Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Strange letters & characters show up in e-mails & texts [Solv

Started by Jodibfp , Jan 24 2014 02:52 PM

This topic is locked

#1
Jodibfp

Posted 24 January 2014 - 02:52 PM

Member

Member
29 posts

Please help me, I have ni idea what has happened. Thank you very much, Jodi
Yesterday my computer did the blue screen crash screen and then restarted. It has funny letters & hypens iun the e-mails & some of the text that is typed. It seems to be
infected with a virus or something. I ran OTL and will include the log next. OTL logfile created on: 1/24/2014 12:33:07 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jodi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.49 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 44.59% Memory free
6.97 Gb Paging File | 4.22 Gb Available in Paging File | 60.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.67 Gb Total Space | 873.83 Gb Free Space | 95.02% Space Free | Partition Type: NTFS
Drive D: | 11.74 Gb Total Space | 1.44 Gb Free Space | 12.23% Space Free | Partition Type: NTFS

Computer Name: JODI-HP | User Name: Jodi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/27 15:52:12 | 003,589,320 | ---- | M] (TweakBit) -- C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe
PRC - [2013/10/28 17:29:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jodi\Downloads\OTL (1).exe
PRC - [2013/09/11 21:52:54 | 004,701,184 | ---- | M] (PC Utility Kit) -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe
PRC - [2013/09/02 12:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/11/22 10:50:02 | 000,166,424 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/11/16 11:21:12 | 002,717,816 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
PRC - [2012/11/01 15:34:30 | 001,162,360 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
PRC - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/08/24 11:20:50 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/08/24 11:20:50 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/08/24 11:20:36 | 004,312,224 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

========== Modules (No Company Name) ==========

MOD - [2013/09/11 21:53:08 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\LiteUnzip.dll
MOD - [2013/09/11 21:53:08 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\LiteZip.dll
MOD - [2013/09/11 21:53:06 | 000,556,032 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\7ZipDLL.dll
MOD - [2013/09/11 21:53:02 | 000,927,744 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\Utility.pxt
MOD - [2013/09/11 21:53:00 | 000,140,800 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\RegHookSpecialist.pxt
MOD - [2013/09/11 21:52:58 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\CommonSpecialist.pxt
MOD - [2013/09/11 21:52:58 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\ExtensionManager.dll
MOD - [2013/09/11 21:52:56 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\CommonLoggingExtension.pxt
MOD - [2013/09/02 12:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 12:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 12:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 12:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 12:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 12:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/01 15:34:56 | 000,863,864 | ---- | M] () -- C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\SMPlugin.dll
MOD - [2012/11/01 15:34:30 | 000,377,464 | ---- | M] () -- C:\Program Files (x86)\PC Tools\PC Tools Security\PCTUI\PCTUI.dll
MOD - [2012/08/24 11:21:00 | 000,717,472 | ---- | M] () -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\RMEngine.dll
MOD - [2012/08/24 11:20:54 | 000,098,464 | ---- | M] () -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\FileLoggerDLL.dll
MOD - [2012/08/24 11:20:52 | 000,117,920 | ---- | M] () -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\configurationmanager.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 01:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/10/24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/12/11 11:01:19 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/14 10:42:06 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 16:41:08 | 000,240,736 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/07/30 15:41:32 | 000,346,696 | ---- | M] (Verizon) [Disabled | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/07/19 03:01:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Jodi\AppData\Local\Temp\7zS4407\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/02/19 13:14:14 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Disabled | Stopped] -- C:\Users\Jodi\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2012/11/22 10:50:02 | 000,166,424 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/11/01 15:34:30 | 001,162,360 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/08/24 11:21:18 | 001,134,240 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe -- (DMRepairService)
SRV - [2012/08/24 11:21:08 | 001,147,040 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe -- (DMDefragService)
SRV - [2012/08/24 11:20:50 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/06/09 11:23:58 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/05/05 16:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Disabled | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/03/31 17:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 17:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/11/16 11:22:06 | 000,182,728 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplfw64.sys -- (pctplfw)
DRV:64bit: - [2012/11/01 15:35:22 | 000,087,968 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsm64.sys -- (pctplsm)
DRV:64bit: - [2012/11/01 15:35:18 | 000,093,600 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2012/11/01 15:35:14 | 000,253,256 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2012/10/31 14:21:30 | 000,347,016 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2012/10/23 17:40:32 | 000,077,144 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/10/22 16:38:30 | 000,413,448 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2012/09/19 15:20:30 | 000,078,680 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctNdisLW64.sys -- (pctNdisLW64)
DRV:64bit: - [2012/09/17 15:24:42 | 000,125,024 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys -- (PCTFW-PacketFilter)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/28 11:43:18 | 001,096,176 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2012/02/28 11:43:12 | 000,453,896 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2011/11/18 11:01:27 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/18 11:01:27 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/16 14:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/15 19:36:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{22145C7A-A6BF-42F7-A3CA-587A7B4663B7}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:tabs
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:tabs
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:tabs
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:tabs
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:tabs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:tabs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:tabs
IE - HKCU\..\SearchScopes,DefaultScope = {88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}: "URL" = http://www.search-re...&ver=4.0.0.1884
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://webmail.netze...ro.net/?&try=1"
FF - prefs.js..extensions.enabledAddons: %7B73700254-FC00-4BFE-9DDE-878152B4DCA1%7D:5.0
FF - prefs.js..extensions.enabledAddons: %7B1a68cbde-3e4c-4fae-bf49-af5ab9868e53%7D:2.0.244
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.enabled: false
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2013/01/18 10:46:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/02/10 20:22:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/22 17:07:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 18:02:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/02/10 20:22:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/22 17:07:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 18:02:16 | 000,000,000 | ---D | M]

[2013/08/20 11:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jodi\AppData\Roaming\Mozilla\Extensions
[2013/10/28 19:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\extensions
[2013/09/18 22:42:34 | 000,000,000 | ---D | M] (ArcadeFrontier) -- C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53}
[2013/09/05 15:06:54 | 000,000,000 | ---D | M] (WebProtect) -- C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\extensions\{73700254-FC00-4BFE-9DDE-878152B4DCA1}
[2013/09/04 09:42:35 | 000,000,000 | ---D | M] (PlayBryte) -- C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\extensions\[email protected]
[2013/09/14 10:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/14 10:42:00 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/09/14 10:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/14 10:42:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: 8 Ball Pool = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbckkebdohdohehbiliegcmfbbflkhc\9_0\
CHR - Extension: PlayBryte = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\conapliknaimcnaellhknncminadnahb\1.1_0\
CHR - Extension: Google Search = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 8 Ball Pool Multiplayer = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfplgpeamcbpecnihfpikllkfojgkai\1.1_0\
CHR - Extension: Traffic Slam 3 = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjmailnmofkkffoemgmdbemmohldhe\1.1_0\
CHR - Extension: Poppit = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: DealPly Germany = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.5_0\
CHR - Extension: DealPly Germany = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\
CHR - Extension: Google Wallet = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Wallet = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: ArcadeFrontier = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\2.0.244\
CHR - Extension: ArcadeFrontier = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\2.3.0_0\
CHR - Extension: Gmail = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Web Protect = C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pponpdaamgooiofhbhjomglmdeeaaagf\5.0_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Web Protect) - {2CEBF6C7-2B40-469B-B5D5-CD3F3676C3C4} - C:\Program Files (x86)\Web Protect\WebProtect.dll (WebProtect)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Program Files (x86)\Adobe\Adobe Connect MOC Add-in\AdobeMocAddin.exe (Adobe)
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: verizon.net ([activate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42ADF5DA-6186-487F-81D5-9E0D82732F8C}: DhcpNameServer = 192.168.1.1 4.2.2.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ca2c14de-7bcb-11e2-bcbf-386077b88ec2}\Shell - "" = AutoRun
O33 - MountPoints2\{ca2c14de-7bcb-11e2-bcbf-386077b88ec2}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/24 12:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jodi\AppData\Roaming\PC Utility Kit
[2014/01/24 12:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jodi\AppData\Roaming\DriverCure
[2014/01/24 12:26:46 | 000,000,000 | ---D | C] -- C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
[2014/01/24 12:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Utility Kit
[2014/01/24 12:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Utility Kit
[2014/01/24 12:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Utility Kit
[2014/01/21 10:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/01/21 10:46:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/01/21 10:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/01/21 10:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/01/21 10:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/01/21 10:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/01/21 10:44:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/01/21 10:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/01/21 10:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/09/07 12:38:15 | 000,712,264 | ---- | C] (MindSpark) -- C:\Program Files (x86)\7jUninstall GardeningEnthusiast.dll

========== Files - Modified Within 30 Days ==========

[2014/01/24 12:36:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/24 12:32:19 | 000,001,230 | ---- | M] () -- C:\Users\Jodi\Desktop\I.R.I.S. Resource Center.lnk
[2014/01/24 12:27:00 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\PC Utility Kit Registration3.job
[2014/01/24 12:01:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/24 07:00:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\DMDefragSchedule.job
[2014/01/23 23:00:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/23 21:36:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/21 16:11:35 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 16:11:35 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 16:08:08 | 000,783,360 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/21 16:08:08 | 000,662,836 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/21 16:08:08 | 000,122,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/21 16:04:17 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\PTAutoUpdate.job
[2014/01/21 16:03:31 | 2808,201,216 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 10:46:56 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/21 10:46:50 | 002,196,012 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/21 00:44:08 | 002,908,160 | ---- | M] () -- C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
[2014/01/20 14:49:13 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJODI-HP$.job
[2014/01/15 17:25:27 | 000,310,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/27 10:01:00 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJodi.job
[2013/12/26 14:57:23 | 000,917,504 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2013/12/26 14:57:23 | 000,600,064 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb

========== Files Created - No Company Name ==========

[2014/01/24 12:32:19 | 000,001,230 | ---- | C] () -- C:\Users\Jodi\Desktop\I.R.I.S. Resource Center.lnk
[2014/01/24 12:26:59 | 000,000,478 | ---- | C] () -- C:\Windows\tasks\PC Utility Kit Registration3.job
[2014/01/21 10:46:56 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/04 22:05:42 | 002,908,160 | ---- | C] () -- C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
[2013/10/30 17:26:26 | 000,221,322 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013/10/30 17:26:26 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2013/09/08 00:09:11 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/09/07 12:38:15 | 000,194,960 | ---- | C] () -- C:\Program Files (x86)\7jres.dll
[2013/08/28 16:57:02 | 000,032,328 | ---- | C] () -- C:\Windows\Launcher.exe
[2013/08/20 18:00:26 | 000,000,258 | RHS- | C] () -- C:\Users\Jodi\ntuser.pol
[2013/06/30 21:58:37 | 000,002,499 | ---- | C] () -- C:\Users\Jodi\B-day labels.avery
[2013/02/10 16:03:24 | 000,007,596 | ---- | C] () -- C:\Users\Jodi\AppData\Local\Resmon.ResmonCfg
[2013/01/18 10:46:03 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/06/24 20:24:32 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Blio
[2013/11/01 09:54:01 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\CrystalIdea Software
[2014/01/24 12:26:55 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\DriverCure
[2013/07/07 16:21:16 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\funkitron
[2013/02/25 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Garmin
[2014/01/24 12:26:55 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\PC Utility Kit
[2013/08/25 14:50:17 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\player
[2013/01/18 10:58:40 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Product_PT
[2013/11/06 17:15:47 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Product_RM
[2013/07/25 14:33:08 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Rovio
[2013/11/11 12:27:36 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\SoftGrid Client
[2013/01/18 10:47:05 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Spam Monitor
[2013/01/18 10:36:17 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\TestApp
[2012/06/24 20:02:03 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\TP
[2013/11/26 13:18:36 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\Unity
[2013/09/07 13:35:28 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\uPlayer
[2013/07/07 16:18:35 | 000,000,000 | ---D | M] -- C:\Users\Jodi\AppData\Roaming\WildTangent

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:0D786AE3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84

< End of report >

#2
emeraldnzl

Posted 24 January 2014 - 08:48 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Jodibfp,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called (FRST.txt) in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

#3
Jodibfp

Posted 25 January 2014 - 12:52 PM

Member

Topic Starter
Member
29 posts

I did as you requested. The following are the logs from the Farbar recovery tool.Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by Jodi (administrator) on JODI-HP on 25-01-2014 10:42:13
Running from C:\Users\Jodi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jodi\Downloads\FRST64 (1).exe
(TweakBit) C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISTray] - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2717816 2012-11-16] (PC Tools)
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-24] (PC Tools)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\runonceex: [] -
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Program Files (x86)\Adobe\Adobe Connect MOC Add-in\AdobeMocAddin.exe [802456 2011-06-10] (Adobe)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {ca2c14de-7bcb-11e2-bcbf-386077b88ec2} - G:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:tabs
SearchScopes: HKLM - {22145C7A-A6BF-42F7-A3CA-587A7B4663B7} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6} URL = http://www.search-re...&ver=4.0.0.1884
SearchScopes: HKCU - {22145C7A-A6BF-42F7-A3CA-587A7B4663B7} URL =
SearchScopes: HKCU - {88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6} URL = http://www.search-re...&ver=4.0.0.1884
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Web Protect - {2CEBF6C7-2B40-469B-B5D5-CD3F3676C3C4} - C:\Program Files (x86)\Web Protect\WebProtect.dll (WebProtect)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 4.2.2.2

FireFox:
========
FF ProfilePath: C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default
FF Homepage: hxxp://webmail.netzero.net/?&try=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF Extension: PlayBryte - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\[email protected] [2013-09-04]
FF Extension: ArcadeFrontier - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53} [2013-09-18]
FF Extension: WebProtect - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{73700254-FC00-4BFE-9DDE-878152B4DCA1} [2013-09-05]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-10]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-10]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=b7bda9f9-bf89-13fc-0bb8-bd23078c9dfc&searchtype=hp&installDate=20/08/2013", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=TJ&userid=b7bda9f9-bf89-13fc-0bb8-bd23078c9dfc&searchtype=hp&installDate=20/08/2013", "hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN28391418482277218&UM=2", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=b7bda9f9-bf89-13fc-0bb8-bd23078c9dfc&searchtype=hp&installDate=25/08/2013", "about:newtab?source=home", "about:newtab", "hxxp://search.conduit.com/?ctid=CT3298580&SearchSource=48&CUI=UN20231489641898623&UM=2", "
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-24]
CHR Extension: (8 Ball Pool) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbckkebdohdohehbiliegcmfbbflkhc [2013-11-26]
CHR Extension: (PlayBryte) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\conapliknaimcnaellhknncminadnahb [2013-09-04]
CHR Extension: (Google Search) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-24]
CHR Extension: (8 Ball Pool Multiplayer) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfplgpeamcbpecnihfpikllkfojgkai [2013-11-26]
CHR Extension: (TidyNetwork.com) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbllfhlpjmoameejmapfpddbhcihcjg [2013-08-25]
CHR Extension: (Traffic Slam 3) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjmailnmofkkffoemgmdbemmohldhe [2013-11-26]
CHR Extension: (Poppit) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-11-26]
CHR Extension: (DealPly Germany) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-12-29]
CHR Extension: (Google Wallet) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR Extension: (ArcadeFrontier) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl [2013-09-18]
CHR Extension: (Gmail) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-24]
CHR Extension: (Web Protect) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pponpdaamgooiofhbhjomglmdeeaaagf [2013-09-06]
CHR HKLM-x32\...\Chrome\Extension: [pponpdaamgooiofhbhjomglmdeeaaagf] - C:\Program Files (x86)\Web Protect\chrome-wp.crx [2013-09-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
S3 DMDefragService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [1147040 2012-08-24] (PC Tools)
S3 DMRepairService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [1134240 2012-08-24] (PC Tools)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-05] (WildTangent)
S4 Garmin Core Update Service; C:\Users\Jodi\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185176 2013-02-19] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Users\Jodi\AppData\Local\Temp\7zS4407\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
S4 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [346696 2013-07-30] (Verizon)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-24] (PC Tools)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
R2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools)
R2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1162360 2012-11-01] (PC Tools)
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [125024 2012-09-17] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools)
R1 pctNdisLW64; C:\Windows\System32\DRIVERS\pctNdisLW64.sys [78680 2012-09-19] (PC Tools)
R3 pctplfw; C:\Windows\System32\drivers\pctplfw64.sys [182728 2012-11-16] (PC Tools)
R3 pctplsg; C:\Windows\System32\drivers\pctplsg64.sys [93600 2012-11-01] (PC Tools)
R3 pctplsm; C:\Windows\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-25 10:40 - 2014-01-25 10:40 - 02077696 _____ (Farbar) C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 10:39 - 2014-01-25 10:39 - 02077696 _____ (Farbar) C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-24 17:26 - 2014-01-24 18:00 - 00000462 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2014-01-24 17:26 - 2014-01-24 17:26 - 00003124 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2014-01-24 17:26 - 2014-01-24 17:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00001353 _____ C:\Users\Jodi\Desktop\SparkTrust PC Cleaner Plus.lnk
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\ProgramData\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2014-01-24 17:24 - 2014-01-24 17:24 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 12:32 - 2014-01-24 12:32 - 00001230 _____ C:\Users\Jodi\Desktop\I.R.I.S. Resource Center.lnk
2014-01-24 12:27 - 2014-01-24 12:27 - 00003140 _____ C:\Windows\System32\Tasks\PC Utility Kit Registration3
2014-01-24 12:26 - 2014-01-24 18:00 - 00000478 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2014-01-24 12:26 - 2014-01-24 12:26 - 05395448 _____ (Red Dog Media) C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\DriverCure
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\ProgramData\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Program Files (x86)\PC Utility Kit
2014-01-24 12:24 - 2014-01-24 12:24 - 00156815 _____ C:\Users\Jodi\Downloads\sitemap_topics_28.xml.gz
2014-01-24 12:24 - 2014-01-24 12:24 - 00152621 _____ C:\Users\Jodi\Downloads\sitemap_topics_25.xml.gz
2014-01-21 11:05 - 2014-01-21 11:05 - 01133264 _____ C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 10:46 - 2014-01-21 10:46 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-21 10:46 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\Program Files\iTunes
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-21 10:45 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iPod
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Bonjour
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-21 10:41 - 2014-01-21 10:43 - 100400976 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 10:38 - 2014-01-21 10:40 - 98633040 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunesSetup.exe
2014-01-15 08:54 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:54 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 08:54 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-04 22:05 - 2014-01-21 00:44 - 02908160 _____ C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
2014-01-04 22:05 - 2014-01-21 00:44 - 00229376 _____ C:\Windows\system32\config\default.rrr
2014-01-04 22:02 - 2014-01-21 00:44 - 69140480 _____ C:\Windows\system32\config\software.rrr

==================== One Month Modified Files and Folders =======

2014-01-25 10:42 - 2013-10-29 11:49 - 00020786 _____ C:\Users\Jodi\Downloads\FRST.txt
2014-01-25 10:40 - 2014-01-25 10:40 - 02077696 _____ (Farbar) C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 10:39 - 2014-01-25 10:39 - 02077696 _____ (Farbar) C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-25 10:36 - 2013-01-24 18:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 10:15 - 2013-01-19 19:00 - 00058410 _____ C:\Windows\SysWOW64\AppLog.log
2014-01-25 10:10 - 2013-01-24 18:25 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 10:05 - 2009-07-13 18:34 - 00000438 _____ C:\Windows\win.ini
2014-01-25 10:04 - 2013-02-26 16:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 10:04 - 2013-01-21 17:13 - 00000320 _____ C:\Windows\Tasks\DMDefragSchedule.job
2014-01-25 10:04 - 2012-06-25 08:35 - 01575284 _____ C:\Windows\WindowsUpdate.log
2014-01-24 18:00 - 2014-01-24 17:26 - 00000462 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2014-01-24 18:00 - 2014-01-24 12:26 - 00000478 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-24 17:26 - 2014-01-24 17:26 - 00003124 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2014-01-24 17:26 - 2014-01-24 17:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00001353 _____ C:\Users\Jodi\Desktop\SparkTrust PC Cleaner Plus.lnk
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\ProgramData\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2014-01-24 17:24 - 2014-01-24 17:24 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 12:39 - 2013-10-28 13:26 - 00096836 _____ C:\Users\Jodi\Downloads\OTL.Txt
2014-01-24 12:32 - 2014-01-24 12:32 - 00001230 _____ C:\Users\Jodi\Desktop\I.R.I.S. Resource Center.lnk
2014-01-24 12:27 - 2014-01-24 12:27 - 00003140 _____ C:\Windows\System32\Tasks\PC Utility Kit Registration3
2014-01-24 12:26 - 2014-01-24 12:26 - 05395448 _____ (Red Dog Media) C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\DriverCure
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\ProgramData\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Program Files (x86)\PC Utility Kit
2014-01-24 12:24 - 2014-01-24 12:24 - 00156815 _____ C:\Users\Jodi\Downloads\sitemap_topics_28.xml.gz
2014-01-24 12:24 - 2014-01-24 12:24 - 00152621 _____ C:\Users\Jodi\Downloads\sitemap_topics_25.xml.gz
2014-01-22 10:00 - 2013-01-06 18:42 - 00000000 ____D C:\Users\Kevi
2014-01-21 16:11 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 16:11 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 16:08 - 2009-07-13 21:13 - 00783360 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 16:04 - 2013-10-29 21:22 - 00000284 _____ C:\Windows\Tasks\PTAutoUpdate.job
2014-01-21 16:03 - 2013-09-10 08:32 - 00000000 ____D C:\Windows\Minidump
2014-01-21 16:03 - 2011-11-18 12:54 - 00287260 ____N C:\Windows\Minidump\012114-42198-01.dmp
2014-01-21 16:03 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 16:03 - 2009-07-13 20:51 - 00047636 _____ C:\Windows\setupact.log
2014-01-21 15:22 - 2013-11-26 13:12 - 00000000 ____D C:\Users\Jodi\AppData\Local\Unity
2014-01-21 15:21 - 2013-02-10 20:17 - 00008021 _____ C:\ProgramData\hpzinstall.log
2014-01-21 15:21 - 2011-11-18 11:11 - 00000000 ____D C:\Program Files (x86)\Hp
2014-01-21 11:05 - 2014-01-21 11:05 - 01133264 _____ C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 10:48 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Apple Computer
2014-01-21 10:47 - 2013-12-22 19:12 - 00000000 ____D C:\Users\Jodi\AppData\Local\Apple Computer
2014-01-21 10:46 - 2014-01-21 10:46 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iTunes
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-21 10:46 - 2013-01-18 10:38 - 02196012 _____ C:\Windows\system32\Drivers\Cat.DB
2014-01-21 10:45 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iPod
2014-01-21 10:45 - 2013-12-22 18:13 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-21 10:45 - 2013-12-22 18:12 - 00000000 ____D C:\ProgramData\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Bonjour
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-21 10:43 - 2014-01-21 10:41 - 100400976 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 10:40 - 2014-01-21 10:38 - 98633040 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunesSetup.exe
2014-01-21 00:44 - 2014-01-04 22:05 - 02908160 _____ C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
2014-01-21 00:44 - 2014-01-04 22:05 - 00229376 _____ C:\Windows\system32\config\default.rrr
2014-01-21 00:44 - 2014-01-04 22:02 - 69140480 _____ C:\Windows\system32\config\software.rrr
2014-01-21 00:44 - 2013-10-06 13:08 - 05074944 _____ C:\Users\Kevi\s-1-5-21-3586771452-3940981147-1573822652-1003.rrr
2014-01-21 00:44 - 2012-06-24 16:36 - 00000000 ____D C:\Users\Jodi
2014-01-20 14:49 - 2013-01-05 23:35 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJODI-HP$
2014-01-20 14:49 - 2013-01-05 23:35 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForJODI-HP$.job
2014-01-15 20:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2014-01-15 17:25 - 2009-07-13 20:45 - 00310928 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:35 - 2013-01-05 23:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 09:34 - 2013-07-16 14:23 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:33 - 2013-01-18 14:26 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-27 10:01 - 2012-11-24 14:15 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJodi
2013-12-27 10:01 - 2012-11-24 14:15 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForJodi.job
2013-12-26 14:57 - 2013-12-22 19:26 - 00917504 ____R C:\Users\Public\Documents\ESBK.mbb
2013-12-26 14:57 - 2013-12-22 19:26 - 00600064 ____R C:\Users\Public\Documents\ESBK.mb

Some content of TEMP:
====================
C:\Users\Jodi\AppData\Local\Temp\Setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-19 15:15

==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-10-2013
Ran by Jodi at 2013-10-29 12:49:32
Running from C:\Users\Jodi\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: PC Tools Internet Security Anti-Virus (Enabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PC Tools Internet Security Anti-Spyware (Enabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
FW: PC Tools Internet Security Firewall (Enabled) {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

==================== Installed Programs ======================

5600 (x32 Version: 130.0.365.000)
5600_Help (x32 Version: 82.0.242.000)
5600Trb (x32 Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Connect 9 Add-in (HKCU Version: 11,2,251,0)
Adobe Connect MOC Add-in (x32 Version: 1.0.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000)
AIO_CDB_Software (x32 Version: 130.0.365.000)
AIO_Scan (x32 Version: 130.0.421.000)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60629.2348)
AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755)
Angry Birds (x32 Version: 3.0.0)
ArcadeFrontier (HKCU)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bing Bar (x32 Version: 7.2.241.0)
Bing Desktop (x32 Version: 1.2.126.0)
Blio (x32 Version: 2.2.6699)
Browser Guard 4.0 (x32 Version: 4.0.0.1884)
BrowserSafeguard (x32)
BufferChm (x32 Version: 130.0.331.000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755)
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755)
Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755)
CCC Help Chinese Standard (x32 Version: 2011.0630.0015.41755)
CCC Help Chinese Traditional (x32 Version: 2011.0630.0015.41755)
CCC Help Czech (x32 Version: 2011.0630.0015.41755)
CCC Help Danish (x32 Version: 2011.0630.0015.41755)
CCC Help Dutch (x32 Version: 2011.0630.0015.41755)
CCC Help English (x32 Version: 2011.0630.0015.41755)
CCC Help Finnish (x32 Version: 2011.0630.0015.41755)
CCC Help French (x32 Version: 2011.0630.0015.41755)
CCC Help German (x32 Version: 2011.0630.0015.41755)
CCC Help Greek (x32 Version: 2011.0630.0015.41755)
CCC Help Hungarian (x32 Version: 2011.0630.0015.41755)
CCC Help Italian (x32 Version: 2011.0630.0015.41755)
CCC Help Japanese (x32 Version: 2011.0630.0015.41755)
CCC Help Korean (x32 Version: 2011.0630.0015.41755)
CCC Help Norwegian (x32 Version: 2011.0630.0015.41755)
CCC Help Polish (x32 Version: 2011.0630.0015.41755)
CCC Help Portuguese (x32 Version: 2011.0630.0015.41755)
CCC Help Russian (x32 Version: 2011.0630.0015.41755)
CCC Help Spanish (x32 Version: 2011.0630.0015.41755)
CCC Help Swedish (x32 Version: 2011.0630.0015.41755)
CCC Help Thai (x32 Version: 2011.0630.0015.41755)
CCC Help Turkish (x32 Version: 2011.0630.0015.41755)
ccc-utility64 (Version: 2011.0630.16.41755)
Copy (x32 Version: 130.0.428.000)
D3DX10 (x32 Version: 15.4.2368.0902)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DMUninstaller (x32)
DocProc (x32 Version: 13.0.0.0)
DownloadTerms (HKCU Version: 1.0)
Elevated Installer (x32 Version: 2.1.8)
Fax (x32 Version: 130.0.418.000)
FOREXTraderPro (HKCU Version: 3.1.0.143)
Garmin Express (x32 Version: 2.1.8)
Garmin Express Tray (x32 Version: 2.1.8)
Garmin Update Service (x32 Version: 2.1.8)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.165)
GPBaseService2 (x32 Version: 130.0.371.000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP LinkUp (x32 Version: 2.01.028)
HP MovieStore (x32 Version: 1.0.057)
HP MovieStore (x32 Version: 2.0)
HP Odometer (x32 Version: 2.10.0000)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Setup (x32 Version: 8.7.4747.3786)
HP Setup Manager (x32 Version: 1.1.13880.3792)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (x32 Version: 6.0.4.1)
HP Support Information (x32 Version: 10.1.1000)
HP Update (x32 Version: 5.005.000.002)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
IHA_MessageCenter (x32 Version: 1.8.70)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.0)
Java™ 6 Update 33 (64-bit) (Version: 6.0.330)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
MarketResearch (x32 Version: 130.0.374.000)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (x32 Version: 4.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Norton Online Backup (x32 Version: 2.1.17869)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC Tools Internet Security 9.1 (x32 Version: 9.1)
PC Tools Performance Toolkit 2.1 (x32 Version: 2.1)
PDF Complete Special Edition (x32 Version: 4.0.54)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Power2Go (x32 Version: 6.1.5331)
PressReader (x32 Version: 5.10.1217.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6531)
Recovery Manager (x32 Version: 5.5.0.4320)
Remote Graphics Receiver (x32 Version: 5.4.5)
Scan (x32 Version: 13.0.0.0)
Slingo Supreme 2 (x32 Version: 2.2.0.110)
SmartWebPrinting (x32 Version: 130.0.457.000)
Snap.Do Engine (HKCU Version: 1.140.1.11833)
Snap.Do Engine (HKCU Version: 1.99.1.11691)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Update Installer for WildTangent Games App (x32)
Verizon Toolbar (x32 Version: 6.0.0.40)
Vz In-Home Agent (x32 Version: 9.0.35.0)
Web Protect for Windows (x32 Version: 3.28.33)
WebReg (x32 Version: 130.0.132.017)
WildTangent Games (x32 Version: 1.0.4.0)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.20)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Zinio Reader 4 (x32 Version: 4.2.4164)

==================== Restore Points =========================

27-10-2013 20:24:42 Created by PC Tools Performance Toolkit
28-10-2013 19:49:10 Created by PC Tools Performance Toolkit
28-10-2013 20:39:21 Windows Update
29-10-2013 01:23:28 PC Tools Internet Security: Cleaning Threats
29-10-2013 06:26:02 Created by PC Tools Performance Toolkit
29-10-2013 06:28:28 Created by PC Tools Performance Toolkit

==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {268512B6-86A5-4234-A7BF-C3DE5501AAFE} - System32\Tasks\PTAutoUpdate => C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe [2012-08-24] (PC Tools)
Task: {2B9303B1-577F-42B1-A66E-E3EEEFB631B4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {3217ECD3-B8F5-49AC-86E7-DD1B727B50C3} - System32\Tasks\{D56A4B04-B7D4-4B3A-81B2-7C8167E043B3} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2013-08-14] (Microsoft Corporation)
Task: {37BBEA67-577D-4879-A5C3-D160B5FC6A79} - System32\Tasks\HPCeeScheduleForJodi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {5F14974A-D301-4ADB-8A2E-FB0DDAB16C8B} - System32\Tasks\PTSchedule => C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe [2012-08-24] (PC Tools)
Task: {60BB7BAF-9AB8-4A3F-BCBE-0CBB68E3BCAC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {63A47C5B-76CD-4206-943D-184F6C49C7BB} - \AmiUpdXp No Task File
Task: {65213A2C-A0EC-46DC-A4B6-6C3C22D732D5} - System32\Tasks\ArcadeFrontier => C:\Users\Jodi\AppData\Local\ArcadeFrontier\veragent.exe
Task: {692EA836-10B2-470A-80E5-AFBD7EC40858} - System32\Tasks\0 => Iexplore.exe
Task: {6FB5329E-BC21-4905-A8F4-FA56D3A69698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {75281922-2015-4597-A423-9074929FDCD8} - System32\Tasks\HPCeeScheduleForJODI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {8D233DFD-D9C0-43FA-82DC-51F9729A06A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {A27FA066-F66F-4AB9-B69C-EF19EFDACF82} - System32\Tasks\DMDefragSchedule => C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe [2012-08-24] ()
Task: {BAB84A1A-3AE8-4B85-A62B-0D4D02B6539E} - \LyricsContainer Update No Task File
Task: {C954062D-4722-43BF-8511-24F96192E0B8} - System32\Tasks\4571 => C:\Users\Jodi\AppData\Local\Temp\launchie.vbsC:\Users\Jodi\AppData\Local\Temp\launchie.vbs //B
Task: {DA8BE265-8751-4BD4-9975-50245EA24035} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {F93762B9-3E2C-4A6A-ACD0-5B05C5C7E9EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-01-10] (Hewlett-Packard)
Task: {FD4992A6-8438-4619-8383-FE95D39C56C6} - System32\Tasks\{8FC64FEA-8775-4F38-9941-3E4C3F308264} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DMDefragSchedule.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJODI-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJodi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PTAutoUpdate.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe

==================== Loaded Modules (whitelisted) =============

2011-06-30 01:14 - 2011-06-30 01:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 15:20 - 2011-03-14 15:20 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-18 11:46 - 2012-10-23 18:40 - 00109688 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BSPatch.dll
2013-01-18 11:45 - 2012-11-01 16:34 - 00092792 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll
2013-01-18 11:45 - 2012-11-01 16:34 - 03983480 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\SMEngine.dll
2013-01-18 11:45 - 2012-11-01 16:34 - 00239736 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\DEClient.dll
2013-01-18 11:45 - 2012-11-01 16:34 - 00863864 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\SMPlugin.dll
2013-01-18 11:45 - 2012-11-01 16:34 - 00377464 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\pctui\PCTUI.DLL
2013-09-04 13:29 - 2013-09-02 13:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 13:29 - 2013-09-02 13:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 13:29 - 2013-09-02 13:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 13:29 - 2013-09-02 13:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 13:29 - 2013-09-02 13:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-04 13:29 - 2013-09-02 13:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0D786AE3
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/28/2013 11:36:25 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

Error: (10/28/2013 11:36:25 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

Error: (10/28/2013 11:36:25 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

Error: (10/28/2013 11:36:25 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/28/2013 11:36:24 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=431}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/28/2013 11:36:24 PM) (Source: Windows Search Service) (User: )
Description: The gatherer is unable to read the registry Path.

Context: Application, SystemIndex Catalog

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

System errors:
=============
Error: (10/28/2013 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/28/2013 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218173.

Error: (10/28/2013 11:00:01 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 3570.82 MB
Available physical RAM: 1747.72 MB
Total Pagefile: 7139.81 MB
Available Pagefile: 4810.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.67 GB) (Free:879.37 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 78366413)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#4
emeraldnzl

Posted 25 January 2014 - 03:27 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Jodibfp,

Firstly please uninstall:

ArcadeFrontier
Snap.Do Engine

After that

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

#5
Jodibfp

Posted 25 January 2014 - 03:50 PM

Member

Topic Starter
Member
29 posts

When I try to uninstall Snap do engine, the computer does nothing. I have it in programs like 7 times, no I don't know why. There is not a program called arcade frontier in my programs at all.????

#6
emeraldnzl

Posted 25 January 2014 - 03:57 PM

GeekU Instructor

GeekU Moderator
20,051 posts

It's worth a shot to see if they will uninstall, sometimes you can remove part of them that way.

The uninstaller often won't work though and even when they do they leave stuff behind.

Just go ahead with the fix now.

#7
Jodibfp

Posted 25 January 2014 - 05:16 PM

Member

Topic Starter
Member
29 posts

Here is the log from the Fix I ran. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-01-2014 01
Ran by Jodi at 2014-01-25 15:14:37 Run:1
Running from C:\Users\Jodi\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: PlayBryte - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\[email protected] [2013-09-04]
C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\[email protected]
FF Extension: ArcadeFrontier - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53} [2013-09-18]
FF Extension: WebProtect - C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{73700254-FC00-4BFE-9DDE-878152B4DCA1} [2013-09-05]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-09-14]
CHR Extension: (8 Ball Pool) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbckkebdohdohehbiliegcmfbbflkhc [2013-11-26]
CHR Extension: (PlayBryte) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\conapliknaimcnaellhknncminadnahb [2013-09-04]
CHR Extension: (TidyNetwork.com) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbllfhlpjmoameejmapfpddbhcihcjg [2013-08-25]
CHR Extension: (Google Search) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-24]
CHR Extension: (DealPly Germany) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-12-29]
CHR Extension: (ArcadeFrontier) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl [2013-09-18]
CHR Extension: (Web Protect) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pponpdaamgooiofhbhjomglmdeeaaagf [2013-09-06]
CHR HKLM-x32\...\Chrome\Extension: [pponpdaamgooiofhbhjomglmdeeaaagf] - C:\Program Files (x86)\Web Protect\chrome-wp.crx [2013-09-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Jodi\AppData\Local\Temp\Setup.exe
Task: {65213A2C-A0EC-46DC-A4B6-6C3C22D732D5} - System32\Tasks\ArcadeFrontier => C:\Users\Jodi\AppData\Local\ArcadeFrontier\veragent.exe
C:\Users\Jodi\AppData\Local\ArcadeFrontier
AlternateDataStreams: C:\ProgramData\Temp:0D786AE3
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

*****************

C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\[email protected] => Moved successfully.
"C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\[email protected]" => File/Directory not found.
C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53} => Moved successfully.
C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\Extensions\{73700254-FC00-4BFE-9DDE-878152B4DCA1} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbckkebdohdohehbiliegcmfbbflkhc => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\conapliknaimcnaellhknncminadnahb => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbllfhlpjmoameejmapfpddbhcihcjg => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl => Moved successfully.
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pponpdaamgooiofhbhjomglmdeeaaagf => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pponpdaamgooiofhbhjomglmdeeaaagf => Key deleted successfully.
C:\Program Files (x86)\Web Protect\chrome-wp.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\Jodi\AppData\Local\Temp\Setup.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65213A2C-A0EC-46DC-A4B6-6C3C22D732D5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65213A2C-A0EC-46DC-A4B6-6C3C22D732D5} => Key deleted successfully.
C:\Windows\System32\Tasks\ArcadeFrontier => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ArcadeFrontier => Key deleted successfully.
"C:\Users\Jodi\AppData\Local\ArcadeFrontier" => File/Directory not found.
C:\ProgramData\Temp => ":0D786AE3" ADS removed successfully.
C:\ProgramData\Temp => ":430C6D84" ADS removed successfully.
C:\ProgramData\Temp => ":DFC5A2B2" ADS removed successfully.

==== End of Fixlog ====

#8
emeraldnzl

Posted 25 January 2014 - 05:20 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Jodibfp,

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

Close any open browsers.
Temporarily disable your AntiVirus program. (If necessary)
Double click on zoek.exe to run.
Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
Click Options button below the large panel and check the box:

Auto Clean
Click on Run script button
Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

#9
Jodibfp

Posted 25 January 2014 - 09:33 PM

Member

Topic Starter
Member
29 posts

Here is the log from zoek.exe. It already did reboot.
Zoek.exe v5.0.0.0 Updated 25-January-2014
Tool run by Jodi on Sat 01/25/2014 at 17:25:31.84.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jodi\Downloads\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

1/25/2014 5:27:35 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140125_0538_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\components\msservice.js deleted
C:\PROGRA~2\Mozilla Firefox\browser\nsprotector.js deleted
C:\Program Files\Uninstaller deleted
C:\Users\Jodi\AppData\Roaming\DriverCure deleted
C:\ProgramData\Package Cache deleted
C:\Users\Jodi\AppData\Local\Updater19866 deleted
C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\Launcher.exe deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\CT3289663 deleted
C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\CT3298580 deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Jodi\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-15 16:54:20 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2014-01-21 18:46:48 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys
2014-01-15 16:54:21 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 16:54:21 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 16:54:21 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 16:54:20 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 16:54:20 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 16:54:20 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 16:54:20 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 16:54:19 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
2014-01-25 01:26:09 A82D8E73CAD6A15449694497A1AECFD2 3124 ----a-w- C:\Windows\Sysnative\Tasks\SparkTrust Registration3
2014-01-25 01:26:09 63CC503960137176C284DE0563B2C369 462 ----a-w- C:\Windows\Tasks\SparkTrust Registration3.job
2014-01-24 20:27:00 FA22EBD6FF0572E08ABA955E2A44AC69 3140 ----a-w- C:\Windows\Sysnative\Tasks\PC Utility Kit Registration3
2014-01-24 20:26:59 4ED2462249C69DE9615DCA1CD9159D12 478 ----a-w- C:\Windows\Tasks\PC Utility Kit Registration3.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-21 18:45:51 -------- d-----w- C:\Program Files\iPod
2014-01-21 18:45:50 -------- d-----w- C:\Program Files\iTunes
2014-01-21 18:44:56 -------- d-----w- C:\Program Files\Common Files\Apple
2014-01-21 18:44:43 -------- d-----w- C:\Program Files\Bonjour
======= C:\PROGRA~2 =====
2014-01-25 01:25:51 -------- d-----w- C:\PROGRA~2\COMMON~1\SparkTrust
2014-01-25 01:25:47 -------- d-----w- C:\PROGRA~2\SparkTrust
2014-01-24 20:26:46 -------- d-----w- C:\PROGRA~2\COMMON~1\PC Utility Kit
2014-01-24 20:26:45 -------- d-----w- C:\PROGRA~2\PC Utility Kit
2014-01-21 18:45:50 -------- d-----w- C:\PROGRA~2\iTunes
2014-01-21 18:44:43 -------- d-----w- C:\PROGRA~2\Bonjour
======= C: =====
====== C:\Users\Jodi\AppData\Roaming ======
2014-01-25 01:26:04 -------- d-----w- C:\Users\Jodi\AppData\Roaming\SparkTrust
2014-01-25 01:25:51 -------- d-----w- C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2014-01-24 20:26:55 -------- d-----w- C:\Users\Jodi\AppData\Roaming\PC Utility Kit
2014-01-24 20:26:46 -------- d-----w- C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
2014-01-21 18:45:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer
====== C:\Users\Jodi ======
2014-01-25 23:14:13 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Documents\FRST64 (1).exe
2014-01-25 18:40:57 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 18:39:50 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-25 01:30:43 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-25 01:30:01 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-25 01:25:47 -------- d-----w- C:\ProgramData\SparkTrust
2014-01-25 01:24:50 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 20:26:45 -------- d-----w- C:\ProgramData\PC Utility Kit
2014-01-24 20:26:01 85EB8969CC20E53DA543F5D3985FDFB9 5395448 ----a-w- C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-21 19:05:10 EB4263DA6B5ACFDE46A476BD9B504C06 1133264 ----a-w- C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 18:46:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-01-21 18:45:50 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-21 18:41:35 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 18:38:28 EDCFABE4AA181E1361DEFA631B91A729 98633040 ----a-w- C:\Users\Jodi\Downloads\iTunesSetup.exe
2014-01-05 06:05:42 DBB950931FA9A0A9E939580F41D6A22E 2908160 ----a-w- C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr

====== C: exe-files ==
2014-01-25 23:48:24 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe
2014-01-25 23:48:20 9951192EACEAA79DCE5E77E785C1AA55 400464 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_C22F1A733501EA96.exe
2014-01-25 23:48:16 1ACCA74287FE5D7449FBB2B9F0C83341 309328 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_D053C89A9DB0461F.exe
2014-01-25 23:48:13 228A4633D638F7EEA6400D5ED5274397 1071696 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
2014-01-25 23:47:32 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files (x86)\Google\Update\Install\{FF7202D8-F771-4D7B-B041-13B0B46A6F9B}\GoogleToolbarInstaller_updater_signed.exe
2014-01-25 23:47:32 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe
2014-01-25 23:40:03 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files (x86)\Google\Update\Install\{D1625573-8366-4A04-BF50-15E04E45CC1D}\32.0.1700.76_chrome_installer.exe
2014-01-25 23:39:59 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_chrome_installer.exe
2014-01-25 23:14:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jodi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CWF1K1I\FRST64[1].exe
2014-01-25 23:14:13 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Documents\FRST64 (1).exe
2014-01-25 18:40:57 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 18:39:50 60A5149DE1DCC2A6579FDCAEF2D04785 2077696 ----a-w- C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-25 01:30:43 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-25 01:30:01 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-25 01:24:50 F55F21EC86B6334F12E891107F0C9A5B 5955760 ----a-w- C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 20:26:01 85EB8969CC20E53DA543F5D3985FDFB9 5395448 ----a-w- C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-22 00:14:00 B36463BAFFCA92E5C11213C7500125C4 11801248 ----a-w- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0oemBingBarSetup-Partner.EXE
2014-01-21 19:05:10 EB4263DA6B5ACFDE46A476BD9B504C06 1133264 ----a-w- C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 18:41:35 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 18:38:28 EDCFABE4AA181E1361DEFA631B91A729 98633040 ----a-w- C:\Users\Jodi\Downloads\iTunesSetup.exe
=== C: other files ==
2014-01-21 18:46:48 8E98D21EE06192492A5671A6144D092F 33240 -c--a-w- C:\Windows\System32\DRVSTORE\GEARAspiWD_53DFBC3344EBC2614851E0BF38F60B616DF86778\x64\GEARAspiWDM.sys
2014-01-21 18:46:48 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Browser Infrastructure Helper"="C:\Program Files (x86)\Adobe\Adobe Connect MOC Add-in\AdobeMocAddin.exe"

[HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ConduitFloatingPlugin_nemfjadlboooiffmcelkafilagddogim"="C:\Windows\SysWOW64\Rundll32.exe C:\Program Files (x86)\Conduit\CT3289663\plugins\TBVerifier.dll,RunConduitFloatingPlugin nemfjadlboooiffmcelkafilagddogim"
"ConduitFloatingPlugin_bpfboklmeiefoedekjeigdcnfbpjeaii"="C:\Windows\SysWOW64\Rundll32.exe C:\Program Files (x86)\Conduit\CT3298580\plugins\TBVerifier.dll,RunConduitFloatingPlugin bpfboklmeiefoedekjeigdcnfbpjeaii"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"ISTray"="C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe /hideGUI"
"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"BingDesktop"="C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Browser Infrastructure Helper"="C:\Program Files (x86)\Adobe\Adobe Connect MOC Add-in\AdobeMocAddin.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\24x7HELP]
"hkey"="HKLM"
"item"="24x7HELP"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe MOC AddIn]
"command"="C:\\Program Files (x86)\\Adobe\\Adobe Connect MOC Add-in\\AdobeMocAddin.exe"
"hkey"="HKCU"
"item"="Adobe MOC AddIn"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
"hkey"="HKLM"
"item"="APSDaemon"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard]
"hkey"="HKCU"
"item"="BrowserSafeguard"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_bpfboklmeiefoedekjeigdcnfbpjeaii]
"command"="\"C:\\Windows\\SysWOW64\\Rundll32.exe\" \"C:\\Program Files (x86)\\Conduit\\CT3298580\\plugins\\TBVerifier.dll\",RunConduitFloatingPlugin bpfboklmeiefoedekjeigdcnfbpjeaii"
"hkey"="HKCU"
"item"="ConduitFloatingPlugin_bpfboklmeiefoedekjeigdcnfbpjeaii"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GardeningEnthusiast Home Page Guard 64 bit]
"hkey"="HKLM"
"item"="GardeningEnthusiast Home Page Guard 64 bit"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GardeningEnthusiast Search Scope Monitor]
"hkey"="HKLM"
"item"="GardeningEnthusiast Search Scope Monitor"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GardeningEnthusiast_7j Browser Plugin Loader]
"hkey"="HKLM"
"item"="GardeningEnthusiast_7j Browser Plugin Loader"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"command"="\"C:\\Users\\Jodi\\Desktop\\Garmin\\Express Tray\\ExpressTray.exe\""
"hkey"="HKCU"
"item"="GarminExpressTrayApp"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
"command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"
"hkey"="HKLM"
"item"="hpqSRMon"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"
"hkey"="HKLM"
"item"="Norton Online Backup"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaners]
"hkey"="HKLM"
"item"="PC Cleaners"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCFixSpeed]
"hkey"="HKLM"
"item"="PCFixSpeed"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp]
"hkey"="HKCU"
"item"="PCSpeedUp"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF Complete]
"command"="C:\\Program Files (x86)\\PDF Complete\\pdfsty.exe"
"hkey"="HKLM"
"item"="PDF Complete"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Privoxy]
"command"="C:\\Program Files (x86)\\privoxy\\starthelp.exe"
"hkey"="HKLM"
"item"="Privoxy"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"hkey"="HKLM"
"item"="QuickTime Task"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect]
"hkey"="HKCU"
"item"="SearchProtect"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtectAll]
"hkey"="HKLM"
"item"="SearchProtectAll"
"key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Time Tracking Tool]
"hkey"="HKCU"
"item"="Time Tracking Tool"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop]
"hkey"="HKCU"
"item"="WebCake Desktop"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
"command"="C:\\Program Files (x86)\\Hp\\Digital Imaging\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backupExtension"="Common Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jodi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts App.lnk]
"backup"="C:\\Windows\\pss\\Severe Weather Alerts App.lnk.Startup"
"command"="C:\\Users\\Jodi\\AppData\\Local\\SevereWeatherAlerts\\SevereWeatherAlertsApp.exe "
"item"="Severe Weather Alerts App"
"path"="C:\\Users\\Jodi\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Severe Weather Alerts App.lnk"
"backupExtension"=".Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jodi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts.lnk]
"backup"="C:\\Windows\\pss\\Severe Weather Alerts.lnk.Startup"
"command"="C:\\Users\\Jodi\\AppData\\Local\\SevereWeatherAlerts\\SevereWeatherAlerts.exe /restart"
"item"="Severe Weather Alerts"
"path"="C:\\Users\\Jodi\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Severe Weather Alerts.lnk"
"backupExtension"=".Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dealplylive]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dealplylivem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Garmin Core Update Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HPClientSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IHA_MessageCenter]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\pdfcDispatcher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update WK]

==== Startup Folders ======================

2013-12-23 01:06:26 2076 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
2013-12-23 01:06:58 2257 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak software updater.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/11/2013 11:01 AM]
C:\Windows\tasks\DMDefragSchedule.job --a------ C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe [08/24/2012 11:21 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/24/2013 06:24 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/24/2013 06:24 PM]
C:\Windows\tasks\HPCeeScheduleForJODI-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [09/13/2010 10:15 PM]
C:\Windows\tasks\HPCeeScheduleForJodi.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [09/13/2010 10:15 PM]
C:\Windows\tasks\PC Utility Kit Registration3.job --a------ C:\Windows\system32\rundll32JC:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll []
C:\Windows\tasks\PTAutoUpdate.job --a------ [Undetermined Task]
C:\Windows\tasks\SparkTrust Registration3.job --a------ C:\Windows\system32\rundll32FC:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4571" [wscript.exe C:\Users\Jodi\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\DMDefragSchedule" [C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForJodi" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForJODI-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\PC Utility Kit Registration3" [C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll" RunUns]
"C:\Windows\SysNative\tasks\PTAutoUpdate" [C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe]
"C:\Windows\SysNative\tasks\PTSchedule" [C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe]
"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\SparkTrust Registration3" [C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{188C5F6A-1AD1-4AC4-969F-6519C912AEB3}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{9D2A77C4-F7D1-4466-B473-26A6EEB5B901}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{8FC64FEA-8775-4F38-9941-3E4C3F308264}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE]
"C:\Windows\SysNative\tasks\{D56A4B04-B7D4-4B3A-81B2-7C8167E043B3}" [C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE]
"C:\Windows\SysNative\tasks\{F7476653-B0B4-484B-A6E8-6B6612A072E3}" [C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\TweakBit\PCSpeedUp\Start PCSpeedUp automatic scanning" [C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/10/2013 08:22 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/10/2013 08:22 PM]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

YouTube - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
8 Ball Pool Multiplayer - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfplgpeamcbpecnihfpikllkfojgkai
Traffic Slam 3 - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjmailnmofkkffoemgmdbemmohldhe
Poppit - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
Google Wallet - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage deleted successfully
C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certif...209E4A4D4BB&q="
"Search Bar"="http://search.certif...209E4A4D4BB&q="
"Search Page"="http://search.certif...209E4A4D4BB&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certif...209E4A4D4BB&q="
"Search Bar"="http://search.certif...209E4A4D4BB&q="
"Search Page"="http://search.certif...209E4A4D4BB&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...9E4A4D4BB&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:tabs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:tabs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://search.certif...209E4A4D4BB&q="
"Search Bar"="http://search.certif...209E4A4D4BB&q="
"Search Page"="http://search.certif...209E4A4D4BB&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://search.certif...209E4A4D4BB&q="
"Search Bar"="http://search.certif...209E4A4D4BB&q="
"Search Page"="http://search.certif...209E4A4D4BB&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft..../?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
"SearchAssistant"="http://ie.search.msn...t/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/...c=IE-SearchBox"
{22145C7A-A6BF-42F7-A3CA-587A7B4663B7} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.co...ge={startPage}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{22145C7A-A6BF-42F7-A3CA-587A7B4663B7} deleted successfully
HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1003\Software\Microsoft\Internet Explorer\SearchScopes\{22145C7A-A6BF-42F7-A3CA-587A7B4663B7} deleted successfully
HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} deleted successfully
HKEY_USERS\S-1-5-21-3586771452-3940981147-1573822652-1003\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{007539b3-7cf9-40b1-8238-6ec7e5562a8d} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1b187179-4d21-494a-8947-8a3c7daf624c} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef6fc4e-c51c-4f43-8b41-7858381422fd} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89d36b33-d0b2-40e8-a07c-07ac5a8b1aba} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ce57e60d-0350-4ce0-9e90-5163f83c5dc2} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eabfb992-117a-49be-af3a-dc8672d02f02} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Defender_is1 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\24x7HELP deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserSafeguard deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GardeningEnthusiast Home Page Guard 64 bit deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GardeningEnthusiast Search Scope Monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GardeningEnthusiast_7j Browser Plugin Loader deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Cleaners deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCFixSpeed deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Time Tracking Tool deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebCake Desktop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jodi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jodi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Jodi\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jodi\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kevi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kevi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kevi\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jodi\AppData\Local\Mozilla\Firefox\Profiles\cis3sens.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=128 folders=14 16420874 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kevi\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Jodi\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jodi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 01/25/2014 at 19:31:28.99 ======================

#10
emeraldnzl

Posted 25 January 2014 - 09:52 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Jodibfp,

Please download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

After that

Please run FRST again with the box under Optional Scan Addition.txt ticked. Post back the FRST.txt and Addition.txt logs it generates along with the AdwCleaner log.

#11
Jodibfp

Posted 26 January 2014 - 12:24 AM

Member

Topic Starter
Member
29 posts

The following is the Adw cleaner log.# AdwCleaner v3.017 - Report created 25/01/2014 at 21:36:12
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jodi - JODI-HP
# Running from : C:\Users\Jodi\Downloads\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default\prefs.js ]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [62634 octets] - [28/10/2013 19:20:24]
AdwCleaner[R1].txt - [2084 octets] - [25/01/2014 20:35:13]
AdwCleaner[S0].txt - [59861 octets] - [28/10/2013 19:21:29]
AdwCleaner[S1].txt - [2019 octets] - [25/01/2014 21:36:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2079 octets] ##########

FRST log is following, and addition txt logScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 01
Ran by Jodi (administrator) on JODI-HP on 25-01-2014 22:17:05
Running from C:\Users\Jodi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISTray] - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2717816 2012-11-16] (PC Tools)
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-24] (PC Tools)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {ca2c14de-7bcb-11e2-bcbf-386077b88ec2} - G:\LaunchU3.exe -a
HKU\Kevi\...\Run: [ConduitFloatingPlugin_nemfjadlboooiffmcelkafilagddogim] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3289663\plugins\TBVerifier.dll",RunConduitFloatingPlugin nemfjadlboooiffmcelkafilagddogim
HKU\Kevi\...\Run: [ConduitFloatingPlugin_bpfboklmeiefoedekjeigdcnfbpjeaii] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3298580\plugins\TBVerifier.dll",RunConduitFloatingPlugin bpfboklmeiefoedekjeigdcnfbpjeaii

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:tabs
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...age={startPage}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Web Protect - {2CEBF6C7-2B40-469B-B5D5-CD3F3676C3C4} - C:\Program Files (x86)\Web Protect\WebProtect.dll (WebProtect)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 4.2.2.2

FireFox:
========
FF ProfilePath: C:\Users\Jodi\AppData\Roaming\Mozilla\Firefox\Profiles\cis3sens.default
FF Homepage: hxxp://webmail.netzero.net/?&try=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-10]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-10]

Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-24]
CHR Extension: (8 Ball Pool Multiplayer) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfplgpeamcbpecnihfpikllkfojgkai [2013-11-26]
CHR Extension: (Traffic Slam 3) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjmailnmofkkffoemgmdbemmohldhe [2013-11-26]
CHR Extension: (Poppit) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-11-26]
CHR Extension: (Google Wallet) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR Extension: (Gmail) - C:\Users\Jodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-24]

==================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
S3 DMDefragService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [1147040 2012-08-24] (PC Tools)
S3 DMRepairService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [1134240 2012-08-24] (PC Tools)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-05] (WildTangent)
S4 Garmin Core Update Service; C:\Users\Jodi\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185176 2013-02-19] (Garmin Ltd or its subsidiaries)
S4 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [346696 2013-07-30] (Verizon)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-24] (PC Tools)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
R2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools)
R2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1162360 2012-11-01] (PC Tools)
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [x]
S2 HPSLPSVC; C:\Users\Jodi\AppData\Local\Temp\7zS4407\hpslpsvc64.dll [x]

==================== Drivers (Whitelisted) ====================

S3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [125024 2012-09-17] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools)
R1 pctNdisLW64; C:\Windows\System32\DRIVERS\pctNdisLW64.sys [78680 2012-09-19] (PC Tools)
R3 pctplfw; C:\Windows\System32\drivers\pctplfw64.sys [182728 2012-11-16] (PC Tools)
R3 pctplsg; C:\Windows\System32\drivers\pctplsg64.sys [93600 2012-11-01] (PC Tools)
R3 pctplsm; C:\Windows\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-25 22:17 - 2014-01-25 22:17 - 00017898 _____ C:\Users\Jodi\Desktop\FRST.txt
2014-01-25 22:16 - 2014-01-25 22:16 - 00000000 ____D C:\Users\Jodi\Desktop\FRST-OlderVersion
2014-01-25 22:14 - 2014-01-25 22:14 - 01236282 _____ C:\Users\Jodi\Downloads\AdwCleaner (2).exe
2014-01-25 20:29 - 2014-01-25 20:29 - 01236282 _____ C:\Users\Jodi\Downloads\AdwCleaner (1).exe
2014-01-25 19:32 - 2014-01-25 19:32 - 01283072 _____ C:\Users\Jodi\Downloads\zoek (1).exe
2014-01-25 18:10 - 2014-01-25 21:47 - 00000000 ____D C:\Windows\SysWOW64\WCID
2014-01-25 18:10 - 2014-01-25 18:10 - 00023888 _____ C:\LDB_20121105001
2014-01-25 17:45 - 2014-01-25 17:25 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-25 17:37 - 2014-01-25 19:31 - 00000000 ____D C:\zoek
2014-01-25 17:27 - 2014-01-25 19:31 - 00044054 _____ C:\zoek-results.log
2014-01-25 17:25 - 2014-01-25 17:42 - 00000000 ____D C:\zoek_backup
2014-01-25 17:25 - 2014-01-25 17:25 - 04086782 _____ C:\Users\Jodi\Desktop\zoek.zip
2014-01-25 17:24 - 2014-01-25 17:24 - 01283072 _____ C:\Users\Jodi\Downloads\zoek.exe
2014-01-25 15:14 - 2014-01-25 10:39 - 02077696 _____ (Farbar) C:\Users\Jodi\Documents\FRST64 (1).exe
2014-01-25 15:11 - 2014-01-25 15:11 - 00002443 _____ C:\Users\Jodi\Downloads\fixlist (1).txt
2014-01-25 15:06 - 2014-01-25 15:06 - 00001109 _____ C:\Users\Jodi\Downloads\fixlist.txt - Shortcut.lnk
2014-01-25 15:04 - 2014-01-25 15:04 - 00001115 _____ C:\Users\Jodi\Desktop\fixlist.txt - Shortcut.lnk
2014-01-25 10:40 - 2014-01-25 22:16 - 02078208 _____ (Farbar) C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 10:39 - 2014-01-25 10:39 - 02077696 _____ (Farbar) C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-24 17:26 - 2014-01-24 18:00 - 00000462 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2014-01-24 17:26 - 2014-01-24 17:26 - 00003124 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2014-01-24 17:26 - 2014-01-24 17:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\ProgramData\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2014-01-24 17:24 - 2014-01-24 17:24 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 12:27 - 2014-01-24 12:27 - 00003140 _____ C:\Windows\System32\Tasks\PC Utility Kit Registration3
2014-01-24 12:26 - 2014-01-24 18:00 - 00000478 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2014-01-24 12:26 - 2014-01-24 12:26 - 05395448 _____ (Red Dog Media) C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\ProgramData\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Program Files (x86)\PC Utility Kit
2014-01-24 12:24 - 2014-01-24 12:24 - 00156815 _____ C:\Users\Jodi\Downloads\sitemap_topics_28.xml.gz
2014-01-24 12:24 - 2014-01-24 12:24 - 00152621 _____ C:\Users\Jodi\Downloads\sitemap_topics_25.xml.gz
2014-01-21 11:05 - 2014-01-21 11:05 - 01133264 _____ C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 10:46 - 2014-01-21 10:46 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-21 10:46 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\Program Files\iTunes
2014-01-21 10:45 - 2014-01-21 10:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-21 10:45 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iPod
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Bonjour
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-21 10:41 - 2014-01-21 10:43 - 100400976 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 10:38 - 2014-01-21 10:40 - 98633040 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunesSetup.exe
2014-01-15 08:54 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:54 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:54 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 08:54 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-04 22:05 - 2014-01-21 00:44 - 02908160 _____ C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
2014-01-04 22:05 - 2014-01-21 00:44 - 00229376 _____ C:\Windows\system32\config\default.rrr
2014-01-04 22:02 - 2014-01-21 00:44 - 69140480 _____ C:\Windows\system32\config\software.rrr

==================== One Month Modified Files and Folders =======

2014-01-25 22:17 - 2014-01-25 22:17 - 00017898 _____ C:\Users\Jodi\Desktop\FRST.txt
2014-01-25 22:16 - 2014-01-25 22:16 - 00000000 ____D C:\Users\Jodi\Desktop\FRST-OlderVersion
2014-01-25 22:16 - 2014-01-25 10:40 - 02078208 _____ (Farbar) C:\Users\Jodi\Desktop\FRST64.exe
2014-01-25 22:16 - 2013-10-29 11:48 - 00000000 ____D C:\FRST
2014-01-25 22:14 - 2014-01-25 22:14 - 01236282 _____ C:\Users\Jodi\Downloads\AdwCleaner (2).exe
2014-01-25 22:14 - 2013-10-29 21:22 - 00000284 _____ C:\Windows\Tasks\PTAutoUpdate.job
2014-01-25 22:14 - 2013-01-24 18:25 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 22:01 - 2013-02-26 16:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 21:47 - 2014-01-25 18:10 - 00000000 ____D C:\Windows\SysWOW64\WCID
2014-01-25 21:45 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 21:45 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 21:42 - 2009-07-13 21:13 - 00783360 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 21:40 - 2012-06-25 08:35 - 01585799 _____ C:\Windows\WindowsUpdate.log
2014-01-25 21:37 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 21:37 - 2009-07-13 20:51 - 00047748 _____ C:\Windows\setupact.log
2014-01-25 21:36 - 2013-10-28 19:20 - 00000000 ____D C:\AdwCleaner
2014-01-25 21:36 - 2013-01-24 18:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 20:29 - 2014-01-25 20:29 - 01236282 _____ C:\Users\Jodi\Downloads\AdwCleaner (1).exe
2014-01-25 19:32 - 2014-01-25 19:32 - 01283072 _____ C:\Users\Jodi\Downloads\zoek (1).exe
2014-01-25 19:31 - 2014-01-25 17:37 - 00000000 ____D C:\zoek
2014-01-25 19:31 - 2014-01-25 17:27 - 00044054 _____ C:\zoek-results.log
2014-01-25 18:10 - 2014-01-25 18:10 - 00023888 _____ C:\LDB_20121105001
2014-01-25 17:59 - 2010-11-20 19:47 - 00890452 _____ C:\Windows\PFRO.log
2014-01-25 17:42 - 2014-01-25 17:25 - 00000000 ____D C:\zoek_backup
2014-01-25 17:27 - 2009-07-13 18:34 - 00000438 _____ C:\Windows\win.ini
2014-01-25 17:25 - 2014-01-25 17:45 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-25 17:25 - 2014-01-25 17:25 - 04086782 _____ C:\Users\Jodi\Desktop\zoek.zip
2014-01-25 17:24 - 2014-01-25 17:24 - 01283072 _____ C:\Users\Jodi\Downloads\zoek.exe
2014-01-25 15:14 - 2013-09-05 15:06 - 00000000 ____D C:\Program Files (x86)\Web Protect
2014-01-25 15:11 - 2014-01-25 15:11 - 00002443 _____ C:\Users\Jodi\Downloads\fixlist (1).txt
2014-01-25 15:06 - 2014-01-25 15:06 - 00001109 _____ C:\Users\Jodi\Downloads\fixlist.txt - Shortcut.lnk
2014-01-25 15:04 - 2014-01-25 15:04 - 00001115 _____ C:\Users\Jodi\Desktop\fixlist.txt - Shortcut.lnk
2014-01-25 10:43 - 2013-10-29 11:49 - 00034145 _____ C:\Users\Jodi\Downloads\FRST.txt
2014-01-25 10:39 - 2014-01-25 15:14 - 02077696 _____ (Farbar) C:\Users\Jodi\Documents\FRST64 (1).exe
2014-01-25 10:39 - 2014-01-25 10:39 - 02077696 _____ (Farbar) C:\Users\Jodi\Downloads\FRST64 (1).exe
2014-01-25 10:15 - 2013-01-19 19:00 - 00058410 _____ C:\Windows\SysWOW64\AppLog.log
2014-01-25 10:04 - 2013-01-21 17:13 - 00000320 _____ C:\Windows\Tasks\DMDefragSchedule.job
2014-01-24 18:00 - 2014-01-24 17:26 - 00000462 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2014-01-24 18:00 - 2014-01-24 12:26 - 00000478 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (2).exe
2014-01-24 17:30 - 2014-01-24 17:30 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup (1).exe
2014-01-24 17:26 - 2014-01-24 17:26 - 00003124 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2014-01-24 17:26 - 2014-01-24 17:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\ProgramData\SparkTrust
2014-01-24 17:25 - 2014-01-24 17:25 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2014-01-24 17:24 - 2014-01-24 17:24 - 05955760 _____ (SparkTrust) C:\Users\Jodi\Downloads\SparkTrust PC Cleaner Plus Setup.exe
2014-01-24 12:39 - 2013-10-28 13:26 - 00096836 _____ C:\Users\Jodi\Downloads\OTL.Txt
2014-01-24 12:27 - 2014-01-24 12:27 - 00003140 _____ C:\Windows\System32\Tasks\PC Utility Kit Registration3
2014-01-24 12:26 - 2014-01-24 12:26 - 05395448 _____ (Red Dog Media) C:\Users\Jodi\Downloads\PC Utility Kit Installer.exe
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\ProgramData\PC Utility Kit
2014-01-24 12:26 - 2014-01-24 12:26 - 00000000 ____D C:\Program Files (x86)\PC Utility Kit
2014-01-24 12:24 - 2014-01-24 12:24 - 00156815 _____ C:\Users\Jodi\Downloads\sitemap_topics_28.xml.gz
2014-01-24 12:24 - 2014-01-24 12:24 - 00152621 _____ C:\Users\Jodi\Downloads\sitemap_topics_25.xml.gz
2014-01-22 10:00 - 2013-01-06 18:42 - 00000000 ____D C:\Users\Kevi
2014-01-21 16:03 - 2013-09-10 08:32 - 00000000 ____D C:\Windows\Minidump
2014-01-21 16:03 - 2011-11-18 12:54 - 00287260 ____N C:\Windows\Minidump\012114-42198-01.dmp
2014-01-21 15:22 - 2013-11-26 13:12 - 00000000 ____D C:\Users\Jodi\AppData\Local\Unity
2014-01-21 15:21 - 2013-02-10 20:17 - 00008021 _____ C:\ProgramData\hpzinstall.log
2014-01-21 15:21 - 2011-11-18 11:11 - 00000000 ____D C:\Program Files (x86)\Hp
2014-01-21 11:05 - 2014-01-21 11:05 - 01133264 _____ C:\Users\Jodi\Downloads\MediaPlayerSetup.exe
2014-01-21 10:48 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Jodi\AppData\Roaming\Apple Computer
2014-01-21 10:47 - 2013-12-22 19:12 - 00000000 ____D C:\Users\Jodi\AppData\Local\Apple Computer
2014-01-21 10:46 - 2014-01-21 10:46 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iTunes
2014-01-21 10:46 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-21 10:46 - 2013-01-18 10:38 - 02196012 _____ C:\Windows\system32\Drivers\Cat.DB
2014-01-21 10:45 - 2014-01-21 10:45 - 00000000 ____D C:\Program Files\iPod
2014-01-21 10:45 - 2013-12-22 18:13 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-21 10:45 - 2013-12-22 18:12 - 00000000 ____D C:\ProgramData\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files\Bonjour
2014-01-21 10:44 - 2014-01-21 10:44 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-21 10:43 - 2014-01-21 10:41 - 100400976 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunes64Setup.exe
2014-01-21 10:40 - 2014-01-21 10:38 - 98633040 _____ (Apple Inc.) C:\Users\Jodi\Downloads\iTunesSetup.exe
2014-01-21 00:44 - 2014-01-04 22:05 - 02908160 _____ C:\Users\Jodi\s-1-5-21-3586771452-3940981147-1573822652-1000.rrr
2014-01-21 00:44 - 2014-01-04 22:05 - 00229376 _____ C:\Windows\system32\config\default.rrr
2014-01-21 00:44 - 2014-01-04 22:02 - 69140480 _____ C:\Windows\system32\config\software.rrr
2014-01-21 00:44 - 2013-10-06 13:08 - 05074944 _____ C:\Users\Kevi\s-1-5-21-3586771452-3940981147-1573822652-1003.rrr
2014-01-21 00:44 - 2012-06-24 16:36 - 00000000 ____D C:\Users\Jodi
2014-01-20 14:49 - 2013-01-05 23:35 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJODI-HP$
2014-01-20 14:49 - 2013-01-05 23:35 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForJODI-HP$.job
2014-01-15 20:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2014-01-15 17:25 - 2009-07-13 20:45 - 00310928 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 09:35 - 2013-01-05 23:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 09:34 - 2013-07-16 14:23 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 09:33 - 2013-01-18 14:26 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-27 10:01 - 2012-11-24 14:15 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJodi
2013-12-27 10:01 - 2012-11-24 14:15 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForJodi.job
2013-12-26 14:57 - 2013-12-22 19:26 - 00917504 ____R C:\Users\Public\Documents\ESBK.mbb
2013-12-26 14:57 - 2013-12-22 19:26 - 00600064 ____R C:\Users\Public\Documents\ESBK.mb

Some content of TEMP:
====================
C:\Users\Jodi\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-19 15:15

==================== End Of Log ============================

#12
emeraldnzl

Posted 26 January 2014 - 01:19 AM

GeekU Instructor

GeekU Moderator
20,051 posts

I take it that the Addition.txt one is coming?

#13
Jodibfp

Posted 26 January 2014 - 11:58 AM

Member

Topic Starter
Member
29 posts

I thought I sent it with the last reply. I ll try to send it again.Sorry.

#14
Jodibfp

Posted 26 January 2014 - 11:59 AM

Member

Topic Starter
Member
29 posts

I think this is the one your missing. Addition.txtAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2014 01
Ran by Jodi at 2014-01-25 22:17:38
Running from C:\Users\Jodi\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: PC Tools Internet Security Anti-Virus (Enabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PC Tools Internet Security Anti-Spyware (Enabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
FW: PC Tools Internet Security Firewall (Enabled) {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU Version: 11,2,385,0 - Adobe Systems Incorporated)
Adobe Connect MOC Add-in (x32 Version: 1.0.0 - Adobe)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcadeFrontier (HKCU Version: - ArcadeFrontier)
ATI Catalyst Install Manager (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bing Bar (x32 Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (x32 Version: 1.2.126.0 - Microsoft Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CardRd81 (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.16.41755 - ATI) Hidden
CCHelp (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
CCScore (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CR2 (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden
ESSAdpt (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSANUP (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSBrwr (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCAM (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 4.00.0000.0102 - EASTMAN KODAK Company) Hidden
ESSCT (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
ESShelp (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 4.00.0000.0007 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSSONIC (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSTUTOR (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpaht (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpot (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (x32 Version: - )
FOREXTraderPro (HKCU Version: 3.1.0.143 - FOREXTraderPro)
Garmin Express (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HLPCCTR (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
HLPIndex (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
HLPPDOCK (x32 Version: 4.00.0000.0002 - EASTMAN KODAK Company) Hidden
HLPRFO (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP LinkUp (x32 Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.0 - Hewlett-Packard Company)
HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Essential 3.5 (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0 - HP)
HP Setup (x32 Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (Version: 4.51 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Support Assistant (x32 Version: 6.0.4.1 - Hewlett-Packard Company)
HP Support Information (x32 Version: 10.1.1000 - Hewlett-Packard)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (x32 Version: 1.8.70 - Verizon)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 40 (x32 Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak EasyShare software (x32 Version: - Eastman Kodak Company)
KSU (x32 Version: 632.62.0002.0001 - EASTMAN KODAK Company) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (x32 Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
Notifier (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
OTtBP (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
OTtBPSDK (x32 Version: 4.00.0000.0000 - EASTMAN KODAK Company) Hidden
PC Tools Internet Security 9.1 (x32 Version: 9.1 - PC Tools)
PC Tools Performance Toolkit 2.1 (x32 Version: 2.1 - PC Tools)
PC Utility Kit (x32 Version: 3.1.6.0 - Red Dog Media) <==== ATTENTION
PCDLNCH (x32 Version: 4.00.0000.0101 - EASTMAN KODAK Company) Hidden
PDF Complete Special Edition (x32 Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PressReader (x32 Version: 5.10.1217.0 - NewspaperDirect Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (x32 Version: 5.4.5 - Hewlett-Packard)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SFR (x32 Version: 3.03.0000.0001 - Eastman Kodak Company) Hidden
SFR2 (x32 Version: 3.03.0000.0002 - EASTMAN KODAK Company) Hidden
Slingo Supreme 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SparkTrust PC Cleaner Plus (x32 Version: 3.1.10.0 - SparkTrust) <==== ATTENTION
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TweakBit PCBooster (x32 Version: 1.3.1.16 - Auslogics Software Pty Ltd)
TweakBit PCSpeedUp (x32 Version: 1.4.0.20 - Auslogics Software Pty Ltd)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VCAMCEN (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Verizon Toolbar (x32 Version: 6.0.0.40 - Verizon and Visicom Media Inc.)
VPRINTOL (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Vz In-Home Agent (x32 Version: 9.0.35.0 - Verizon)
Web Protect for Windows (x32 Version: 3.28.33 - Web Protect)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (x32 Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)

==================== Restore Points =========================

19-01-2014 22:35:08 Created by PC Tools Performance Toolkit
20-01-2014 22:50:11 Created by PC Tools Performance Toolkit
21-01-2014 08:40:29 Created by PC Tools Performance Toolkit
21-01-2014 18:05:05 Created by PC Tools Performance Toolkit
21-01-2014 18:45:10 Installed iTunes
21-01-2014 23:16:55 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
21-01-2014 23:17:31 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
22-01-2014 18:01:51 Created by PC Tools Performance Toolkit
22-01-2014 19:17:30 Windows Update
23-01-2014 17:11:59 Created by PC Tools Performance Toolkit
24-01-2014 11:01:07 Created by PC Tools Performance Toolkit
25-01-2014 18:05:28 Created by PC Tools Performance Toolkit
26-01-2014 01:27:23 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09903AB7-A247-46A0-A261-B18649C17633} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {268512B6-86A5-4234-A7BF-C3DE5501AAFE} - System32\Tasks\PTAutoUpdate => C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe [2012-08-24] (PC Tools)
Task: {2B9303B1-577F-42B1-A66E-E3EEEFB631B4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {3217ECD3-B8F5-49AC-86E7-DD1B727B50C3} - System32\Tasks\{D56A4B04-B7D4-4B3A-81B2-7C8167E043B3} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2013-11-17] (Microsoft Corporation)
Task: {37BBEA67-577D-4879-A5C3-D160B5FC6A79} - System32\Tasks\HPCeeScheduleForJodi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {5F14974A-D301-4ADB-8A2E-FB0DDAB16C8B} - System32\Tasks\PTSchedule => C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe [2012-08-24] (PC Tools)
Task: {63A47C5B-76CD-4206-943D-184F6C49C7BB} - \AmiUpdXp No Task File
Task: {692EA836-10B2-470A-80E5-AFBD7EC40858} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {6FB5329E-BC21-4905-A8F4-FA56D3A69698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {75281922-2015-4597-A423-9074929FDCD8} - System32\Tasks\HPCeeScheduleForJODI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {87AB0A08-8142-414D-BC0B-8476C3574503} - System32\Tasks\{F7476653-B0B4-484B-A6E8-6B6612A072E3} => C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2004-08-11] (Eastman Kodak Company)
Task: {8D233DFD-D9C0-43FA-82DC-51F9729A06A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {9C8EE78D-5526-45DA-894D-F932A08FBA44} - System32\Tasks\TweakBit\PCSpeedUp\Start PCSpeedUp automatic scanning => C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe [2013-11-27] (TweakBit)
Task: {A27FA066-F66F-4AB9-B69C-EF19EFDACF82} - System32\Tasks\DMDefragSchedule => C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe [2012-08-24] ()
Task: {BAB84A1A-3AE8-4B85-A62B-0D4D02B6539E} - \LyricsContainer Update No Task File
Task: {C954062D-4722-43BF-8511-24F96192E0B8} - System32\Tasks\4571 => Wscript.exe C:\Users\Jodi\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {DA8BE265-8751-4BD4-9975-50245EA24035} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {F3E41831-D553-4706-AF73-CE007B54E387} - System32\Tasks\PC Utility Kit Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll" RunUns
Task: {F93762B9-3E2C-4A6A-ACD0-5B05C5C7E9EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-01-10] (Hewlett-Packard)
Task: {FD4992A6-8438-4619-8383-FE95D39C56C6} - System32\Tasks\{8FC64FEA-8775-4F38-9941-3E4C3F308264} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DMDefragSchedule.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\ScheduledDefrag.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJODI-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJodi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC Utility Kit Registration3.job => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll <==== ATTENTION
Task: C:\Windows\Tasks\PTAutoUpdate.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe
Task: C:\Windows\Tasks\SparkTrust Registration3.job => C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-06-30 00:14 - 2011-06-30 00:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-18 10:46 - 2012-10-23 17:40 - 00109688 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BSPatch.dll
2013-01-18 10:45 - 2012-11-01 15:34 - 00092792 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll
2013-01-18 10:45 - 2012-11-01 15:34 - 03983480 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\SMEngine.dll
2013-01-18 10:45 - 2012-11-01 15:34 - 00239736 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\DEClient.dll
2013-01-18 10:45 - 2012-11-01 15:34 - 00863864 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor\SMPlugin.dll
2013-01-18 10:45 - 2012-11-01 15:34 - 00377464 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\pctui\PCTUI.DLL
2014-01-25 15:47 - 2014-01-11 02:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-25 15:47 - 2014-01-11 02:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-25 15:47 - 2014-01-11 02:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-25 15:47 - 2014-01-11 02:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-25 15:47 - 2014-01-11 02:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-25 15:47 - 2014-01-11 02:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0D786AE3
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2014 11:17:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10686

Error: (01/22/2014 11:17:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10686

Error: (01/22/2014 11:17:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/22/2014 11:17:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9688

Error: (01/22/2014 11:17:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9688

Error: (01/22/2014 11:17:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/22/2014 11:17:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8690

Error: (01/22/2014 11:17:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8690

Error: (01/22/2014 11:17:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/22/2014 11:17:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7691

System errors:
=============
Error: (01/25/2014 09:40:03 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 09:38:32 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 09:38:32 PM) (Source: DCOM) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (01/25/2014 09:38:02 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 08:28:17 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 08:27:47 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 07:34:51 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 06:02:47 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 06:01:15 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/25/2014 06:01:15 PM) (Source: DCOM) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 3570.82 MB
Available physical RAM: 2138.91 MB
Total Pagefile: 7139.81 MB
Available Pagefile: 5180.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.67 GB) (Free:871.64 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 78366413)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#15
emeraldnzl

Posted 26 January 2014 - 01:57 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Jodibfp,

Please uninstall the following programs if they are there:

PC Utility Kit
SparkTrust PC Cleaner Plus

They are either fake or are unneccessary and can damage your machine.

Next

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Double click on ComboFix.exe & follow the prompts.
If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
Your desktop may go blank. This is normal.
ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

So when you return please post
Fixlog.txt
ComboFix.txt