDEC-1754-38D6-DA1C-7A4AE4BBE81E-Signatures
2014-10-17 01:22 - 2014-10-17 01:22 - 00000000 ____D () C:\c4c033224c0b00148dc74e47ef
2014-10-16 19:16 - 2014-10-16 19:17 - 179942058 _____ () C:\Users\Owner\Downloads\ATP_2.7z
2014-10-16 19:05 - 2014-10-16 19:08 - 90383876 _____ () C:\Users\Owner\Downloads\ATP_1.7z
2014-10-16 19:02 - 2014-10-16 19:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\EZDownloader
2014-10-16 19:00 - 2014-10-17 13:23 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-16 19:00 - 2014-10-17 13:23 - 00000000 ____D () C:\ProgramData\d648aeeddec485c2
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\Torch
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\Comodo
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\Chromatic Browser
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-10-16 19:00 - 2014-10-16 19:00 - 00000000 ____D () C:\Users\Administrator
2014-10-16 12:24 - 2014-10-16 12:24 - 00002135 _____ () C:\Users\Owner\Downloads\report.txt
2014-10-16 11:17 - 2014-10-16 11:17 - 00138264 _____ () C:\Users\Owner\Downloads\downtester_setup.exe
2014-10-16 11:17 - 2014-10-16 11:17 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft DownTester
2014-10-16 11:17 - 2014-10-16 11:17 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-10-16 08:49 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 08:49 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 08:49 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 08:49 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 08:49 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 08:49 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 08:49 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 08:48 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 08:48 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 08:48 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 08:48 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 08:48 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 08:48 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 08:48 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 08:48 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 08:48 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 08:48 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 08:48 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 08:48 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 08:48 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 08:48 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 08:48 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 08:48 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 08:48 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 08:48 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 08:48 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 08:48 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 08:48 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 08:48 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 08:48 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 08:48 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 08:48 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 08:48 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 08:48 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 08:48 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 08:48 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 08:48 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 08:48 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 08:48 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 08:48 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 08:48 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 08:48 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 08:48 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 08:48 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 08:48 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 08:48 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 08:48 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 08:48 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 08:48 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 08:48 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 08:48 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 08:48 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 08:48 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 08:48 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 08:48 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 08:48 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 08:48 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 08:48 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 08:48 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 08:48 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 08:48 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 08:48 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 08:48 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 08:47 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 08:47 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 08:47 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 08:47 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 08:47 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 08:47 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 08:47 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 08:47 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 08:47 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 08:47 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 08:47 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 08:47 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 08:47 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 08:47 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 08:47 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 08:46 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 08:46 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 08:43 - 2014-10-16 08:43 - 00000000 ____D () C:\Windows\Temp0CC661E8-1F72-CA57-6BC5-59EF3033DD77-Signatures
2014-10-16 08:42 - 2014-10-16 08:42 - 00000000 ____D () C:\Windows\TempEDDBD594-98F0-EC1D-5CC4-179946C35E74-Signatures
2014-10-15 00:36 - 2014-10-15 00:36 - 00000000 ____D () C:\Windows\Temp4202BD34-6EAF-F38D-0678-7745C4B2BF46-Signatures
2014-10-15 00:36 - 2014-10-15 00:36 - 00000000 ____D () C:\Windows\Temp0085F8EA-D693-FC1F-4795-5D2B87D45474-Signatures
2014-10-14 10:52 - 2014-10-14 10:52 - 00000000 ____D () C:\Windows\TempBCB1FEA7-115A-3F04-F268-CAF1ED1500D7-Signatures
2014-10-14 10:52 - 2014-10-14 10:52 - 00000000 ____D () C:\Windows\TempA1AF9132-36EA-10A8-7DFF-E0D688574E39-Signatures
2014-10-14 01:15 - 2014-10-14 01:15 - 00000000 ____D () C:\Windows\TempBE0AF85E-11AB-D3C1-EB83-D2C689A9F5DB-Signatures
2014-10-14 01:15 - 2014-10-14 01:15 - 00000000 ____D () C:\Windows\TempBA7CC7B7-DF1F-087B-D832-A511665F1C5E-Signatures
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\Temp97227AFF-2C7A-9CA6-6109-C21AA9CEAD08-Signatures
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\Temp8F1A0FB2-0BB7-01E6-04E5-7A597D4C0427-Signatures
2014-10-13 00:16 - 2014-10-13 00:16 - 00000000 ____D () C:\Windows\Temp4FB6D070-C655-C7EB-4DAD-82EF1758E0FD-Signatures
2014-10-13 00:15 - 2014-10-13 00:16 - 00000000 ____D () C:\Windows\Temp19F11FF1-70D0-07A7-0876-CE9471796974-Signatures
2014-10-12 10:30 - 2014-10-12 10:30 - 00000000 ____D () C:\Windows\Temp63EECB10-7A81-B083-AFDA-A48CD46FCFFD-Signatures
2014-10-12 10:29 - 2014-10-12 10:29 - 00000000 ____D () C:\Windows\Temp275ACB9B-AD48-ADA5-48D0-0435A2D48F2E-Signatures
2014-10-12 01:55 - 2014-10-12 01:55 - 00000000 ____D () C:\Windows\TempF98703FD-E8EF-9579-E139-66432C10ECE9-Signatures
2014-10-12 01:55 - 2014-10-12 01:55 - 00000000 ____D () C:\Windows\TempCFD074BB-55E1-2741-4FB3-5FF5C02ECBF6-Signatures
2014-10-11 12:32 - 2014-10-11 12:32 - 00000000 ____D () C:\Windows\TempF932A2DC-193C-53F2-394F-4572B3160E6B-Signatures
2014-10-11 12:32 - 2014-10-11 12:32 - 00000000 ____D () C:\Windows\Temp5DDDA94B-749D-B294-28D0-74645D50FF66-Signatures
2014-10-11 10:11 - 2014-10-11 10:11 - 00000000 ____D () C:\Windows\TempE33CC338-1D92-8595-F6BF-73DA1DE06777-Signatures
2014-10-11 10:10 - 2014-10-11 10:10 - 00000000 ____D () C:\Windows\TempA61E8519-C646-A092-D03D-4ED3488CD4C2-Signatures
2014-10-11 01:06 - 2014-10-11 01:06 - 00000000 ____D () C:\Windows\Temp42B2D4FA-7984-FE82-6AAB-A1C6A939B2E6-Signatures
2014-10-11 01:05 - 2014-10-11 01:05 - 00000000 ____D () C:\Windows\TempEED633D2-772A-0D70-135A-952E7DFE78A0-Signatures
2014-10-10 14:04 - 2014-10-10 14:04 - 00000000 ____D () C:\Windows\Temp947F4F33-818E-814D-19C9-0F6626D6566A-Signatures
2014-10-10 14:03 - 2014-10-10 14:03 - 00000000 ____D () C:\Windows\TempC24BAAA5-C385-7D40-982A-DA3B2D62237C-Signatures
2014-10-10 00:22 - 2014-10-10 00:22 - 00000000 ____D () C:\Windows\TempC66BAC73-FD51-F688-EB79-EE0A46AFC2F3-Signatures
2014-10-10 00:22 - 2014-10-10 00:22 - 00000000 ____D () C:\Windows\Temp74B45C44-0D97-9524-7D67-B488BF8FD93A-Signatures
2014-10-09 17:03 - 2014-10-09 17:03 - 00000000 ____D () C:\Users\Owner\Documents\TomTom
2014-10-09 17:03 - 2014-10-09 17:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TomTom
2014-10-09 17:03 - 2014-10-09 17:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\TomTom
2014-10-09 17:02 - 2014-10-09 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-10-09 17:01 - 2014-10-09 17:01 - 31119112 _____ () C:\Users\Owner\Downloads\TomTomHOME2winlatest.exe
2014-10-09 17:01 - 2014-10-09 17:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\Downloaded Installations
2014-10-09 01:33 - 2014-10-09 01:33 - 00000000 ____D () C:\Windows\TempEC883B62-6095-6C94-9688-5351FEFFA263-Signatures
2014-10-09 01:33 - 2014-10-09 01:33 - 00000000 ____D () C:\Windows\Temp8CBC5B34-1DD6-29C9-49C1-A1BE884F1BCB-Signatures
2014-10-09 00:16 - 2014-10-09 00:16 - 00000000 ____D () C:\Windows\TempE758293D-C9F6-83AA-2658-DA5E2326DE18-Signatures
2014-10-09 00:16 - 2014-10-09 00:16 - 00000000 ____D () C:\Windows\Temp4F87FA48-A390-5F2C-55EF-77B08D735C00-Signatures
2014-10-08 09:57 - 2014-10-08 09:57 - 00000000 ____D () C:\Windows\Temp3E050096-1BBB-BA29-4BAB-70BD75E07821-Signatures
2014-10-08 09:57 - 2014-10-08 09:57 - 00000000 ____D () C:\Windows\Temp1C1983C9-5D20-3DC5-1E47-04E012838F22-Signatures
2014-10-08 00:17 - 2014-10-08 00:17 - 00000000 ____D () C:\Windows\Temp2D885373-A580-0C0F-9DDD-C1FC98507310-Signatures
2014-10-08 00:17 - 2014-10-08 00:17 - 00000000 ____D () C:\Windows\Temp047465EE-20BE-4D4A-569A-4451FB3F1EB6-Signatures
2014-10-07 10:46 - 2014-10-07 10:46 - 00000000 ____D () C:\Windows\TempE2FAF076-3EC6-7DBC-5CCD-10EB01D7F3FB-Signatures
2014-10-07 10:46 - 2014-10-07 10:46 - 00000000 ____D () C:\Windows\Temp677FA5AE-4029-83F7-58C9-B9B4403B8D69-Signatures
2014-10-07 00:16 - 2014-10-07 00:16 - 00000000 ____D () C:\Windows\Temp46C863F4-AB3E-4ECC-F2C9-9D8DA42F94E9-Signatures
2014-10-07 00:16 - 2014-10-07 00:16 - 00000000 ____D () C:\Windows\Temp1F98CDA6-5CB8-9009-B70E-9556202E9E97-Signatures
2014-10-06 09:49 - 2014-10-06 09:49 - 00000000 ____D () C:\Windows\Temp2AD7E94F-75BD-1E63-3432-A03E4C7C6906-Signatures
2014-10-06 09:49 - 2014-10-06 09:49 - 00000000 ____D () C:\Windows\Temp06FAC51B-8AFB-7BB5-0EC8-631028CD8463-Signatures
2014-10-06 01:02 - 2014-10-06 01:02 - 00000000 ____D () C:\Windows\Temp3B0ACFAA-2EC9-902A-C474-D1EB76C62C96-Signatures
2014-10-06 01:01 - 2014-10-06 01:01 - 00000000 ____D () C:\Windows\Temp1816EFD6-B7FF-B2E5-800D-1E88484FEFFC-Signatures
2014-10-05 13:08 - 2014-10-05 13:08 - 00000000 ____D () C:\Windows\TempE2F27640-F6BB-6DDD-1A5D-00B2E45CC7C2-Signatures
2014-10-05 13:08 - 2014-10-05 13:08 - 00000000 ____D () C:\Windows\Temp3972D28D-6790-FB70-0A39-68E978024510-Signatures
2014-10-05 10:33 - 2014-10-05 10:33 - 00000000 ____D () C:\Windows\TempB01A27BB-C1B9-B3F8-0751-3FBF25B36E7F-Signatures
2014-10-05 10:32 - 2014-10-05 10:32 - 00000000 ____D () C:\Windows\Temp446FC176-AFE6-CB85-6824-C06E88AC9317-Signatures
2014-10-05 00:29 - 2014-10-05 00:30 - 00000000 ____D () C:\Windows\Temp4056B520-0F0A-1DA0-87D0-452B6FAEEC69-Signatures
2014-10-05 00:29 - 2014-10-05 00:29 - 00000000 ____D () C:\Windows\Temp64479C64-79A9-88CC-15E6-3AC062C41583-Signatures
2014-10-04 10:12 - 2014-10-04 10:12 - 00000000 ____D () C:\Windows\TempF53E7469-BF27-C3B6-370B-4534BE24040C-Signatures
2014-10-04 10:12 - 2014-10-04 10:12 - 00000000 ____D () C:\Windows\TempB9774CEB-8992-7AE7-F43A-E6A3CFBC45EB-Signatures
2014-10-04 00:29 - 2014-10-04 00:29 - 00000000 ____D () C:\Windows\Temp8DD5E266-2E9D-F165-BF84-3135DF33B001-Signatures
2014-10-04 00:29 - 2014-10-04 00:29 - 00000000 ____D () C:\Windows\Temp5734770C-C567-E8CF-2F70-3762EF97825C-Signatures
2014-10-03 01:42 - 2014-10-03 01:42 - 00000000 ____D () C:\Windows\TempF218D210-0FC1-B870-265A-8E843DC42EB3-Signatures
2014-10-03 01:42 - 2014-10-03 01:42 - 00000000 ____D () C:\Windows\TempBB3B4D2C-698B-DB95-AE40-D731D4337329-Signatures
2014-10-02 01:18 - 2014-10-02 01:18 - 00000000 ____D () C:\Windows\Temp34BC4004-C2AD-6E17-B042-8B6432D09B71-Signatures
2014-10-02 01:17 - 2014-10-02 01:17 - 00000000 ____D () C:\Windows\Temp3226190A-2F53-BEEA-4C88-D2D1075F713B-Signatures
2014-10-01 10:44 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 10:44 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 10:43 - 2014-10-01 10:43 - 00000000 ____D () C:\Windows\Temp6C407FB5-B42D-EF9A-D402-7D65A532597A-Signatures
2014-10-01 10:42 - 2014-10-01 10:42 - 00000000 ____D () C:\Windows\TempD56C7D42-6846-8C8F-086D-4E707EE1EC59-Signatures
2014-10-01 00:44 - 2014-10-01 00:44 - 00000000 ____D () C:\Windows\Temp3D6956F4-FDDE-907E-29FC-75BC89CA58ED-Signatures
2014-10-01 00:44 - 2014-10-01 00:44 - 00000000 ____D () C:\Windows\Temp37D44FB7-E3FC-57F9-4025-657BEC97D6CA-Signatures
2014-09-30 09:48 - 2014-09-30 09:48 - 00000000 ____D () C:\Windows\TempF7FFCAD4-8ED8-2122-0896-D28E0A63D262-Signatures
2014-09-30 09:47 - 2014-09-30 09:47 - 00000000 ____D () C:\Windows\Temp68D04ACB-9B7F-7847-51B4-672E409FEFF1-Signatures
2014-09-30 00:42 - 2014-09-30 00:42 - 00000000 ____D () C:\Windows\TempF4D1FDEC-5EEE-2C3E-9D4B-BABB59C6F9F2-Signatures
2014-09-30 00:42 - 2014-09-30 00:42 - 00000000 ____D () C:\Windows\TempAE5FB634-65E5-A1E2-BEFE-5AD77643FA01-Signatures
2014-09-29 10:49 - 2014-09-29 10:49 - 00000000 ____D () C:\Windows\Temp8066B608-F414-8154-C036-A20F6AA75C69-Signatures
2014-09-29 10:49 - 2014-09-29 10:49 - 00000000 ____D () C:\Windows\Temp6F88A7A2-FA5A-A17E-1DC9-14CD51C631B7-Signatures
2014-09-28 23:18 - 2014-09-28 23:18 - 00000000 ____D () C:\Windows\TempFE23716A-9D5C-6746-B6BA-EFEABEB716EA-Signatures
2014-09-28 23:18 - 2014-09-28 23:18 - 00000000 ____D () C:\Windows\TempA11D3706-68A8-95DE-F348-061600661A16-Signatures
2014-09-28 10:15 - 2014-09-28 10:15 - 00000000 ____D () C:\Windows\Temp8A6A5308-1387-C735-0ECE-EEA5E2C55231-Signatures
2014-09-28 10:14 - 2014-09-28 10:14 - 00000000 ____D () C:\Windows\TempEDFCFB47-C7BA-1286-DF62-545FC5E35769-Signatures
2014-09-28 09:51 - 2014-09-28 09:51 - 00000000 ____D () C:\Windows\TempCFBEDAF6-03B1-F650-90BB-957BFA97F808-Signatures
2014-09-28 09:50 - 2014-09-28 09:50 - 00000000 ____D () C:\Windows\Temp486CFE4F-1C8B-4629-1FF8-7855CE49A864-Signatures
2014-09-28 00:35 - 2014-09-28 00:35 - 00000000 ____D () C:\Windows\TempF4C775F0-55EF-261F-FE17-114CFD99FE90-Signatures
2014-09-28 00:35 - 2014-09-28 00:35 - 00000000 ____D () C:\Windows\Temp1B7E7695-A9E2-03F4-ACD3-3CF99C326BE4-Signatures
2014-09-27 09:35 - 2014-09-27 09:35 - 00000000 ____D () C:\Windows\Temp7E8F24F0-FB07-7D27-CDC2-8E4BA7F635D4-Signatures
2014-09-27 09:35 - 2014-09-27 09:35 - 00000000 ____D () C:\Windows\Temp63A39773-85A3-071A-640B-53EFAB7CBFD3-Signatures
2014-09-27 00:06 - 2014-09-27 00:06 - 00000000 ____D () C:\Windows\TempE814E6F5-4F68-14CC-C67E-029E72FF4281-Signatures
2014-09-27 00:06 - 2014-09-27 00:06 - 00000000 ____D () C:\Windows\Temp48359832-0A79-926B-B2F9-6119EEDBE4C0-Signatures
2014-09-26 01:20 - 2014-09-26 01:20 - 00000000 ____D () C:\Windows\TempD44F8AEC-1CB8-DD2A-7357-08CC78F44F4F-Signatures
2014-09-26 01:20 - 2014-09-26 01:20 - 00000000 ____D () C:\Windows\Temp3A702A7B-CFDC-CEFC-A8A3-E5DDD7752552-Signatures
2014-09-25 00:20 - 2014-09-25 00:20 - 00000000 ____D () C:\Windows\TempD58C604B-D6C2-E153-B77C-FF27B7A3C592-Signatures
2014-09-25 00:20 - 2014-09-25 00:20 - 00000000 ____D () C:\Windows\TempA059AD7F-83E3-521D-9799-A912C49D683C-Signatures
2014-09-24 11:06 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 11:06 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 01:27 - 2014-09-24 01:27 - 00000000 ____D () C:\Windows\TempCEC0E453-621B-52BF-1821-2B89B392F480-Signatures
2014-09-24 01:27 - 2014-09-24 01:27 - 00000000 ____D () C:\Windows\Temp12383EDD-AEF0-A73B-35E2-B19B25C9F5C2-Signatures
2014-09-23 01:03 - 2014-09-23 01:03 - 00000000 ____D () C:\Windows\TempEE22ED6C-7832-BC12-5B6C-4DA475A08AC0-Signatures
2014-09-23 01:03 - 2014-09-23 01:03 - 00000000 ____D () C:\Windows\TempC2E322C6-F6EC-D45D-CEDB-9939D2E158CD-Signatures
2014-09-22 00:15 - 2014-09-22 00:15 - 00000000 ____D () C:\Windows\Temp6DC78192-03A6-0BCA-82B1-1A041C6D4A01-Signatures
2014-09-22 00:15 - 2014-09-22 00:15 - 00000000 ____D () C:\Windows\Temp36A665BF-EB4E-DA6E-DC3C-6BD07799764E-Signatures
2014-09-21 10:38 - 2014-09-21 10:38 - 00000000 ____D () C:\Windows\TempE763C99E-828C-DC82-1788-249C277E111C-Signatures
2014-09-21 10:38 - 2014-09-21 10:38 - 00000000 ____D () C:\Windows\TempBECA5739-FA23-5F76-77E4-D680817000E9-Signatures
2014-09-21 01:48 - 2014-09-21 01:48 - 00000000 ____D () C:\Windows\TempEBBD8C78-81EA-1FF9-2377-0C85BC6474C1-Signatures
2014-09-21 01:48 - 2014-09-21 01:48 - 00000000 ____D () C:\Windows\Temp85F81B78-550F-6D39-8043-F473DFAF699E-Signatures
2014-09-20 13:35 - 2014-09-20 13:35 - 00000000 ____D () C:\Windows\Temp55C14CD5-C72F-84F0-47D7-F546B5CEC906-Signatures
2014-09-20 13:34 - 2014-09-20 13:34 - 00000000 ____D () C:\Windows\Temp4F55B65E-EFB7-4B69-682B-1AB32FD5EF35-Signatures
2014-09-20 12:39 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-20 12:39 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-20 12:39 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-20 12:39 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-20 12:38 - 2014-09-20 12:39 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-20 01:09 - 2014-09-20 01:09 - 00000000 ____D () C:\Windows\TempED2B26EE-9190-C3CA-5483-90A2744A3CFB-Signatures
2014-09-20 01:09 - 2014-09-20 01:09 - 00000000 ____D () C:\Windows\Temp86D8263E-3829-1252-B75E-47AF99451CF7-Signatures
2014-09-19 11:43 - 2014-09-19 11:43 - 00000000 ____D () C:\Windows\Temp43B667E7-958D-7416-55B2-5401AF67A2CF-Signatures
2014-09-19 11:42 - 2014-09-19 11:42 - 00000000 ____D () C:\Windows\TempB098B4BC-588B-D606-5C2F-8CBBA45778F5-Signatures
2014-09-19 00:01 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\TempD7A0CD9E-B221-70E5-6828-0DDC21D04362-Signatures
2014-09-19 00:01 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\Temp48F55B1A-78A5-6564-ECF0-58D09A436D7E-Signatures

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 12:02 - 2014-08-12 07:32 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-10-19 11:45 - 2013-05-15 14:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-19 11:31 - 2013-03-25 00:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-10-19 11:30 - 2014-08-12 07:25 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-19 10:40 - 2013-01-12 17:39 - 01720553 _____ () C:\Windows\WindowsUpdate.log
2014-10-19 10:39 - 2009-07-14 00:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-19 10:39 - 2009-07-14 00:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-19 10:29 - 2014-08-12 07:25 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 10:29 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-19 10:29 - 2009-07-14 00:51 - 00070345 _____ () C:\Windows\setupact.log
2014-10-18 17:31 - 2013-01-13 17:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-18 16:48 - 2014-01-27 14:53 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-10-18 08:48 - 2013-02-14 21:59 - 00000000 ____D () C:\Users\Owner\Documents\@__Rita
2014-10-18 08:30 - 2013-06-06 13:21 - 519073710 _____ () C:\Windows\MEMORY.DMP
2014-10-18 08:30 - 2013-06-06 13:21 - 00000000 ____D () C:\Windows\Minidump
2014-10-17 20:53 - 2013-01-13 16:51 - 01700726 _____ () C:\Windows\PFRO.log
2014-10-17 14:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 10:10 - 2009-07-14 00:45 - 02986200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 10:01 - 2013-02-13 13:07 - 00002148 _____ () C:\Windows\epplauncher.mif
2014-10-17 09:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-17 09:52 - 2009-07-14 01:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-17 01:22 - 2013-08-14 05:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 01:22 - 2013-01-13 13:04 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 19:00 - 2014-08-12 07:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 19:00 - 2013-01-13 15:34 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-10-16 19:00 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-16 19:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 10:52 - 2013-02-13 13:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-14 10:52 - 2013-02-13 13:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-09 17:02 - 2013-01-14 19:33 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-10-04 09:11 - 2013-01-13 15:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 02:42 - 2013-01-15 13:57 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-20 12:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-20 12:39 - 2014-01-28 16:49 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-20 12:39 - 2013-01-13 15:39 - 00000000 ____D () C:\Program Files (x86)\Java

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$0906a283eedaa414308f0a11fe85ea31

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-422040510-2405641811-1513485937-1000\$0906a283eedaa414308f0a11fe85ea31

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 13:27

==================== End Of Log ============================