Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sweetpacks and a possible related but seperate issue


  • Please log in to reply

#1
shobo

shobo

    Member

  • Member
  • PipPip
  • 20 posts
Hello,

I have been having some internet issues and have posted the issue here: http://www.geekstogo...a-couple-hours/

RockMilk has been helping with that issue. This may or may not be related... While RockMilk was helping me with my internet issues he noticed; "it seems that the file lmrn.dll is related to Sweetpacks and is on your machine." He recommended I go through the Malware section of geekstogo to clean up my -computer. I did look at other sweetpacks threads but most threads said not to do anything because the solutions were computer specific so I have started a new thread. Ok, I have followed the directions given and below you will find my OTL text log.

Any ideas on what I should do next? Thank you so much for your time.

First possible information you may need:
I have Windows 7
I am using an Asus U52F
I pretty much only use Google Chrome except for my work network in which case citrix only works through internet explorer

OTL Log:
OTL logfile created on: 1/9/2014 11:11:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steph's\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.79 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 41.12% Memory free
7.59 Gb Paging File | 4.96 Gb Available in Paging File | 65.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574.68 Gb Total Space | 386.35 Gb Free Space | 67.23% Space Free | Partition Type: NTFS

Computer Name: STEPHS | User Name: Steph's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/09 23:10:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steph's\Downloads\OTL.exe
PRC - [2014/01/08 23:26:01 | 002,486,296 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/01/08 23:26:01 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014/01/08 23:26:01 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2014/01/06 11:30:02 | 001,015,088 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
PRC - [2014/01/02 19:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/07 18:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/13 13:29:11 | 000,932,528 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2011/11/17 12:10:32 | 000,157,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
PRC - [2011/04/20 16:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2011/04/20 16:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2011/03/28 09:02:29 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/12/23 14:36:46 | 002,629,632 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2010/07/02 15:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe
PRC - [2010/06/09 11:55:54 | 001,080,448 | ---- | M] (asus) -- C:\Program Files (x86)\Asus\ControlDeck\ControlDeck.exe
PRC - [2010/05/03 16:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/05/03 16:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe
PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/02/04 16:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/12 22:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 22:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/07/31 12:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\SmartLogon\sensorsrv.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/08 23:26:01 | 002,486,296 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/01/08 23:26:01 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2014/01/06 11:30:04 | 001,222,960 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\lmrn.dll
MOD - [2014/01/06 11:30:02 | 001,015,088 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
MOD - [2014/01/02 19:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/12/03 21:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 21:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/03 21:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 21:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 21:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 21:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/03 15:47:49 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/11/03 14:31:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/11/03 14:31:24 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/11/03 14:31:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/11/03 14:31:00 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/11/03 14:30:56 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/11/03 14:30:46 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/11/03 14:30:40 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/11/03 14:30:36 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/11/03 14:30:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/11/03 14:30:19 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/10/18 18:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/06/13 13:29:11 | 000,932,528 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/02 15:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe
MOD - [2010/02/23 17:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Asus\ControlDeck\Brightness.dll
MOD - [2010/02/23 17:14:18 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\Asus\ControlDeck\HelpFunc.dll
MOD - [2010/02/23 17:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Asus\ControlDeck\P4GControl.dll
MOD - [2010/02/23 17:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\Asus\ControlDeck\Resolution.dll
MOD - [2010/02/23 17:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\Asus\ControlDeck\Volume.dll
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/08 21:44:52 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/29 05:12:40 | 001,833,776 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/01 14:00:06 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/09/01 13:54:22 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 12:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 12:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 12:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2014/01/08 23:26:01 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013/12/11 00:05:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/11 16:13:37 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/11/17 12:10:32 | 000,157,696 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe -- (EMP_UDSA)
SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/01/29 23:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 11:59:58 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/09/25 20:07:30 | 000,148,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/09/08 21:11:42 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/09/02 09:59:14 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/09/02 09:29:18 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/09/02 09:26:50 | 000,192,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/09/02 09:26:42 | 000,241,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/08/20 21:53:58 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 21:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/11/17 12:10:34 | 000,023,040 | ---- | M] (SEIKO EPSON CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMP_UDAU.sys -- (eppvad_simple)
DRV:64bit: - [2011/11/17 12:10:30 | 000,005,632 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMP_MirrUD.sys -- (EMP_MIRRUD)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/18 12:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/16 19:28:36 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2010/05/16 19:28:28 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 19:28:26 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/04/13 05:15:03 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/18 00:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/03/04 04:53:01 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/26 03:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 17:38:29 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/21 01:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/08/06 16:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 05:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/05/13 11:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {B933F1C6-91A6-4D16-9E8C-B2901F5107D7}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...0-F46D0415328B}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-10-18 13:48:40&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...h={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V8 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...ms}&sspv=TB_SA"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://proxy.allsear...com/app/start/"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.2.0.5
FF - prefs.js..extensions.enabledAddons: %7BC4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD%7D:2.0.0.583
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"

FF - user.js..browser.startup.homepage: "http://proxy.allsear...com/app/start/"
FF - user.js..browser.search.defaultenginename: "All Search"
FF - user.js..browser.search.defaultenginename: "All Search"
FF - user.js..extensions.enabledAddons: [email protected]:1.0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Steph's\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Steph's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 [2013/08/14 16:27:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/20 17:35:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/24 13:32:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Social Privacy\FF\ [2013/04/11 16:41:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/20 17:35:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/24 13:32:02 | 000,000,000 | ---D | M]

[2013/04/11 16:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steph's\AppData\Roaming\Mozilla\Extensions
[2013/04/18 21:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\extensions
[2013/04/11 16:41:54 | 000,000,328 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\all search.xml
[2013/04/12 20:52:20 | 000,001,122 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\mixidj-v8-customized-web-search.xml
[2013/12/31 01:33:28 | 000,002,115 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\MyStart Search.xml
[2013/09/19 13:53:43 | 000,002,120 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\MyStart.xml
[2013/04/11 16:22:05 | 000,002,519 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\WebSearch.xml
[2013/07/12 22:28:55 | 000,000,915 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\yahoo.xml
[2013/04/11 20:47:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2013/05/20 17:36:44 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\15.2.0.5
[2013/04/11 16:13:38 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2013/08/14 16:28:02 | 000,003,717 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/04/11 16:13:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/11 16:13:35 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2013/04/11 16:22:05 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig
CHR - Extension: Google Docs = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_2\
CHR - Extension: Google Drive = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_0\
CHR - Extension: Google Wallet = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: MixiDJ V8 = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.26.0.540_0\
CHR - Extension: MixiDJ V8 = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: Gmail = C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (DataMngr) - {F2D6C718-7E52-428E-8852-365C4B1A6E36} - C:\Program Files (x86)\Settings Alerter\Datamngr\x64\BrowserConnection.dll (Koyote-Lab, inc)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DataMngr) - {F2D6C718-7E52-428E-8852-365C4B1A6E36} - C:\Program Files (x86)\Settings Alerter\Datamngr\BrowserConnection.dll (Koyote-Lab, inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPSON_UD_START] C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UD.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F4596E0-B8AC-4E07-9F0E-64013A3B8AE0}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{678A94DD-FAF1-4778-B5AB-60F415DD5F98}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85FC417C-AFAC-44FC-9DD8-C8F3784779FC}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B492CFC-5BA4-4BE3-9153-218CC8DF45A8}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B7ADE62-1058-4F58-95A8-94121A3419DB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C97F848E-47D8-40A1-A35E-16E531D37FA0}: NameServer = 66.228.116.178,66.228.116.179
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Settings Alerter\Datamngr\x64\datamngr.dll (Koyote-Lab, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Settings Alerter\Datamngr\x64\IEBHO.dll (Koyote-Lab, inc)
O20 - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Settings Alerter\Datamngr\IEBHO.dll (Koyote-Lab, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{df6161e4-d037-11e2-9623-f46d0415328b}\Shell - "" = AutoRun
O33 - MountPoints2\{df6161e4-d037-11e2-9623-f46d0415328b}\Shell\AutoRun\command - "" = E:\EMP_UDSe.exe /autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/08 21:49:10 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/08 15:29:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ljkb
[2014/01/08 15:29:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013/12/22 10:53:28 | 000,000,000 | ---D | C] -- C:\Users\Steph's\Brushes
[2013/12/19 00:24:29 | 000,000,000 | ---D | C] -- C:\Users\Steph's\Documents\Updater
[2013/12/11 10:51:46 | 000,000,000 | ---D | C] -- C:\Users\Steph's\AppData\Local\dumps
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[4 C:\Users\Steph's\Documents\*.tmp files -> C:\Users\Steph's\Documents\*.tmp -> ]
[3 C:\Users\Steph's\Desktop\*.tmp files -> C:\Users\Steph's\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/09 23:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/09 22:59:01 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 22:59:01 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 22:57:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 22:51:37 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/09 22:51:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/09 22:51:15 | 3054,931,968 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/09 22:43:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
[2014/01/09 20:36:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
[2014/01/09 17:36:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
[2014/01/09 17:17:50 | 000,001,152 | ---- | M] () -- C:\Users\Steph's\Desktop\registry.reg
[2014/01/09 17:01:25 | 000,798,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/09 17:01:25 | 000,674,490 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/09 17:01:25 | 000,126,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/09 10:43:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
[2014/01/08 21:52:07 | 000,791,330 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/08 21:44:56 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/08 21:44:53 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/08 15:34:57 | 000,001,056 | ---- | M] () -- C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/07 12:00:03 | 002,887,680 | ---- | M] () -- C:\Users\Steph's\Documents\Donors.mpddb
[2013/12/29 05:12:40 | 001,833,776 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013/12/29 05:08:58 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013/12/22 23:25:32 | 000,768,006 | ---- | M] () -- C:\Users\Steph's\Desktop\christmas.jpg
[2013/12/15 13:00:34 | 000,421,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/15 12:57:37 | 740,216,197 | ---- | M] () -- C:\Windows\MEMORY.DMP
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[4 C:\Users\Steph's\Documents\*.tmp files -> C:\Users\Steph's\Documents\*.tmp -> ]
[3 C:\Users\Steph's\Desktop\*.tmp files -> C:\Users\Steph's\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/09 17:17:50 | 000,001,152 | ---- | C] () -- C:\Users\Steph's\Desktop\registry.reg
[2014/01/08 21:44:56 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/08 21:44:53 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/22 23:25:26 | 000,768,006 | ---- | C] () -- C:\Users\Steph's\Desktop\christmas.jpg
[2013/06/27 12:55:17 | 000,000,081 | ---- | C] () -- C:\Users\Steph's\CTX.DAT
[2013/06/07 17:39:06 | 000,174,467 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2013/06/07 17:39:06 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2013/05/28 11:03:14 | 000,041,008 | ---- | C] () -- C:\Windows\SysWow64\RGBAcodec.dll
[2013/03/27 12:58:36 | 000,000,017 | ---- | C] () -- C:\Users\Steph's\AppData\Local\resmon.resmoncfg
[2012/10/20 08:51:01 | 000,174,467 | ---- | C] () -- C:\Windows\hpoins43.dat
[2012/10/20 08:51:01 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2012/09/13 14:19:07 | 000,000,245 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/09/13 14:19:07 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/09/13 14:18:33 | 000,003,302 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2012/09/13 14:17:29 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/09/13 14:17:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/09/13 14:17:05 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012/02/22 12:00:19 | 000,004,096 | -H-- | C] () -- C:\Users\Steph's\AppData\Local\keyfile3.drm
[2011/05/06 21:33:51 | 000,010,752 | ---- | C] () -- C:\Users\Steph's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/06 14:52:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/12/20 23:30:51 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Amazon
[2013/09/24 00:06:10 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Anvisoft
[2012/10/18 11:56:39 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Audacity
[2013/08/10 13:03:17 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\AVG
[2013/09/24 00:09:13 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\AVG2014
[2011/12/31 15:34:45 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\com.amazon.music.uploader
[2013/12/01 00:22:05 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\ControlCenter4
[2011/11/02 13:31:34 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Downloaded Installations
[2014/01/09 23:07:25 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Dropbox
[2013/04/11 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Eltima Software
[2011/11/02 13:37:23 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\FedEx
[2013/04/11 16:22:33 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\FVD Suite
[2013/03/02 09:40:46 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\ICAClient
[2012/09/13 14:12:05 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Nuance
[2013/09/21 19:38:17 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Opera
[2013/04/28 22:57:03 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\OverDrive
[2012/09/04 11:55:25 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\RCP 6
[2013/05/24 08:47:18 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\SmartDraw
[2014/01/08 20:06:41 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\SoftGrid Client
[2013/01/06 12:33:12 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Spotify
[2011/10/17 19:49:15 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\TP
[2012/12/19 01:03:29 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\TuneUp Software
[2012/10/18 12:04:23 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\UltraMixer
[2012/02/28 18:47:41 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Unity
[2011/05/07 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Steph's\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >

Edited by shobo, 09 January 2014 - 10:50 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.



Ron
  • 0

#3
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thank you, Ron for being so fast.

Ok, Below are the results of my ADWCleaner scan. I will now start the Junkware scan.

# AdwCleaner v3.016 - Report created 10/01/2014 at 00:32:44
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Steph's - STEPHS
# Running from : C:\Users\Steph's\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ARFC
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Steph's\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Steph's\AppData\Local\Conduit
Folder Deleted : C:\Users\Steph's\AppData\Local\Discount Buddy
Folder Deleted : C:\Users\Steph's\AppData\Local\PackageAware
Folder Deleted : C:\Users\Steph's\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Steph's\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Steph's\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
File Deleted : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\MyStart.xml
File Deleted : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\WebSearch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\WebSearch.xml
File Deleted : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287822
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_winavi-iphone-data-recovery_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_winavi-iphone-data-recovery_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\Discount Buddy
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Updater By Sweetpacks
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v18.0.2 (en-US)

[ File : C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\prefs.js ]

Line Deleted : user_pref("CT3287822_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1365817313788,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.fantastigames.com/web?src=ffb&gct=ds&appid=107&systemid=465&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3287822");
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.2.0.5");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V8 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287822&CUI=UN44896628517416268&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_SA");
Line Deleted : user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("extensions.incredibar.admin", false);
Line Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar.cntry", "US");
Line Deleted : user_pref("extensions.incredibar.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Line Deleted : user_pref("extensions.incredibar.did", "10650");
Line Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Line Deleted : user_pref("extensions.incredibar.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar.hdrMd5", "9844BDA7A0747AEB54FA8660C1582659");
Line Deleted : user_pref("extensions.incredibar.hmpg", false);
Line Deleted : user_pref("extensions.incredibar.id", "faa4839500000000000064d4da270ed9");
Line Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar.instlDay", "15532");
Line Deleted : user_pref("extensions.incredibar.instlRef", "");
Line Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
Line Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1414:43:46");
Line Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Line Deleted : user_pref("extensions.incredibar.newTab", false);
Line Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.incredibar.ppd", "169%5F2");
Line Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar.productid", "26");
Line Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar.sg", "none");
Line Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8yGRwM6y&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar.upn2", "6R8yGRwM6y");
Line Deleted : user_pref("extensions.incredibar.upn2n", "92824688266976486");
Line Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1414:43:46");
Line Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar_i.did", "10650");
Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar_i.id", "faa4839500000000000064d4da270ed9");
Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15532");
Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
Line Deleted : user_pref("extensions.incredibar_i.ppd", "169%5F2");
Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8yGRwM6y&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar_i.upn2", "6R8yGRwM6y");
Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92824688266976486");
Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1414:43:46");
Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.wajam.affiliate_id", "6447");
Line Deleted : user_pref("extensions.wajam.firstrun", "false");
Line Deleted : user_pref("extensions.wajam.log_send_info", "false");
Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Line Deleted : user_pref("extensions.wajam.no_trace", "false");
Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21086");
Line Deleted : user_pref("extensions.wajam.trace_log", "1365715700693 - processInstallationUpgrade - version set to : 1.26\n1365715700693 - processBrowserLoad - Bad mappingListJsonString: null\n1365715701175 - onFla[...]
Line Deleted : user_pref("extensions.wajam.unique_id", "F53AF38DA3975746A85AEEE9DCBAEFBE");
Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Deleted : user_pref("extensions.wajam.version", "1.26");
Line Deleted : user_pref("smartbar.machineId", "NFFI1DXV2YVQIQO+E6S+CK7MJZNTHUCXKS9CY2+M+MNRMBP8DBFEIAYBBECEFKCNT/CMKJP+VM8M87KWUAIBQW");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://mystart.incredibar.com/mb131?a=6r8ygrwm6y/|||8641[...]
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavi[...]
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_referrer", "hxxp://isearch.avg.com/dns?pid=avg&sg=&cid=%7B55a6ee1f-670a-46d4-bb20-988f8b18aec4%7D&mid=d1f14283be1447d19e08252442f1db78-[...]
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.com/dns?pid=avg&sg=&cid=%7B55a6ee1f-670a-46d4-bb20-988f8b18aec4%7D&mid=d1f14283be1447d19e08252442f1d[...]
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks");
Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.com/dns?pid=avg&sg=&cid=%7B55a6ee1f-670a-46d4-bb20-988f8b18aec4%7D&mid=d1f14283be1447d19e08252442f1d[...]
Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [24731 octets] - [10/01/2014 00:26:14]
AdwCleaner[R1].txt - [24792 octets] - [10/01/2014 00:27:30]
AdwCleaner[S0].txt - [24346 octets] - [10/01/2014 00:32:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24407 octets] ##########
  • 0

#4
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Here is my JRT.txt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Steph's on Fri 01/10/2014 at 0:40:19.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{25DA73D2-CBE0-43A5-8BFA-F757F5E69864}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2842191437-2308858041-683640302-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2842191437-2308858041-683640302-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}



~~~ Files

Successfully deleted: [File] "C:\Users\Steph's\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho4927.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho97E9.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB75E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC045.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Steph's\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Users\Steph's\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{00D5030F-652D-4869-A6CB-41373C94EDBB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{00DF3CA0-3D15-434E-91AD-FB5680208D82}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{038F153F-EAF9-4B9C-9B2B-4595D1A9C6E4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0416A66C-7D17-4B5D-8904-334B4D95D5BC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{05E4FAA3-0020-4216-974A-B5506DA2EC1B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{065E4263-F64E-4A14-AF39-2494DF60A2DF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0703772C-DA1D-40EC-B915-67D58AB6B194}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0870AEFF-19E8-473E-B5DB-383F656D1086}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{094959F4-5300-4285-BDDA-4ACE53F1EF2B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0994A844-C2AB-4EB9-8B56-8922442E7ADA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0997368C-FB4B-4EEB-AFC0-297A032C66F4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{09FF300A-CB9B-47C8-87D9-CA609C92E96B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0A058F5A-9C54-4721-B386-973C7992AA2E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E2B76E0-1350-4657-9F43-C843E1B0EC7B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E473694-DF66-4318-B7DF-7BA5031827E2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E5E5CFB-18BE-4E28-9AB2-E86293061E3F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0ED253E8-D417-4E0D-817A-A2CF1BD10B57}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F1694AC-6E13-4347-BF00-CAF58AD22BF4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F22BC0E-A92C-4FF9-BA9C-BB2D540D03BD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F52204A-6A58-4B1C-BBCA-4DA45C1F3E40}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F5482B1-4F7B-4790-ABC8-5DAD3281EBF5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F5DCFDD-697C-411B-A42D-7544648508A6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F8B51B3-78F3-4A8C-9AC8-975DAC08E614}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1075D91D-52FB-4A1F-BCDC-39C724673039}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{10DD94E3-4545-4EF7-B97A-2ED666781BE9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{117CEC27-019B-4C4D-B952-55C154711DA6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1295D11E-F9EB-42A0-AF40-517B5C0CF545}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{148896EE-8350-4ECB-A794-66A2B3D2364B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{16C633A8-FFBD-4265-8F18-0E0F9535CB83}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{17805421-D262-4177-B1AA-20DF8EB349C8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{19B59C62-6A99-4B23-81A4-D10D64079543}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1A514382-9AD2-4994-A4A5-489992AC66F1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1C0981DF-A017-47E0-8BC1-76148C6A4848}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1E20E87F-1B9B-4D8A-AFC3-3467EBE5D033}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{20044B2E-D553-4A24-AE6E-3956E19C3073}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{205844BC-73BB-43E5-A478-26B5C48D102F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{20F9A02B-06E2-4D53-9BA7-2CBA67558002}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{21112CDE-AAF0-41BB-9359-4DCEC75A53DA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{211BA890-6676-421B-83C9-4D7D9C7074FE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{22CD346A-4116-4F6B-B1B7-AF1C3423F8A9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{22CE064A-1FDD-4209-A9C5-D47B5D9151BB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{23599633-3405-4115-B99C-F76D9F402874}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{289BF344-0998-4643-8571-855B8EEC4D88}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{28AD9659-018D-4970-9A0C-AADFB3FE4075}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2959215B-EFCA-4EF8-808E-712020A92509}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2B5A7BC4-EF6A-4FF7-8EAC-3C10B49D024E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2C8D99CC-B58E-4A1D-A65A-B58FB90E0A5C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2CEFA947-82F5-40F6-9DA7-AC4CDF6EC37D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E6194EB-6F79-4452-A3D9-5E44E534D210}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E71E265-A30F-4D98-9A11-A4266AEA8F06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E9AE9D9-15B1-4266-BEED-77B5A7EF00CF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2F053A76-B466-4C88-B495-64596A6546FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2F754007-EFC9-4403-85AB-8ED868CFEB18}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2FFD545D-BD92-4ADF-B5E4-7579560BFF4C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{31792953-2FE5-45A6-80E1-72A745B72DC5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{341832F7-07C1-42DC-8653-9271975CC20C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{35D46740-3DD7-4BA8-BC39-3188B3C275A7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{37C680A6-13E0-423A-9F44-4137623F4D57}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3A6F44BB-D448-418C-9033-4C52014E816C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3A7FF6DC-356C-4A6E-A8A0-800FDC107B1E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3AE5CB9F-F830-4C2A-9A5F-A0B418843897}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3AEDB52A-8F62-4FBF-8931-A05462147EF0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3BCBEA52-C89A-43AF-A1CB-0EE2788822B2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3BD0184E-E8F0-43C2-883F-3B35919112F1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3CADFEA9-C767-4842-80AD-C6C8996EBB4B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3CE38C48-299E-4FC0-A935-2D62F67BDA44}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3D75C80A-7E65-4EE1-A011-377D415B4F40}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3DAAAE1D-38E5-4C3F-9E61-31583D0DE73B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3DCDC545-E305-44E4-AA0F-CE46A70D708E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3F1D02B0-40F0-4F53-8690-6D5420AED77E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3FAB8538-FA51-4F67-BAAF-3393BA603736}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{402AFD30-1561-4180-8DE4-A6C9329E593D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{41DFE4E6-67AB-4290-81F1-727536F6964E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{41E9557A-D4C3-443E-87AC-FB06AFB0BC90}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{425A5548-CCF4-47F3-9D0C-7D4A1F535D5A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{42F0EBD7-2E48-4A93-96C0-75C9FFDF7117}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4384BC74-64CB-4EC4-A0C5-BF233B8F17A8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{438FDCDB-9BDC-4FE3-AEA0-D2E182561EA7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{448D9C0C-EBBA-4B37-9A70-C77654D62293}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{44F145EE-B76F-43FE-979D-36C9697635B5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{46E16366-D360-4BB6-AEEA-793F818CA1CE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{472016B9-E195-43F1-B925-D3FA2A8EF014}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{47A63E37-3D27-45D1-9D96-E3253AF206C5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4905499D-BAC0-44E9-B5CD-BC8C7BF54E2E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4AC5654F-0F0D-43FB-AED6-0F6BB30EBCEC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4AC6690D-5626-49F6-BCE9-63496A4EDD97}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4BAA215E-F1C1-4A55-8491-C69A5D0FD431}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4C66ADD8-A79C-410E-98F3-AD2D87B540A2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4D66FE29-E20F-414C-8CCA-5081CBC42877}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4EEF9845-31ED-442A-9F4C-863E45D04FB5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4F4EFC11-A5EB-41AE-AC38-07C2FF35174B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5100634D-FA3B-4FC9-B0BF-DB0104067EFF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51547270-6EB1-41CD-8F70-21A3F069931B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51C37BE1-8C98-4C91-8F86-389CB4514F10}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51EE10B6-08CF-48A3-AE2F-2163E4EE1C95}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5233C9F6-F8F8-4B29-82D7-1568BDC503B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{52511612-DB36-49E0-BB73-C60F07299A5C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{52D12B27-5412-4C9E-B5DC-9AA86FE44125}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{533DF564-42DE-4890-A208-C4676F04A48A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{54A626DE-A67F-4707-A242-9F8DA33DE705}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{54E1394C-D2AA-4045-8969-8A87A0869F1E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{57ABB7ED-BBD9-4AB7-B209-0C617ACE4908}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{59A38C99-C251-4B71-8A43-BD5ADD7EFD1D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5A6BF5C6-ED9E-41A6-8D84-AF7A054F39C7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5CF05D85-C128-43F8-A83E-38B4E63ACA58}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5D227A47-45D3-4CFD-A575-ECF09BC0C06B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5D25E059-75D3-495C-81F1-B0045ADF463E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F3716AC-33EC-4304-8D85-5D5794446896}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F38583D-BE59-4218-BA53-15DAFE5E4661}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F8177E3-F02C-4B63-AEA7-AB63A167A281}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F81C35D-902C-423E-AE7D-C73ECBEC4E7E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{610AB8A0-0290-4588-B124-2EFBAB4DAF52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{684A0083-56D8-4455-8F6C-9B0FAA9B419C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{686FE760-5DBB-4701-B864-FF294A684868}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6A656CF6-B4A4-4D34-80A1-41C122213D52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6BF7B4A6-028A-4E29-B917-2E58D65201DA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6C5F6C5F-D3CB-4E91-BCCB-896141F70528}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{710A1068-8A94-47DD-B4D3-876070E79034}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{710B8507-0A5C-452F-86FD-53A18A30633B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{715BA850-7C96-4213-9F4F-B30C12C86675}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7165894E-05D5-402C-A13A-E6D32EA27233}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{71D0E263-7C68-44E9-9BDB-963840954F06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{746466D8-4076-4774-9EA1-442ED36A0213}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{78817680-B35A-4051-9633-7EA27845F55A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7A798BE9-95B1-4E4E-B0BC-A25D00EC89AA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7B0407CE-4005-4075-AB70-932EC3D5B6DE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7B699BCC-0C36-4365-80BF-E8D756C60FF0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7BF75EC9-545C-4FC7-8384-7186794C8D96}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7CBD316E-1DC5-4A3B-A7DC-1A93656A4A9B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7E9A662D-075D-443A-B326-B4D7C79F3BD9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7F27BE93-EEE1-4FEE-950D-4ECD7EE477AF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8151E213-17C4-45EA-BF28-A4A6317E954D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{81B6A5D6-DF41-4BA9-B574-574E9F281040}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{81D48DBC-0C59-4FE8-91F8-85FBA24FF4FB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{82B65620-9FB9-4103-AD9E-B168887EBA1A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{838C8F36-8A66-42A2-8E8F-BD2738CC102A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{84CDBCF8-DAF9-4356-9C80-CFA92A78FAE1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{85D9137E-DCE4-494C-AD1F-F8BB336589BD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8785E48E-62A4-4DAE-9AD1-31633849753E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8799E9CC-3638-4883-97FB-EC7FFF781462}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{881EF158-1364-4019-97C8-29CAF634F9C7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{897099CE-473C-4587-9B6A-DC167D4AEFD7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8AF0EAC2-E63A-4184-BB91-C1650C6B47D5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8B17ECBB-7AA7-460E-9B19-8EB1520CC4CA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8C0BAA61-D452-49FD-9A9F-F93E19B86D4C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8CB721C8-5043-4249-96EE-BEE639940EB3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{906B2F37-5AA7-46A9-B108-B9A0903FE64F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{906F39AF-C215-40AE-93ED-F62A9D66D7EF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{935C386A-271B-41D0-8FB5-0CBAFC452EEE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{95F9C14E-0EC8-4EB4-A1F5-1A3B427A80A0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{96828525-FAAC-4020-B64F-D7B3653773AC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{96B2E9CB-F1D2-4E89-A4FE-0BD9034E48F6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{97081855-4C71-42BD-8CDA-C927B02BFB42}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98C12317-42F8-484E-ADFA-2DE3821FF885}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98D5A8A6-0A6C-425B-8D9A-DEE510C90397}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98F0B8C7-6D2C-46B6-978B-5F87EA201D7F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{995760EF-453E-4F32-8A23-361001142EA8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9BB06100-90CB-4564-85EB-EAC9087BFC9A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9C4C513D-289F-484E-8321-F930DD8FC3CE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9D425B43-22A4-40F7-BE59-2F5916B62A7F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9F03801A-1D26-4F4F-A0D9-6D85F07521CB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9FA73C6D-161A-4CB1-847F-433A961E80B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A01A274C-18A1-4208-9C1D-D8DFA84F50F9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A0EAEC6E-493B-43FA-9A3E-C9991F1C111F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A1604235-0E4A-4DA2-9F10-F09271734E88}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A214F064-6C0E-4E69-8334-B140C17EBA49}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A2472C88-06CE-465A-87EE-EB17391E2B55}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4E1758A-9BB9-4BCD-95EC-9DA40A552B0C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4E1E2B2-72C3-4D3B-BE03-52641FC38A59}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4FB5987-DECA-4A30-8F15-874BDE139326}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A5C1671E-972E-47F9-8973-0C6CAF94A2F4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A67EB73F-D422-4F61-966B-EF1B3895C52B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A81B9A81-B5E5-4642-A80A-EFB9A13A2F11}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{AA3C1585-742C-4C28-BAC7-E556FA9505AD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{AC56DE11-09C0-4315-A824-B294E941E054}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACC71A88-8F18-4284-B990-B6DD232A5189}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACCF2D4B-3285-4F9E-B908-9DFFDC9D845A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACEF1B49-026B-41B2-9843-C0A6F51226FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B1719B8F-D008-4765-BDEB-4F980786800B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B228103D-542A-4E35-A0A1-05AEDE836B1A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B26C4623-8B89-4385-A26A-BF5E75E6B299}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B2E8F21E-F8EA-4CEE-84BF-CCF044A1D8E4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B3A49F85-B607-42DD-85B2-6AC88EE3FF37}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B3B0AFA3-D7BC-45D5-810F-720EE06B6839}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B5848B15-8275-414E-BFA4-A73409E68695}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B8D087C1-E161-4E88-B052-347B949EDC41}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B8FE7B9B-26C9-475F-827C-FCF7AE671A25}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BA19D207-343C-4E0B-BCEE-7AEDB8A8C330}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BB109382-D1C8-49FF-8BF5-C443186C2138}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BB794329-E8DB-47DE-922C-88038FDAF5E5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BE5252C8-E9BB-495C-9D76-6A260C37BF52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C1A85B90-F713-4598-B14B-66C20CF636D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C2161D14-98F5-48B4-98BE-A89D2883D174}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C2867FD9-05A0-477D-923B-3DF3B9E79FA5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C48FB580-AFA6-4465-8641-4D93ADAC5838}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C544FD89-2C1E-47F3-8CD7-B3D80FB8E04B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C642B8BB-F63C-4BD4-BD0D-D88D24B51C06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6718CCC-C8FA-46C9-BDA9-85BA4A25578D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6D13852-2CE0-4C83-93CB-C90A00FEB77A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6E81ADF-59D6-40A6-BACF-4A09F5B5DFC3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C709A62F-9576-4687-A678-C17F32F2CCB4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C7490EC2-FE22-4766-9385-8667D2C89CE9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C7B3D576-C5F7-45C7-B12A-98542D02CE83}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C814FC59-0572-4454-99F5-0F7D267BFE38}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C89E5B6C-2972-4676-9862-6E0E8F46D465}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C96D5C3F-F828-4FF3-B661-BA853A872E84}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CAC67F0E-0DFC-4835-854E-179D78605F62}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CB3E5F33-D08D-4465-B1F3-B014AFDB6D0B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CB5B91F4-F07A-4A43-97F8-99315B5AD2D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CC06C6E2-C83C-4454-A719-ADBA00322FB5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CE3BF95E-3367-4B08-B4F4-A225AEE79D8D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CE6804CA-EA9D-4E1B-B10C-CF08F4EBDF46}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CEA86DE3-7983-4DFC-AF37-1950FD9189FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CF3C2775-D82E-40F6-968C-8ED5056665DD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D06E424C-D088-49C3-8BBD-3ECE0281284F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D19BE7AC-12C6-4834-A221-1C151CEC8D53}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D1C581EC-1167-4E05-A54D-B425BB4A2AD9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D30516A4-C610-4880-828F-2026FAEF31D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D5800122-4465-4028-8C39-183B65E631A6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D5D09A31-99F5-4F7E-8B46-1B2871DA1C78}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D62546C2-45EE-4C48-BE1F-C8FF8E9C203D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D7F1F33E-4BA2-467C-9434-1E2C93AE5E53}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D8B2A334-F28C-419D-AD99-36C6C0786484}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D8FAE770-5B79-4DD3-B906-2DC4EA5D2485}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DB047469-E6B6-46BE-85E6-F1D7DFF924CF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DB812821-6A4F-45CE-9379-CABB43B0D454}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DBB72472-9891-4B5A-8B01-EFCDD3187315}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DCE34928-0C97-4549-A107-3F4A6EA13D39}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE5799A2-9DBE-4975-B247-3CBBD68A6FD0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE804EAE-3B8A-43D3-8E37-FF325A00B635}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE809551-5182-40AA-8425-3AFA324BF3D3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E0A99F8F-3BC8-4275-8148-02AB4DB64643}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E0F2FDFE-B86D-492C-A2E0-C9F86FBB4264}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E1896340-DA7C-413D-ABED-15AD44F84E86}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E19D747F-9975-4A70-BC2A-683AF97B988D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E24B559F-47CD-4944-9E95-3906E764154E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E252F02B-FAFC-4F93-B972-90526BEAB2B0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2567D26-5E16-4835-AADD-A16222BA9B7D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2C8AB35-D342-487B-8E19-DAF5BDDD6A9E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2F22F52-B1B7-4117-B74F-3BE992BC0153}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E370EEE2-41C1-489C-9471-4AA0B7DB27EB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E3CF3AC0-5819-4E5B-BDC7-34457C8C5019}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E4107009-89E1-477E-9BBC-970BEAFB2F71}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E41E0139-ECBF-4F2F-9096-29853E14DF8D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E5176FE1-E14B-4BC3-B243-341EAB60A384}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E684E371-2620-4796-BCC0-5D62305D3F1C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E90A430F-3FCA-4F82-9E52-0349549D7622}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E9103997-67C2-4F02-975D-7BD7DC366BA8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E97BD29D-0B2D-4D7F-AA68-CD2550AFF17B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ECFAB848-16AD-4199-A677-D0FB5D65736C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EE753567-17AF-406B-8CA9-5AF27B6EB2B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EF400423-CC78-4108-9206-22EAA3341BD0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EF8D7CAB-85DF-42FF-8B77-69E485F2B8D7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F1764899-1B4F-4193-92D7-DF37D051467C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F1DB9197-BC9A-4934-A70E-223205EE5079}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F2408613-3111-4D0C-AC50-16BD4D1B8523}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F2CFDAB3-1895-4CA2-A203-38A60E14675B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F42F6632-0183-429E-8C70-F1C9B87C9E31}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F489CA29-BE5F-42E7-948D-ECA79782BE03}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F59428BC-1171-4CEF-8679-C1C1F6A065A7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F5B5672E-AAE3-457E-AD7B-281E9BD937D5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F63DB804-5BC5-4963-8C40-4CADA85F6479}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F821D7EF-F72B-4927-9B82-932100AB2E36}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F9979555-5BAA-479C-8F87-A3C7337BF6EF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FA776B0D-3CC3-41CF-AB4C-013DDCFA0846}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FAB6FBF4-9A4A-43EC-828D-693B263E44D0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FD8F93EA-92C9-48D5-8511-A371F8D000E0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FF05B9FB-9BB5-4D22-8C2C-493EDB83ED33}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{c4cfc0de-134f-4466-b2a2-ff7c59a8bfad}
Emptied folder: C:\Users\Steph's\AppData\Roaming\mozilla\firefox\profiles\ciknw5lq.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 0:48:21.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#5
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
And lastly my FRST.txt followed by my Addition.txt.

Thank you for looking at all of this

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Steph's on Fri 01/10/2014 at 0:40:19.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{25DA73D2-CBE0-43A5-8BFA-F757F5E69864}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2842191437-2308858041-683640302-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2842191437-2308858041-683640302-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}



~~~ Files

Successfully deleted: [File] "C:\Users\Steph's\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho4927.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho97E9.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB75E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC045.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Steph's\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Users\Steph's\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{00D5030F-652D-4869-A6CB-41373C94EDBB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{00DF3CA0-3D15-434E-91AD-FB5680208D82}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{038F153F-EAF9-4B9C-9B2B-4595D1A9C6E4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0416A66C-7D17-4B5D-8904-334B4D95D5BC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{05E4FAA3-0020-4216-974A-B5506DA2EC1B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{065E4263-F64E-4A14-AF39-2494DF60A2DF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0703772C-DA1D-40EC-B915-67D58AB6B194}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0870AEFF-19E8-473E-B5DB-383F656D1086}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{094959F4-5300-4285-BDDA-4ACE53F1EF2B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0994A844-C2AB-4EB9-8B56-8922442E7ADA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0997368C-FB4B-4EEB-AFC0-297A032C66F4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{09FF300A-CB9B-47C8-87D9-CA609C92E96B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0A058F5A-9C54-4721-B386-973C7992AA2E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E2B76E0-1350-4657-9F43-C843E1B0EC7B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E473694-DF66-4318-B7DF-7BA5031827E2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0E5E5CFB-18BE-4E28-9AB2-E86293061E3F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0ED253E8-D417-4E0D-817A-A2CF1BD10B57}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F1694AC-6E13-4347-BF00-CAF58AD22BF4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F22BC0E-A92C-4FF9-BA9C-BB2D540D03BD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F52204A-6A58-4B1C-BBCA-4DA45C1F3E40}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F5482B1-4F7B-4790-ABC8-5DAD3281EBF5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F5DCFDD-697C-411B-A42D-7544648508A6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{0F8B51B3-78F3-4A8C-9AC8-975DAC08E614}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1075D91D-52FB-4A1F-BCDC-39C724673039}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{10DD94E3-4545-4EF7-B97A-2ED666781BE9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{117CEC27-019B-4C4D-B952-55C154711DA6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1295D11E-F9EB-42A0-AF40-517B5C0CF545}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{148896EE-8350-4ECB-A794-66A2B3D2364B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{16C633A8-FFBD-4265-8F18-0E0F9535CB83}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{17805421-D262-4177-B1AA-20DF8EB349C8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{19B59C62-6A99-4B23-81A4-D10D64079543}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1A514382-9AD2-4994-A4A5-489992AC66F1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1C0981DF-A017-47E0-8BC1-76148C6A4848}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{1E20E87F-1B9B-4D8A-AFC3-3467EBE5D033}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{20044B2E-D553-4A24-AE6E-3956E19C3073}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{205844BC-73BB-43E5-A478-26B5C48D102F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{20F9A02B-06E2-4D53-9BA7-2CBA67558002}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{21112CDE-AAF0-41BB-9359-4DCEC75A53DA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{211BA890-6676-421B-83C9-4D7D9C7074FE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{22CD346A-4116-4F6B-B1B7-AF1C3423F8A9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{22CE064A-1FDD-4209-A9C5-D47B5D9151BB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{23599633-3405-4115-B99C-F76D9F402874}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{289BF344-0998-4643-8571-855B8EEC4D88}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{28AD9659-018D-4970-9A0C-AADFB3FE4075}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2959215B-EFCA-4EF8-808E-712020A92509}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2B5A7BC4-EF6A-4FF7-8EAC-3C10B49D024E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2C8D99CC-B58E-4A1D-A65A-B58FB90E0A5C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2CEFA947-82F5-40F6-9DA7-AC4CDF6EC37D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E6194EB-6F79-4452-A3D9-5E44E534D210}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E71E265-A30F-4D98-9A11-A4266AEA8F06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2E9AE9D9-15B1-4266-BEED-77B5A7EF00CF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2F053A76-B466-4C88-B495-64596A6546FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2F754007-EFC9-4403-85AB-8ED868CFEB18}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{2FFD545D-BD92-4ADF-B5E4-7579560BFF4C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{31792953-2FE5-45A6-80E1-72A745B72DC5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{341832F7-07C1-42DC-8653-9271975CC20C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{35D46740-3DD7-4BA8-BC39-3188B3C275A7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{37C680A6-13E0-423A-9F44-4137623F4D57}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3A6F44BB-D448-418C-9033-4C52014E816C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3A7FF6DC-356C-4A6E-A8A0-800FDC107B1E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3AE5CB9F-F830-4C2A-9A5F-A0B418843897}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3AEDB52A-8F62-4FBF-8931-A05462147EF0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3BCBEA52-C89A-43AF-A1CB-0EE2788822B2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3BD0184E-E8F0-43C2-883F-3B35919112F1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3CADFEA9-C767-4842-80AD-C6C8996EBB4B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3CE38C48-299E-4FC0-A935-2D62F67BDA44}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3D75C80A-7E65-4EE1-A011-377D415B4F40}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3DAAAE1D-38E5-4C3F-9E61-31583D0DE73B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3DCDC545-E305-44E4-AA0F-CE46A70D708E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3F1D02B0-40F0-4F53-8690-6D5420AED77E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{3FAB8538-FA51-4F67-BAAF-3393BA603736}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{402AFD30-1561-4180-8DE4-A6C9329E593D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{41DFE4E6-67AB-4290-81F1-727536F6964E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{41E9557A-D4C3-443E-87AC-FB06AFB0BC90}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{425A5548-CCF4-47F3-9D0C-7D4A1F535D5A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{42F0EBD7-2E48-4A93-96C0-75C9FFDF7117}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4384BC74-64CB-4EC4-A0C5-BF233B8F17A8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{438FDCDB-9BDC-4FE3-AEA0-D2E182561EA7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{448D9C0C-EBBA-4B37-9A70-C77654D62293}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{44F145EE-B76F-43FE-979D-36C9697635B5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{46E16366-D360-4BB6-AEEA-793F818CA1CE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{472016B9-E195-43F1-B925-D3FA2A8EF014}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{47A63E37-3D27-45D1-9D96-E3253AF206C5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4905499D-BAC0-44E9-B5CD-BC8C7BF54E2E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4AC5654F-0F0D-43FB-AED6-0F6BB30EBCEC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4AC6690D-5626-49F6-BCE9-63496A4EDD97}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4BAA215E-F1C1-4A55-8491-C69A5D0FD431}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4C66ADD8-A79C-410E-98F3-AD2D87B540A2}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4D66FE29-E20F-414C-8CCA-5081CBC42877}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4EEF9845-31ED-442A-9F4C-863E45D04FB5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{4F4EFC11-A5EB-41AE-AC38-07C2FF35174B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5100634D-FA3B-4FC9-B0BF-DB0104067EFF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51547270-6EB1-41CD-8F70-21A3F069931B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51C37BE1-8C98-4C91-8F86-389CB4514F10}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{51EE10B6-08CF-48A3-AE2F-2163E4EE1C95}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5233C9F6-F8F8-4B29-82D7-1568BDC503B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{52511612-DB36-49E0-BB73-C60F07299A5C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{52D12B27-5412-4C9E-B5DC-9AA86FE44125}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{533DF564-42DE-4890-A208-C4676F04A48A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{54A626DE-A67F-4707-A242-9F8DA33DE705}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{54E1394C-D2AA-4045-8969-8A87A0869F1E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{57ABB7ED-BBD9-4AB7-B209-0C617ACE4908}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{59A38C99-C251-4B71-8A43-BD5ADD7EFD1D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5A6BF5C6-ED9E-41A6-8D84-AF7A054F39C7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5CF05D85-C128-43F8-A83E-38B4E63ACA58}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5D227A47-45D3-4CFD-A575-ECF09BC0C06B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5D25E059-75D3-495C-81F1-B0045ADF463E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F3716AC-33EC-4304-8D85-5D5794446896}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F38583D-BE59-4218-BA53-15DAFE5E4661}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F8177E3-F02C-4B63-AEA7-AB63A167A281}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{5F81C35D-902C-423E-AE7D-C73ECBEC4E7E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{610AB8A0-0290-4588-B124-2EFBAB4DAF52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{684A0083-56D8-4455-8F6C-9B0FAA9B419C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{686FE760-5DBB-4701-B864-FF294A684868}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6A656CF6-B4A4-4D34-80A1-41C122213D52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6BF7B4A6-028A-4E29-B917-2E58D65201DA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{6C5F6C5F-D3CB-4E91-BCCB-896141F70528}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{710A1068-8A94-47DD-B4D3-876070E79034}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{710B8507-0A5C-452F-86FD-53A18A30633B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{715BA850-7C96-4213-9F4F-B30C12C86675}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7165894E-05D5-402C-A13A-E6D32EA27233}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{71D0E263-7C68-44E9-9BDB-963840954F06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{746466D8-4076-4774-9EA1-442ED36A0213}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{78817680-B35A-4051-9633-7EA27845F55A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7A798BE9-95B1-4E4E-B0BC-A25D00EC89AA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7B0407CE-4005-4075-AB70-932EC3D5B6DE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7B699BCC-0C36-4365-80BF-E8D756C60FF0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7BF75EC9-545C-4FC7-8384-7186794C8D96}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7CBD316E-1DC5-4A3B-A7DC-1A93656A4A9B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7E9A662D-075D-443A-B326-B4D7C79F3BD9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{7F27BE93-EEE1-4FEE-950D-4ECD7EE477AF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8151E213-17C4-45EA-BF28-A4A6317E954D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{81B6A5D6-DF41-4BA9-B574-574E9F281040}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{81D48DBC-0C59-4FE8-91F8-85FBA24FF4FB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{82B65620-9FB9-4103-AD9E-B168887EBA1A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{838C8F36-8A66-42A2-8E8F-BD2738CC102A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{84CDBCF8-DAF9-4356-9C80-CFA92A78FAE1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{85D9137E-DCE4-494C-AD1F-F8BB336589BD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8785E48E-62A4-4DAE-9AD1-31633849753E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8799E9CC-3638-4883-97FB-EC7FFF781462}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{881EF158-1364-4019-97C8-29CAF634F9C7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{897099CE-473C-4587-9B6A-DC167D4AEFD7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8AF0EAC2-E63A-4184-BB91-C1650C6B47D5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8B17ECBB-7AA7-460E-9B19-8EB1520CC4CA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8C0BAA61-D452-49FD-9A9F-F93E19B86D4C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{8CB721C8-5043-4249-96EE-BEE639940EB3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{906B2F37-5AA7-46A9-B108-B9A0903FE64F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{906F39AF-C215-40AE-93ED-F62A9D66D7EF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{935C386A-271B-41D0-8FB5-0CBAFC452EEE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{95F9C14E-0EC8-4EB4-A1F5-1A3B427A80A0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{96828525-FAAC-4020-B64F-D7B3653773AC}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{96B2E9CB-F1D2-4E89-A4FE-0BD9034E48F6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{97081855-4C71-42BD-8CDA-C927B02BFB42}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98C12317-42F8-484E-ADFA-2DE3821FF885}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98D5A8A6-0A6C-425B-8D9A-DEE510C90397}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{98F0B8C7-6D2C-46B6-978B-5F87EA201D7F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{995760EF-453E-4F32-8A23-361001142EA8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9BB06100-90CB-4564-85EB-EAC9087BFC9A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9C4C513D-289F-484E-8321-F930DD8FC3CE}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9D425B43-22A4-40F7-BE59-2F5916B62A7F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9F03801A-1D26-4F4F-A0D9-6D85F07521CB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{9FA73C6D-161A-4CB1-847F-433A961E80B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A01A274C-18A1-4208-9C1D-D8DFA84F50F9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A0EAEC6E-493B-43FA-9A3E-C9991F1C111F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A1604235-0E4A-4DA2-9F10-F09271734E88}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A214F064-6C0E-4E69-8334-B140C17EBA49}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A2472C88-06CE-465A-87EE-EB17391E2B55}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4E1758A-9BB9-4BCD-95EC-9DA40A552B0C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4E1E2B2-72C3-4D3B-BE03-52641FC38A59}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A4FB5987-DECA-4A30-8F15-874BDE139326}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A5C1671E-972E-47F9-8973-0C6CAF94A2F4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A67EB73F-D422-4F61-966B-EF1B3895C52B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{A81B9A81-B5E5-4642-A80A-EFB9A13A2F11}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{AA3C1585-742C-4C28-BAC7-E556FA9505AD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{AC56DE11-09C0-4315-A824-B294E941E054}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACC71A88-8F18-4284-B990-B6DD232A5189}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACCF2D4B-3285-4F9E-B908-9DFFDC9D845A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ACEF1B49-026B-41B2-9843-C0A6F51226FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B1719B8F-D008-4765-BDEB-4F980786800B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B228103D-542A-4E35-A0A1-05AEDE836B1A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B26C4623-8B89-4385-A26A-BF5E75E6B299}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B2E8F21E-F8EA-4CEE-84BF-CCF044A1D8E4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B3A49F85-B607-42DD-85B2-6AC88EE3FF37}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B3B0AFA3-D7BC-45D5-810F-720EE06B6839}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B5848B15-8275-414E-BFA4-A73409E68695}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B8D087C1-E161-4E88-B052-347B949EDC41}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{B8FE7B9B-26C9-475F-827C-FCF7AE671A25}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BA19D207-343C-4E0B-BCEE-7AEDB8A8C330}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BB109382-D1C8-49FF-8BF5-C443186C2138}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BB794329-E8DB-47DE-922C-88038FDAF5E5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{BE5252C8-E9BB-495C-9D76-6A260C37BF52}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C1A85B90-F713-4598-B14B-66C20CF636D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C2161D14-98F5-48B4-98BE-A89D2883D174}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C2867FD9-05A0-477D-923B-3DF3B9E79FA5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C48FB580-AFA6-4465-8641-4D93ADAC5838}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C544FD89-2C1E-47F3-8CD7-B3D80FB8E04B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C642B8BB-F63C-4BD4-BD0D-D88D24B51C06}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6718CCC-C8FA-46C9-BDA9-85BA4A25578D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6D13852-2CE0-4C83-93CB-C90A00FEB77A}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C6E81ADF-59D6-40A6-BACF-4A09F5B5DFC3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C709A62F-9576-4687-A678-C17F32F2CCB4}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C7490EC2-FE22-4766-9385-8667D2C89CE9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C7B3D576-C5F7-45C7-B12A-98542D02CE83}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C814FC59-0572-4454-99F5-0F7D267BFE38}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C89E5B6C-2972-4676-9862-6E0E8F46D465}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{C96D5C3F-F828-4FF3-B661-BA853A872E84}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CAC67F0E-0DFC-4835-854E-179D78605F62}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CB3E5F33-D08D-4465-B1F3-B014AFDB6D0B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CB5B91F4-F07A-4A43-97F8-99315B5AD2D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CC06C6E2-C83C-4454-A719-ADBA00322FB5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CE3BF95E-3367-4B08-B4F4-A225AEE79D8D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CE6804CA-EA9D-4E1B-B10C-CF08F4EBDF46}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CEA86DE3-7983-4DFC-AF37-1950FD9189FA}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{CF3C2775-D82E-40F6-968C-8ED5056665DD}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D06E424C-D088-49C3-8BBD-3ECE0281284F}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D19BE7AC-12C6-4834-A221-1C151CEC8D53}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D1C581EC-1167-4E05-A54D-B425BB4A2AD9}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D30516A4-C610-4880-828F-2026FAEF31D1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D5800122-4465-4028-8C39-183B65E631A6}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D5D09A31-99F5-4F7E-8B46-1B2871DA1C78}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D62546C2-45EE-4C48-BE1F-C8FF8E9C203D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D7F1F33E-4BA2-467C-9434-1E2C93AE5E53}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D8B2A334-F28C-419D-AD99-36C6C0786484}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{D8FAE770-5B79-4DD3-B906-2DC4EA5D2485}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DB047469-E6B6-46BE-85E6-F1D7DFF924CF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DB812821-6A4F-45CE-9379-CABB43B0D454}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DBB72472-9891-4B5A-8B01-EFCDD3187315}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DCE34928-0C97-4549-A107-3F4A6EA13D39}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE5799A2-9DBE-4975-B247-3CBBD68A6FD0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE804EAE-3B8A-43D3-8E37-FF325A00B635}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{DE809551-5182-40AA-8425-3AFA324BF3D3}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E0A99F8F-3BC8-4275-8148-02AB4DB64643}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E0F2FDFE-B86D-492C-A2E0-C9F86FBB4264}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E1896340-DA7C-413D-ABED-15AD44F84E86}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E19D747F-9975-4A70-BC2A-683AF97B988D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E24B559F-47CD-4944-9E95-3906E764154E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E252F02B-FAFC-4F93-B972-90526BEAB2B0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2567D26-5E16-4835-AADD-A16222BA9B7D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2C8AB35-D342-487B-8E19-DAF5BDDD6A9E}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E2F22F52-B1B7-4117-B74F-3BE992BC0153}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E370EEE2-41C1-489C-9471-4AA0B7DB27EB}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E3CF3AC0-5819-4E5B-BDC7-34457C8C5019}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E4107009-89E1-477E-9BBC-970BEAFB2F71}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E41E0139-ECBF-4F2F-9096-29853E14DF8D}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E5176FE1-E14B-4BC3-B243-341EAB60A384}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E684E371-2620-4796-BCC0-5D62305D3F1C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E90A430F-3FCA-4F82-9E52-0349549D7622}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E9103997-67C2-4F02-975D-7BD7DC366BA8}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{E97BD29D-0B2D-4D7F-AA68-CD2550AFF17B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{ECFAB848-16AD-4199-A677-D0FB5D65736C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EE753567-17AF-406B-8CA9-5AF27B6EB2B1}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EF400423-CC78-4108-9206-22EAA3341BD0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{EF8D7CAB-85DF-42FF-8B77-69E485F2B8D7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F1764899-1B4F-4193-92D7-DF37D051467C}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F1DB9197-BC9A-4934-A70E-223205EE5079}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F2408613-3111-4D0C-AC50-16BD4D1B8523}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F2CFDAB3-1895-4CA2-A203-38A60E14675B}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F42F6632-0183-429E-8C70-F1C9B87C9E31}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F489CA29-BE5F-42E7-948D-ECA79782BE03}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F59428BC-1171-4CEF-8679-C1C1F6A065A7}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F5B5672E-AAE3-457E-AD7B-281E9BD937D5}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F63DB804-5BC5-4963-8C40-4CADA85F6479}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F821D7EF-F72B-4927-9B82-932100AB2E36}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{F9979555-5BAA-479C-8F87-A3C7337BF6EF}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FA776B0D-3CC3-41CF-AB4C-013DDCFA0846}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FAB6FBF4-9A4A-43EC-828D-693B263E44D0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FD8F93EA-92C9-48D5-8511-A371F8D000E0}
Successfully deleted: [Empty Folder] C:\Users\Steph's\appdata\local\{FF05B9FB-9BB5-4D22-8C2C-493EDB83ED33}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{c4cfc0de-134f-4466-b2a2-ff7c59a8bfad}
Emptied folder: C:\Users\Steph's\AppData\Roaming\mozilla\firefox\profiles\ciknw5lq.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 0:48:21.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


And the Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2014
Ran by Steph's at 2014-01-10 00:52:49
Running from C:\Users\Steph's\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.8) (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Amazon MP3 Downloader 1.0.15 (x32 Version: 1.0.15 - Amazon Services LLC)
Amazon MP3 Uploader (x32 Version: 1.0.7 - Amazon Services LLC)
Amazon MP3 Uploader (x32 Version: 1.0.7 - Amazon Services LLC) Hidden
Apple Application Support (x32 Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (x32 Version: 1.0.10 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.0.20 - ASUS)
ASUS MultiFrame (x32 Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (Version: 1.1.37 - ASUS)
ASUS SmartLogon (x32 Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (x32 Version: 1.0.19 - asus)
ATK Package (x32 Version: 1.0.0004 - ASUS)
AVG 2014 (Version: 14.0.3629 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4158 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4158 - AVG Technologies)
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J430W (x32 Version: 1.0.10.0 - Brother Industries, Ltd.)
Citrix online plug-in (Web) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.)
ControlDeck (x32 Version: 1.0.8 - ASUS)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Epson USB Display (x32 Version: 1.60.000 - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.11_WHQL (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
EyeFrame Converter 1.8.0 (x32 Version: - Tin2tin)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FedEx Office Printer (x32 Version: 1.0.010 - FedEx Office)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (Version: 14.0 - HP)
Intel PROSet Wireless (Version: - ) Hidden
Intel WiMAX Tutorial (Version: 1.5.3.1 - Intel Corporation)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2125 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000 - Intel Corporation)
Intel® Wireless Display (Version: 1.2.20.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000 - Intel Corporation)
iTunes (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
Lightworks (x32 Version: 11.1.0.0 - Lightworks)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 18.0.2 (x86 en-US) (x32 Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (x32 Version: 18.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Music Manager (HKCU Version: - Google, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nuance PaperPort 12 (x32 Version: 12.1.0000 - Nuance Communications, Inc.)
OverDrive Media Console (x32 Version: 3.2.20 - OverDrive, Inc.)
PaperPort Image Printer 64-bit (Version: 1.00.0001 - Nuance Communications, Inc.)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
ReaConverter 6.5 Standard (x32 Version: - ReaSoft)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6110 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Settings Alerter (x32 Version: 4.5.0.5054 - Koyote-Lab, Inc)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.8.3.222.g317ab79d - Spotify AB)
SRS Premium Sound Control Panel (Version: 1.8.5900 - SRS Labs, Inc.)
TntMPD (x32 Version: 2.1.64.0 - TntWare)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
USB 2.0 VGA UVC WebCam (Version: - )
VirtualDJ Home FREE (x32 Version: 7.0.5 - Atomix Productions)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinFlash (x32 Version: 2.30.3 - ASUS)
Wireless Console 3 (x32 Version: 3.0.17 - ASUS)
Wondershare Dr.Fone (iPhone 4)(Build 2.0.0.11) (x32 Version: 2.0.0.11 - Wondershare Software Co.,Ltd.)
YTD Video Downloader 4.3 (x32 Version: 4.3 - GreenTree Applications SRL)

==================== Restore Points =========================

08-12-2013 18:16:30 Windows Update
18-12-2013 22:21:34 Scheduled Checkpoint
28-12-2013 20:47:26 Scheduled Checkpoint
31-12-2013 22:05:39 Windows Update
09-01-2014 02:42:14 Windows Update
09-01-2014 22:34:40 Installed Microsoft Fix it 50412

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03DA63CA-95AA-4868-A16C-E24B36C8CBC2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {04A745D8-6963-4091-90BE-5697C679D780} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {106F8987-4549-461D-A2E1-114E60CC29BB} - System32\Tasks\{2C0D9D20-ABB5-40D9-B633-C7BB119EAD06} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3C752BA4-ADD7-45A8-B7E6-1CE305C97F04} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {3EC039C2-4002-4B2D-ADD7-76AC2C1031BA} - System32\Tasks\Google Updater and Installer => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {4B71CA2C-DD68-4FA6-9D51-BAF0984D7F1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {4EB1EF14-048C-4D9A-A8BC-6AD516FFC328} - System32\Tasks\ACMON => C:\Program Files (x86)\Asus\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {568C8085-6C0C-490C-82BA-CC13D9CC2560} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\Asus\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {59F9DA9D-4262-4504-846A-51DD9297B8F7} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {5EA22A2F-2425-4AF0-9706-D56B15C67EAC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {64AFFFAB-95BF-4779-AC03-C63FC1DE154E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {720DE112-FAB1-4F8E-9308-65EB05028592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {799580A3-7305-42C5-AB87-CA716FCBC78B} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\Asus\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {BAA616C9-0E0D-44FB-A0BA-235F9CC8E9BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {C571EC52-CCFF-405C-BA29-DF394F1D6986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {D525443B-5CD2-494C-B9ED-774029BDDFC9} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-10-01 01:02 - 2008-10-01 01:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 12:27 - 2010-01-11 12:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-05 20:22 - 2010-05-05 20:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-03-05 11:21 - 2010-03-05 11:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-27 14:20 - 2011-09-06 22:43 - 00885664 _____ () C:\Program Files (x86)\ReaConverter 6.5 Standard\context64.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Users\Steph's\AppData\Roaming\Dropbox\bin\libcef.dll
2009-11-02 16:20 - 2009-11-02 16:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 16:23 - 2009-11-02 16:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-09-13 14:17 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 17:11 - 2010-02-23 17:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 17:12 - 2010-02-23 17:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-11-01 23:08:51.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 23:08:29.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 23:08:28.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:42:32.839
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:38:45.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:38:44.311
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3884.55 MB
Available physical RAM: 1562.71 MB
Total Pagefile: 7767.27 MB
Available Pagefile: 4950.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:574.68 GB) (Free:385.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
Partition 2: (Active) - (Size=575 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
I think you posted the Junkware log twice instead of the FRST log.
  • 0

#7
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Oh I am sorry. Thanks for your patience. Second try:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-01-2014
Ran by Steph's (administrator) on STEPHS on 10-01-2014 00:51:10
Running from C:\Users\Steph's\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVC.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files (x86)\Asus\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\Asus\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Dropbox, Inc.) C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Program Files (x86)\Asus\Wireless Console 3\WimaxConsole.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(asus) C:\Program Files (x86)\Asus\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Thisisu) C:\Users\Steph's\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1449984 2010-09-01] (Intel® Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2011-03-28] (ASUS)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2010-12-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EPSON_UD_START] - C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UD.exe [534664 2011-11-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [932528 2012-06-13] ()
HKCU\...\Run: [Facebook Update] - C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-12] (Facebook Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-16] (Google Inc.)
MountPoints2: {df6161e4-d037-11e2-9623-f46d0415328b} - E:\EMP_UDSe.exe /autorun
AppInit_DLLs: [ ] ()
AppInit_DLLs-x32: [ ] ()
Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\WINDOWS LIVE\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{3F4596E0-B8AC-4E07-9F0E-64013A3B8AE0}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{678A94DD-FAF1-4778-B5AB-60F415DD5F98}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{85FC417C-AFAC-44FC-9DD8-C8F3784779FC}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{9B492CFC-5BA4-4BE3-9153-218CC8DF45A8}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{C97F848E-47D8-40A1-A35E-16E531D37FA0}: [NameServer]66.228.116.178,66.228.116.179

FireFox:
========
FF ProfilePath: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default
FF NewTab: hxxp://proxy.allsearchapp.com/app/start/
FF Homepage: hxxp://proxy.allsearchapp.com/app/start/
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Steph's\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Steph's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\all search.xml
FF SearchPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\mixidj-v8-customized-web-search.xml
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig
CHR RestoreOnStartup: "hxxp://www.google.com/ig"
CHR Extension: (Google Docs) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_2
CHR Extension: (Google Drive) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-08-04] (Adobe Systems)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe [157696 2011-11-17] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
R3 EMP_MIRRUD; C:\Windows\System32\DRIVERS\EMP_MirrUD.sys [5632 2011-11-17] (Windows ® Codename Longhorn DDK provider)
R3 eppvad_simple; C:\Windows\System32\drivers\EMP_UDAU.sys [23040 2011-11-17] (SEIKO EPSON CORPORATION)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 00:51 - 2014-01-10 00:52 - 00020296 _____ C:\Users\Steph's\Downloads\FRST.txt
2014-01-10 00:51 - 2014-01-10 00:51 - 00000000 ____D C:\FRST
2014-01-10 00:48 - 2014-01-10 00:48 - 00032518 _____ C:\Users\Steph's\Desktop\JRT.txt
2014-01-10 00:40 - 2014-01-10 00:40 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 00:35 - 2014-01-10 00:35 - 01931772 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64 (1).exe
2014-01-10 00:31 - 2014-01-10 00:31 - 01931772 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64.exe
2014-01-10 00:31 - 2014-01-10 00:31 - 01037068 _____ (Thisisu) C:\Users\Steph's\Downloads\JRT.exe
2014-01-10 00:25 - 2014-01-10 00:33 - 00000000 ____D C:\AdwCleaner
2014-01-10 00:24 - 2014-01-10 00:25 - 01233962 _____ C:\Users\Steph's\Downloads\AdwCleaner.exe
2014-01-09 23:28 - 2014-01-09 23:28 - 00085900 _____ C:\Users\Steph's\Downloads\Extras.Txt
2014-01-09 23:26 - 2014-01-09 23:26 - 00121968 _____ C:\Users\Steph's\Downloads\OTL.Txt
2014-01-09 23:10 - 2014-01-09 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Steph's\Downloads\OTL.exe
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412.msi
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412 (1).msi
2014-01-09 17:17 - 2014-01-09 17:17 - 00001152 _____ C:\Users\Steph's\Desktop\registry.reg
2014-01-09 10:23 - 2014-01-09 10:27 - 00028713 _____ C:\Users\Steph's\Downloads\Result.txt
2014-01-09 10:22 - 2014-01-09 10:22 - 00760063 _____ (Farbar) C:\Users\Steph's\Downloads\MiniToolBox.exe
2014-01-08 21:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-08 21:45 - 2014-01-08 21:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-08 21:45 - 2014-01-08 21:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-08 21:43 - 2014-01-08 21:47 - 00007276 _____ C:\Windows\IE11_main.log
2013-12-22 10:53 - 2013-12-22 10:59 - 00000000 ____D C:\Users\Steph's\Brushes
2013-12-19 00:24 - 2013-12-19 00:24 - 00000000 ____D C:\Users\Steph's\Documents\Updater
2013-12-15 12:57 - 2013-12-15 12:57 - 00468392 _____ C:\Windows\Minidump\121513-32027-01.dmp
2013-12-15 12:45 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-15 12:45 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-15 12:45 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-15 12:45 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 12:39 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-13 12:39 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-13 12:39 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-13 12:39 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-13 12:39 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-13 12:38 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-13 12:38 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-13 12:38 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-13 12:38 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-13 12:38 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-13 12:38 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-13 12:38 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-13 12:38 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-13 12:38 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-13 12:38 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-13 12:38 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-13 12:38 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-13 12:38 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-13 12:38 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 23:26 - 2013-12-12 23:28 - 125247878 _____ C:\Users\Steph's\Downloads\BTCC (1).zip
2013-12-11 10:51 - 2013-12-11 10:51 - 00000000 ____D C:\Users\Steph's\AppData\Local\dumps

==================== One Month Modified Files and Folders =======

2014-01-10 00:52 - 2014-01-10 00:51 - 00020296 _____ C:\Users\Steph's\Downloads\FRST.txt
2014-01-10 00:51 - 2014-01-10 00:51 - 00000000 ____D C:\FRST
2014-01-10 00:48 - 2014-01-10 00:48 - 00032518 _____ C:\Users\Steph's\Desktop\JRT.txt
2014-01-10 00:43 - 2012-03-16 18:06 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
2014-01-10 00:43 - 2011-03-28 09:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 00:43 - 2011-03-28 09:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 00:42 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 00:42 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 00:40 - 2014-01-10 00:40 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 00:38 - 2011-03-28 08:41 - 01973129 _____ C:\Windows\WindowsUpdate.log
2014-01-10 00:35 - 2014-01-10 00:35 - 01931772 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64 (1).exe
2014-01-10 00:35 - 2012-04-10 11:03 - 00000000 ___RD C:\Users\Steph's\Dropbox
2014-01-10 00:35 - 2012-04-10 11:01 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Dropbox
2014-01-10 00:34 - 2013-11-27 12:52 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 00:34 - 2011-03-28 08:58 - 00000050 _____ C:\Windows\system32\SupplicantTest.log
2014-01-10 00:34 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 00:34 - 2009-07-13 23:51 - 00128526 _____ C:\Windows\setupact.log
2014-01-10 00:33 - 2014-01-10 00:25 - 00000000 ____D C:\AdwCleaner
2014-01-10 00:31 - 2014-01-10 00:31 - 01931772 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64.exe
2014-01-10 00:31 - 2014-01-10 00:31 - 01037068 _____ (Thisisu) C:\Users\Steph's\Downloads\JRT.exe
2014-01-10 00:25 - 2014-01-10 00:24 - 01233962 _____ C:\Users\Steph's\Downloads\AdwCleaner.exe
2014-01-10 00:05 - 2012-06-11 19:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 23:57 - 2013-11-27 12:52 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 23:36 - 2012-10-12 16:31 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
2014-01-09 23:28 - 2014-01-09 23:28 - 00085900 _____ C:\Users\Steph's\Downloads\Extras.Txt
2014-01-09 23:26 - 2014-01-09 23:26 - 00121968 _____ C:\Users\Steph's\Downloads\OTL.Txt
2014-01-09 23:10 - 2014-01-09 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Steph's\Downloads\OTL.exe
2014-01-09 17:45 - 2011-05-06 12:56 - 00000000 ____D C:\Users\Steph's
2014-01-09 17:36 - 2012-10-12 16:31 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412.msi
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412 (1).msi
2014-01-09 17:17 - 2014-01-09 17:17 - 00001152 _____ C:\Users\Steph's\Desktop\registry.reg
2014-01-09 17:01 - 2013-11-26 23:04 - 00798716 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 16:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-09 15:53 - 2011-05-06 12:57 - 00001415 _____ C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-09 15:52 - 2011-03-28 08:49 - 00513316 _____ C:\Windows\PFRO.log
2014-01-09 15:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-09 10:43 - 2012-03-16 18:06 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
2014-01-09 10:27 - 2014-01-09 10:23 - 00028713 _____ C:\Users\Steph's\Downloads\Result.txt
2014-01-09 10:22 - 2014-01-09 10:22 - 00760063 _____ (Farbar) C:\Users\Steph's\Downloads\MiniToolBox.exe
2014-01-08 21:52 - 2011-05-09 08:40 - 00791330 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 21:47 - 2014-01-08 21:43 - 00007276 _____ C:\Windows\IE11_main.log
2014-01-08 21:45 - 2014-01-08 21:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-08 21:45 - 2014-01-08 21:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-08 20:06 - 2011-05-09 08:41 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\SoftGrid Client
2014-01-08 15:34 - 2012-04-10 11:01 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-08 15:34 - 2011-05-06 12:56 - 00000000 ___RD C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 12:00 - 2011-05-06 09:03 - 02887680 _____ C:\Users\Steph's\Documents\Donors.mpddb
2014-01-02 10:35 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-31 17:10 - 2013-07-17 09:20 - 00000000 ____D C:\Windows\system32\MRT
2013-12-25 03:03 - 2012-09-17 11:49 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2013-12-25 03:03 - 2012-09-17 11:49 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2013-12-22 10:59 - 2013-12-22 10:53 - 00000000 ____D C:\Users\Steph's\Brushes
2013-12-19 13:53 - 2012-09-12 12:19 - 00000000 ____D C:\Users\Steph's\Documents\Youth Impact
2013-12-19 00:24 - 2013-12-19 00:24 - 00000000 ____D C:\Users\Steph's\Documents\Updater
2013-12-15 13:00 - 2009-07-13 23:45 - 00421864 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 12:57 - 2013-12-15 12:57 - 00468392 _____ C:\Windows\Minidump\121513-32027-01.dmp
2013-12-15 12:57 - 2011-05-13 20:38 - 740216197 _____ C:\Windows\MEMORY.DMP
2013-12-15 12:57 - 2011-05-13 20:38 - 00000000 ____D C:\Windows\Minidump
2013-12-15 12:45 - 2011-06-03 13:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 23:28 - 2013-12-12 23:26 - 125247878 _____ C:\Users\Steph's\Downloads\BTCC (1).zip
2013-12-12 16:34 - 2011-05-06 14:51 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Skype
2013-12-12 08:02 - 2012-09-17 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-12 08:02 - 2011-05-06 14:51 - 00000000 ____D C:\ProgramData\Skype
2013-12-11 10:51 - 2013-12-11 10:51 - 00000000 ____D C:\Users\Steph's\AppData\Local\dumps
2013-12-11 00:05 - 2012-06-11 19:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 00:05 - 2012-06-11 19:58 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 00:05 - 2011-07-16 13:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\Users\Steph's\CTX.DAT


Some content of TEMP:
====================
C:\Users\Steph's\AppData\Local\Temp\oi_{6CB557A9-9193-4269-AB59-01DBCEB9001C}.exe
C:\Users\Steph's\AppData\Local\Temp\Quarantine.exe
C:\Users\Steph's\AppData\Local\Temp\SearchProtectionSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 12:16

==================== End Of Log ============================
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that then you should be able to boot into regular mode.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 25
JavaFX 2.1.1

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)


Adobe Reader is also out of date. You need to get the newest from adobe.com. After you click on it wait a few seconds before hitting the Download button and uncheck the Optional software - usually McAfee Security Scan or the Ask toolbar. It should remove the old version but if not make sure you do.

Download and run Speedy Fox.
http://www.crystalidea.com/speedyfox
Close your browsers and click on Optimize. Close the program when it finishes. You can run this anytime Firefox or Chrome do not start up quickly.

Reboot Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

How is it running now?
  • 0

#9
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Okay I have done everything you said. I am about to close my browser to run the speedy fox and then restart my computer but wanted to send you my FRST fix log results before rebooting. I will let you know how it goes shortly.

here are my fix log results:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 01
Ran by Steph's at 2014-01-11 01:18:42 Run:1
Running from C:\Users\Steph's\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fanta...q={searchTerms}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Tcpip\Parameters: [NameServer] 66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{3F4596E0-B8AC-4E07-9F0E-64013A3B8AE0}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{678A94DD-FAF1-4778-B5AB-60F415DD5F98}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{85FC417C-AFAC-44FC-9DD8-C8F3784779FC}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{9B492CFC-5BA4-4BE3-9153-218CC8DF45A8}: [NameServer]66.228.116.178,66.228.116.179
Tcpip\..\Interfaces\{C97F848E-47D8-40A1-A35E-16E531D37FA0}: [NameServer]66.228.116.178,66.228.116.179
FF NewTab: hxxp://proxy.allsearchapp.com/app/start/
FF Homepage: hxxp://proxy.allsearchapp.com/app/start/
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF SearchPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\all search.xml
FF SearchPlugin: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\mixidj-v8-customized-web-search.xml
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF\
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
C:\Users\Steph's\AppData\Local\Temp\oi_{6CB557A9-9193-4269-AB59-01DBCEB9001C}.exe
C:\Users\Steph's\AppData\Local\Temp\Quarantine.exe
C:\Users\Steph's\AppData\Local\Temp\SearchProtectionSetup.exe




*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key not found.
HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key not found.
HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3F4596E0-B8AC-4E07-9F0E-64013A3B8AE0}\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{678A94DD-FAF1-4778-B5AB-60F415DD5F98}\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85FC417C-AFAC-44FC-9DD8-C8F3784779FC}\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9B492CFC-5BA4-4BE3-9153-218CC8DF45A8}\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C97F848E-47D8-40A1-A35E-16E531D37FA0}\\NameServer => Value deleted successfully.
Firefox newtab deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0 => Key deleted successfully.
"C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0 => Key deleted successfully.
C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key deleted successfully.
C:\Windows\SysWOW64\npDeployJava1.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Moved successfully.
C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\all search.xml => Moved successfully.
C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default\searchplugins\mixidj-v8-customized-web-search.xml => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} => Value deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\[email protected] => Value deleted successfully.
vToolbarUpdater17.3.0 => Service deleted successfully.
C:\Users\Steph's\AppData\Local\Temp\oi_{6CB557A9-9193-4269-AB59-01DBCEB9001C}.exe => Moved successfully.
C:\Users\Steph's\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Steph's\AppData\Local\Temp\SearchProtectionSetup.exe => Moved successfully.

==== End of Fixlog ====
  • 0

#10
shobo

shobo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Ok here are the two texts from the second run of frst.

To answer your question it seems my computer is running fine, but sometimes it takes a couple days for me to recognize the differences in my computer's performance. I will definitely keep you updated. Please let me know if there is anything else I should do. Thank you so much for helping me with this and coaching me through it I appreciate it.

- Steph

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 01
Ran by Steph's (administrator) on STEPHS on 11-01-2014 01:37:58
Running from C:\Users\Steph's\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVC.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files (x86)\Asus\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\Asus\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Dropbox, Inc.) C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Program Files (x86)\Asus\Wireless Console 3\WimaxConsole.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(asus) C:\Program Files (x86)\Asus\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1449984 2010-09-01] (Intel® Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2011-03-28] (ASUS)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2010-12-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EPSON_UD_START] - C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UD.exe [534664 2011-11-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Steph's\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [932528 2012-06-13] ()
HKCU\...\Run: [Facebook Update] - C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-12] (Facebook Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-16] (Google Inc.)
MountPoints2: {df6161e4-d037-11e2-9623-f46d0415328b} - E:\EMP_UDSe.exe /autorun
AppInit_DLLs: [ ] ()
AppInit_DLLs-x32: [ ] ()
Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Steph's\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\WINDOWS LIVE\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Steph's\AppData\Roaming\Mozilla\Firefox\Profiles\ciknw5lq.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Steph's\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Steph's\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Steph's\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Steph's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Users\Steph's\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgrameFiles/Appdata: C:\Users\Steph's\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgrameFiles/Appdata: C:\Users\Steph's\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig
CHR RestoreOnStartup: "hxxp://www.google.com/ig"
CHR Extension: (Google Docs) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_2
CHR Extension: (Google Drive) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Steph's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-08-04] (Adobe Systems)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe [157696 2011-11-17] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
R3 EMP_MIRRUD; C:\Windows\System32\DRIVERS\EMP_MirrUD.sys [5632 2011-11-17] (Windows ® Codename Longhorn DDK provider)
R3 eppvad_simple; C:\Windows\System32\drivers\EMP_UDAU.sys [23040 2011-11-17] (SEIKO EPSON CORPORATION)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-11 01:32 - 2014-01-11 01:32 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-11 01:31 - 2014-01-11 01:31 - 00620504 _____ (SpeedyFox) C:\Users\Steph's\Downloads\speedyfox.exe
2014-01-11 01:31 - 2014-01-11 01:31 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\CrystalIdea Software
2014-01-11 01:24 - 2013-06-27 11:59 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2014-01-11 01:18 - 2014-01-11 01:18 - 00000000 ____D C:\Users\Steph's\Downloads\FRST-OlderVersion
2014-01-10 00:52 - 2014-01-10 00:53 - 00028378 _____ C:\Users\Steph's\Downloads\Addition.txt
2014-01-10 00:51 - 2014-01-11 01:38 - 00020712 _____ C:\Users\Steph's\Downloads\FRST.txt
2014-01-10 00:51 - 2014-01-11 01:18 - 00000000 ____D C:\FRST
2014-01-10 00:48 - 2014-01-10 00:48 - 00032518 _____ C:\Users\Steph's\Desktop\JRT.txt
2014-01-10 00:40 - 2014-01-10 00:40 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 00:31 - 2014-01-11 01:18 - 02076160 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64.exe
2014-01-10 00:31 - 2014-01-10 00:31 - 01037068 _____ (Thisisu) C:\Users\Steph's\Downloads\JRT.exe
2014-01-10 00:25 - 2014-01-10 00:33 - 00000000 ____D C:\AdwCleaner
2014-01-10 00:24 - 2014-01-10 00:25 - 01233962 _____ C:\Users\Steph's\Downloads\AdwCleaner.exe
2014-01-09 23:28 - 2014-01-09 23:28 - 00085900 _____ C:\Users\Steph's\Downloads\Extras.Txt
2014-01-09 23:26 - 2014-01-09 23:26 - 00121968 _____ C:\Users\Steph's\Downloads\OTL.Txt
2014-01-09 23:10 - 2014-01-09 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Steph's\Downloads\OTL.exe
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412.msi
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412 (1).msi
2014-01-09 17:17 - 2014-01-09 17:17 - 00001152 _____ C:\Users\Steph's\Desktop\registry.reg
2014-01-09 10:23 - 2014-01-09 10:27 - 00028713 _____ C:\Users\Steph's\Downloads\Result.txt
2014-01-09 10:22 - 2014-01-09 10:22 - 00760063 _____ (Farbar) C:\Users\Steph's\Downloads\MiniToolBox.exe
2014-01-08 21:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-08 21:45 - 2014-01-08 21:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-08 21:45 - 2014-01-08 21:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-08 21:43 - 2014-01-08 21:47 - 00007276 _____ C:\Windows\IE11_main.log
2013-12-22 10:53 - 2013-12-22 10:59 - 00000000 ____D C:\Users\Steph's\Brushes
2013-12-19 00:24 - 2013-12-19 00:24 - 00000000 ____D C:\Users\Steph's\Documents\Updater
2013-12-15 12:57 - 2013-12-15 12:57 - 00468392 _____ C:\Windows\Minidump\121513-32027-01.dmp
2013-12-15 12:45 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-15 12:45 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-15 12:45 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-15 12:45 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 12:39 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-13 12:39 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-13 12:39 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-13 12:39 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-13 12:39 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-13 12:38 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-13 12:38 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-13 12:38 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-13 12:38 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-13 12:38 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-13 12:38 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-13 12:38 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-13 12:38 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-13 12:38 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-13 12:38 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-13 12:38 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-13 12:38 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-13 12:38 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-13 12:38 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 23:26 - 2013-12-12 23:28 - 125247878 _____ C:\Users\Steph's\Downloads\BTCC (1).zip

==================== One Month Modified Files and Folders =======

2014-01-11 01:38 - 2014-01-10 00:51 - 00020712 _____ C:\Users\Steph's\Downloads\FRST.txt
2014-01-11 01:34 - 2011-05-08 22:26 - 00000000 ____D C:\Users\Steph's\AppData\Local\Adobe
2014-01-11 01:32 - 2014-01-11 01:32 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-11 01:32 - 2011-06-21 08:19 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-11 01:32 - 2011-05-07 08:29 - 00000000 ____D C:\ProgramData\Adobe
2014-01-11 01:31 - 2014-01-11 01:31 - 00620504 _____ (SpeedyFox) C:\Users\Steph's\Downloads\speedyfox.exe
2014-01-11 01:31 - 2014-01-11 01:31 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\CrystalIdea Software
2014-01-11 01:18 - 2014-01-11 01:18 - 00000000 ____D C:\Users\Steph's\Downloads\FRST-OlderVersion
2014-01-11 01:18 - 2014-01-10 00:51 - 00000000 ____D C:\FRST
2014-01-11 01:18 - 2014-01-10 00:31 - 02076160 _____ (Farbar) C:\Users\Steph's\Downloads\FRST64.exe
2014-01-11 01:05 - 2012-06-11 19:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 01:00 - 2012-04-10 11:01 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Dropbox
2014-01-11 00:57 - 2013-11-27 12:52 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-11 00:52 - 2011-03-28 08:41 - 01985104 _____ C:\Windows\WindowsUpdate.log
2014-01-11 00:43 - 2012-03-16 18:06 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
2014-01-10 23:36 - 2012-10-12 16:31 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job
2014-01-10 17:57 - 2009-07-13 23:51 - 00128638 _____ C:\Windows\setupact.log
2014-01-10 17:36 - 2012-10-12 16:31 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
2014-01-10 12:57 - 2013-11-27 12:52 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 12:14 - 2012-03-16 18:06 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job
2014-01-10 00:53 - 2014-01-10 00:52 - 00028378 _____ C:\Users\Steph's\Downloads\Addition.txt
2014-01-10 00:48 - 2014-01-10 00:48 - 00032518 _____ C:\Users\Steph's\Desktop\JRT.txt
2014-01-10 00:43 - 2011-03-28 09:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 00:43 - 2011-03-28 09:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 00:42 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 00:42 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 00:40 - 2014-01-10 00:40 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 00:35 - 2012-04-10 11:03 - 00000000 ___RD C:\Users\Steph's\Dropbox
2014-01-10 00:34 - 2011-03-28 08:58 - 00000050 _____ C:\Windows\system32\SupplicantTest.log
2014-01-10 00:34 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 00:33 - 2014-01-10 00:25 - 00000000 ____D C:\AdwCleaner
2014-01-10 00:31 - 2014-01-10 00:31 - 01037068 _____ (Thisisu) C:\Users\Steph's\Downloads\JRT.exe
2014-01-10 00:25 - 2014-01-10 00:24 - 01233962 _____ C:\Users\Steph's\Downloads\AdwCleaner.exe
2014-01-09 23:28 - 2014-01-09 23:28 - 00085900 _____ C:\Users\Steph's\Downloads\Extras.Txt
2014-01-09 23:26 - 2014-01-09 23:26 - 00121968 _____ C:\Users\Steph's\Downloads\OTL.Txt
2014-01-09 23:10 - 2014-01-09 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Steph's\Downloads\OTL.exe
2014-01-09 17:45 - 2011-05-06 12:56 - 00000000 ____D C:\Users\Steph's
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412.msi
2014-01-09 17:34 - 2014-01-09 17:34 - 00653312 _____ C:\Users\Steph's\Downloads\MicrosoftFixit50412 (1).msi
2014-01-09 17:17 - 2014-01-09 17:17 - 00001152 _____ C:\Users\Steph's\Desktop\registry.reg
2014-01-09 17:01 - 2013-11-26 23:04 - 00798716 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 16:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-09 15:53 - 2011-05-06 12:57 - 00001415 _____ C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-09 15:52 - 2011-03-28 08:49 - 00513316 _____ C:\Windows\PFRO.log
2014-01-09 15:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-09 10:27 - 2014-01-09 10:23 - 00028713 _____ C:\Users\Steph's\Downloads\Result.txt
2014-01-09 10:22 - 2014-01-09 10:22 - 00760063 _____ (Farbar) C:\Users\Steph's\Downloads\MiniToolBox.exe
2014-01-08 21:52 - 2011-05-09 08:40 - 00791330 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 21:47 - 2014-01-08 21:43 - 00007276 _____ C:\Windows\IE11_main.log
2014-01-08 21:45 - 2014-01-08 21:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-08 21:45 - 2014-01-08 21:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-08 21:44 - 2014-01-08 21:44 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-08 21:44 - 2014-01-08 21:44 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-08 21:44 - 2014-01-08 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-08 21:44 - 2014-01-08 21:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-08 21:44 - 2014-01-08 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-08 21:44 - 2014-01-08 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-08 21:44 - 2014-01-08 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-08 20:06 - 2011-05-09 08:41 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\SoftGrid Client
2014-01-08 15:34 - 2012-04-10 11:01 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-08 15:34 - 2011-05-06 12:56 - 00000000 ___RD C:\Users\Steph's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 12:00 - 2011-05-06 09:03 - 02887680 _____ C:\Users\Steph's\Documents\Donors.mpddb
2014-01-02 10:35 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-31 17:10 - 2013-07-17 09:20 - 00000000 ____D C:\Windows\system32\MRT
2013-12-25 03:03 - 2012-09-17 11:49 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2013-12-25 03:03 - 2012-09-17 11:49 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2013-12-22 10:59 - 2013-12-22 10:53 - 00000000 ____D C:\Users\Steph's\Brushes
2013-12-19 13:53 - 2012-09-12 12:19 - 00000000 ____D C:\Users\Steph's\Documents\Youth Impact
2013-12-19 00:24 - 2013-12-19 00:24 - 00000000 ____D C:\Users\Steph's\Documents\Updater
2013-12-15 13:00 - 2009-07-13 23:45 - 00421864 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 12:57 - 2013-12-15 12:57 - 00468392 _____ C:\Windows\Minidump\121513-32027-01.dmp
2013-12-15 12:57 - 2011-05-13 20:38 - 740216197 _____ C:\Windows\MEMORY.DMP
2013-12-15 12:57 - 2011-05-13 20:38 - 00000000 ____D C:\Windows\Minidump
2013-12-15 12:45 - 2011-06-03 13:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 23:28 - 2013-12-12 23:26 - 125247878 _____ C:\Users\Steph's\Downloads\BTCC (1).zip
2013-12-12 16:34 - 2011-05-06 14:51 - 00000000 ____D C:\Users\Steph's\AppData\Roaming\Skype
2013-12-12 08:02 - 2012-09-17 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-12 08:02 - 2011-05-06 14:51 - 00000000 ____D C:\ProgramData\Skype

Files to move or delete:
====================
C:\Users\Steph's\CTX.DAT


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 12:16

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 01
Ran by Steph's at 2014-01-11 01:39:13
Running from C:\Users\Steph's\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.04) (x32 Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Amazon MP3 Downloader 1.0.15 (x32 Version: 1.0.15 - Amazon Services LLC)
Amazon MP3 Uploader (x32 Version: 1.0.7 - Amazon Services LLC)
Amazon MP3 Uploader (x32 Version: 1.0.7 - Amazon Services LLC) Hidden
Apple Application Support (x32 Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (x32 Version: 1.0.10 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.0.20 - ASUS)
ASUS MultiFrame (x32 Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (Version: 1.1.37 - ASUS)
ASUS SmartLogon (x32 Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (x32 Version: 1.0.19 - asus)
ATK Package (x32 Version: 1.0.0004 - ASUS)
AVG 2014 (Version: 14.0.3629 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4158 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4158 - AVG Technologies)
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J430W (x32 Version: 1.0.10.0 - Brother Industries, Ltd.)
Citrix online plug-in (Web) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.)
ControlDeck (x32 Version: 1.0.8 - ASUS)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Epson USB Display (x32 Version: 1.60.000 - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.11_WHQL (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
EyeFrame Converter 1.8.0 (x32 Version: - Tin2tin)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FedEx Office Printer (x32 Version: 1.0.010 - FedEx Office)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (Version: 14.0 - HP)
Intel PROSet Wireless (Version: - ) Hidden
Intel WiMAX Tutorial (Version: 1.5.3.1 - Intel Corporation)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2125 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000 - Intel Corporation)
Intel® Wireless Display (Version: 1.2.20.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000 - Intel Corporation)
iTunes (Version: 10.7.0.21 - Apple Inc.)
Lightworks (x32 Version: 11.1.0.0 - Lightworks)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 18.0.2 (x86 en-US) (x32 Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (x32 Version: 18.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Music Manager (HKCU Version: - Google, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nuance PaperPort 12 (x32 Version: 12.1.0000 - Nuance Communications, Inc.)
OverDrive Media Console (x32 Version: 3.2.20 - OverDrive, Inc.)
PaperPort Image Printer 64-bit (Version: 1.00.0001 - Nuance Communications, Inc.)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
ReaConverter 6.5 Standard (x32 Version: - ReaSoft)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6110 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Settings Alerter (x32 Version: 4.5.0.5054 - Koyote-Lab, Inc)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.8.3.222.g317ab79d - Spotify AB)
SRS Premium Sound Control Panel (Version: 1.8.5900 - SRS Labs, Inc.)
TntMPD (x32 Version: 2.1.64.0 - TntWare)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
USB 2.0 VGA UVC WebCam (Version: - )
VirtualDJ Home FREE (x32 Version: 7.0.5 - Atomix Productions)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinFlash (x32 Version: 2.30.3 - ASUS)
Wireless Console 3 (x32 Version: 3.0.17 - ASUS)
Wondershare Dr.Fone (iPhone 4)(Build 2.0.0.11) (x32 Version: 2.0.0.11 - Wondershare Software Co.,Ltd.)
YTD Video Downloader 4.3 (x32 Version: 4.3 - GreenTree Applications SRL)

==================== Restore Points =========================

18-12-2013 22:21:34 Scheduled Checkpoint
28-12-2013 20:47:26 Scheduled Checkpoint
31-12-2013 22:05:39 Windows Update
09-01-2014 02:42:14 Windows Update
09-01-2014 22:34:40 Installed Microsoft Fix it 50412
11-01-2014 06:23:58 Removed Java 7 Update 25
11-01-2014 06:27:08 Removed JavaFX 2.1.1

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03DA63CA-95AA-4868-A16C-E24B36C8CBC2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {04A745D8-6963-4091-90BE-5697C679D780} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {106F8987-4549-461D-A2E1-114E60CC29BB} - System32\Tasks\{2C0D9D20-ABB5-40D9-B633-C7BB119EAD06} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3C752BA4-ADD7-45A8-B7E6-1CE305C97F04} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {3EC039C2-4002-4B2D-ADD7-76AC2C1031BA} - System32\Tasks\Google Updater and Installer => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {4B71CA2C-DD68-4FA6-9D51-BAF0984D7F1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {4EB1EF14-048C-4D9A-A8BC-6AD516FFC328} - System32\Tasks\ACMON => C:\Program Files (x86)\Asus\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {568C8085-6C0C-490C-82BA-CC13D9CC2560} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\Asus\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {59F9DA9D-4262-4504-846A-51DD9297B8F7} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {5EA22A2F-2425-4AF0-9706-D56B15C67EAC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {64AFFFAB-95BF-4779-AC03-C63FC1DE154E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {720DE112-FAB1-4F8E-9308-65EB05028592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {799580A3-7305-42C5-AB87-CA716FCBC78B} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\Asus\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {BAA616C9-0E0D-44FB-A0BA-235F9CC8E9BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {C571EC52-CCFF-405C-BA29-DF394F1D6986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {D525443B-5CD2-494C-B9ED-774029BDDFC9} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job => C:\Users\Steph's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000Core.job => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842191437-2308858041-683640302-1000UA.job => C:\Users\Steph's\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-10-01 01:02 - 2008-10-01 01:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 12:27 - 2010-01-11 12:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-05 20:22 - 2010-05-05 20:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-03-05 11:21 - 2010-03-05 11:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-27 14:20 - 2011-09-06 22:43 - 00885664 _____ () C:\Program Files (x86)\ReaConverter 6.5 Standard\context64.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Users\Steph's\AppData\Roaming\Dropbox\bin\libcef.dll
2009-11-02 16:20 - 2009-11-02 16:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 16:23 - 2009-11-02 16:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-09-13 14:17 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 17:11 - 2010-02-23 17:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 17:12 - 2010-02-23 17:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 17:14 - 2010-02-23 17:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2013-02-27 14:33 - 2013-02-27 14:33 - 10683392 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-02-27 14:32 - 2013-02-27 14:32 - 07741952 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-02-27 14:32 - 2013-02-27 14:32 - 02248192 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-02-27 14:33 - 2013-02-27 14:33 - 01681408 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-11-11 20:03 - 2013-11-11 20:03 - 00117248 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2013-11-11 20:04 - 2013-11-11 20:04 - 00231936 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2013-11-11 20:03 - 2013-11-11 20:03 - 00253440 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2013-11-11 20:05 - 2013-11-11 20:05 - 00344064 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-02-27 14:33 - 2013-02-27 14:33 - 00026624 _____ () C:\Users\Steph's\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 22:12 - 2013-12-03 21:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 22:12 - 2013-12-03 21:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2014 01:27:08 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service vToolbarUpdater17.3.0 since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/11/2014 01:24:08 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service vToolbarUpdater17.3.0 since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/10/2014 03:27:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250925

Error: (01/10/2014 03:27:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250925

Error: (01/10/2014 03:27:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/10/2014 03:07:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11310

Error: (01/10/2014 03:07:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11310

Error: (01/10/2014 03:07:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/10/2014 03:07:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10312

Error: (01/10/2014 03:07:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10312


System errors:
=============
Error: (01/11/2014 01:32:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (01/11/2014 01:32:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (01/11/2014 01:32:04 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/10/2014 06:45:47 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-11-01 23:08:51.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 23:08:29.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 23:08:28.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:42:32.839
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:38:45.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 21:38:44.311
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ljkb\lmrn.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3884.55 MB
Available physical RAM: 1566.09 MB
Total Pagefile: 7767.27 MB
Available Pagefile: 4475.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:574.68 GB) (Free:387.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
Partition 2: (Active) - (Size=575 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Uninstall Bonjour. It's not working. It's from Apple and you will get a new one when you next download or upgrade an Apple product like iTunes or Safari.

Copy the next 9 lines

Takeown /f %windir%\winsxs\temp\PendingRenames /a
icacls %windir%\winsxs\temp\PendingRenames /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\temp\PendingRenames /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\temp\PendingRenames /grant BUILTIN\Users:(RX)
Takeown /f %windir%\winsxs\filemaps\* /a
icacls %windir%\winsxs\filemaps\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps\*.* /grant BUILTIN\Users:(RX)
net stop cryptsvc


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear. Hit Enter. Cryptographic Services should stop. Now type:

net  start  cryptsvc

and hit Enter. The service should start without an error. Does it?

Now type:

vssadmin  list  writers

Hit Enter.

It will take a minute or so to respond. Verify that it has something like this in the output (among other things):

Writer name: 'System Writer'
Writer Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Instance Id: {9c814ffc-77da-4592-810c-f05e4ce5d4aa}
State: [1] Stable
Last error: No error

Then


Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.


2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP