Sounds good Ron.
Here come the logs...
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
FileDisk => Service deleted successfully.
esgiguard => Service deleted successfully.
wStLib64 => Service not found.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by JButler (administrator) on JBUTLER-HP on 23-04-2014 13:52:22
Running from C:\Users\JButler\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Commtouch, Inc.) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Commtouch, Inc.) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Manulife Financial) C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\JButler\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Facebook Inc.) C:\Users\JButler\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984736 2011-10-22] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-10-22] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-02] (IDT, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
HKLM-x32\...\Runonce: [SMRequiresRestart] - [X]
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Run: [DiamondView] => C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe [949760 2012-01-06] (Manulife Financial)
HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
Startup: C:\Users\JButler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyServer:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\JButler\AppData\Roaming\Mozilla\Firefox\Profiles\t4oi22eh.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\JButler\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: LavaFox V2-Blue - C:\Users\JButler\AppData\Roaming\Mozilla\Firefox\Profiles\t4oi22eh.default\Extensions\
[email protected] [2014-01-17]
FF Extension: WOT - C:\Users\JButler\AppData\Roaming\Mozilla\Firefox\Profiles\t4oi22eh.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-30]
Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\JButler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22]
CHR Extension: (IE Tab Multi (Enhance)) - C:\Users\JButler\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnfnbeppfinmnjnjhedifcfllpcfgeea [2014-04-22]
CHR Extension: (TweetDeck Launcher) - C:\Users\JButler\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\JButler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JButler\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-16]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [121696 2012-08-24] (Commtouch, Inc.)
R2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [119136 2012-08-24] (Commtouch, Inc.)
S3 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [181600 2012-08-24] (Commtouch, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-22] (Atheros)
==================== Drivers (Whitelisted) ====================
R2 AMP; C:\Windows\system32\Drivers\amp.sys [173408 2012-08-24] (Commtouch, Inc.)
R2 AMPSE; C:\Windows\system32\Drivers\ampse.sys [1504608 2012-08-24] (Commtouch, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-18] (EldoS Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-23 13:52 - 2014-04-23 13:52 - 00027965 _____ () C:\Users\JButler\Desktop\FRST.txt
2014-04-23 13:46 - 2014-04-23 13:46 - 04981160 _____ (Adobe Systems Inc.) C:\Users\JButler\Downloads\Shockwave_Installer_Slim.exe
2014-04-23 13:46 - 2014-04-23 13:46 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-04-23 13:43 - 2014-04-23 13:44 - 18134016 _____ (Adobe Systems Inc.) C:\Users\JButler\Downloads\AdobeAIRInstaller.exe
2014-04-23 13:42 - 2014-04-23 13:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 13:42 - 2014-04-23 13:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-23 13:42 - 2014-04-23 13:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-23 09:05 - 2014-04-23 09:07 - 00004633 _____ () C:\VEW.txt
2014-04-23 09:03 - 2014-04-23 09:03 - 00061440 _____ ( ) C:\Users\JButler\Desktop\VEW.exe
2014-04-22 12:55 - 2014-04-22 12:55 - 01016754 _____ () C:\Users\JButler\Downloads\AdobeFlashPopupconstantlyonmyLaptoppageNumber-VirusSpywareMalwareRemoval.html
2014-04-22 11:24 - 2014-04-22 12:14 - 00296094 _____ () C:\Users\JButler\Desktop\Post.txt
2014-04-22 11:04 - 2014-04-23 13:52 - 00000000 ____D () C:\FRST
2014-04-22 10:20 - 2014-04-22 10:20 - 02061312 _____ (Farbar) C:\Users\JButler\Desktop\FRST64.exe
2014-04-22 10:01 - 2014-04-22 10:01 - 01016261 _____ (Thisisu) C:\Users\JButler\Desktop\JRT.exe
2014-04-22 09:59 - 2014-04-22 09:59 - 01335637 _____ () C:\Users\JButler\Desktop\AdwCleaner.exe
2014-04-22 09:42 - 2014-04-22 09:42 - 00000000 ____D () C:\_OTL
2014-04-22 09:40 - 2014-04-23 09:01 - 00263008 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-21 11:54 - 2014-04-21 11:54 - 00602112 _____ (OldTimer Tools) C:\Users\JButler\Desktop\OTL.scr
2014-04-21 11:17 - 2014-03-06 02:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-21 11:17 - 2014-03-06 02:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-21 11:17 - 2014-03-06 02:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-21 11:17 - 2014-03-06 01:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-21 11:16 - 2014-03-06 04:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-21 11:16 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-21 11:16 - 2014-03-06 03:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-21 11:16 - 2014-03-06 03:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-21 11:16 - 2014-03-06 02:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-21 11:16 - 2014-03-06 02:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-21 11:16 - 2014-03-06 02:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-21 11:16 - 2014-03-06 02:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-21 11:16 - 2014-03-06 02:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-21 11:16 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-21 11:16 - 2014-03-06 02:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-21 11:16 - 2014-03-06 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-21 11:16 - 2014-03-06 02:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-21 11:16 - 2014-03-06 02:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-21 11:16 - 2014-03-06 02:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-21 11:16 - 2014-03-06 02:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-21 11:16 - 2014-03-06 02:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-21 11:16 - 2014-03-06 02:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-21 11:16 - 2014-03-06 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-21 11:16 - 2014-03-06 01:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-21 11:16 - 2014-03-06 01:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-21 11:16 - 2014-03-06 01:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-21 11:16 - 2014-03-06 01:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-21 11:16 - 2014-03-06 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-21 11:16 - 2014-03-06 01:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-21 11:16 - 2014-03-06 01:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-21 11:16 - 2014-03-06 01:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-21 11:16 - 2014-03-06 01:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-21 11:16 - 2014-03-06 01:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-21 11:16 - 2014-03-06 01:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-21 11:16 - 2014-03-06 01:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-21 11:16 - 2014-03-06 01:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-21 11:16 - 2014-03-06 01:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-21 11:16 - 2014-03-06 01:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-21 11:16 - 2014-03-06 00:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-21 11:16 - 2014-03-06 00:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-21 11:16 - 2014-03-06 00:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-21 11:16 - 2014-03-06 00:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-21 11:16 - 2014-03-06 00:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-21 11:16 - 2014-03-05 23:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-21 11:16 - 2014-03-05 23:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-21 11:16 - 2014-03-05 23:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-21 11:16 - 2014-03-05 23:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-21 11:16 - 2014-03-05 23:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-17 13:05 - 2014-04-17 13:05 - 13656402 _____ (Macrovision Corporation) C:\Users\JButler\Downloads\Envision-9-3-update.exe
2014-04-17 12:51 - 2014-04-17 12:51 - 00000460 _____ () C:\Users\JButler\Documents\AIBRIDGE.NIS
2014-04-17 11:19 - 2014-04-17 11:19 - 00921512 _____ (Oracle Corporation) C:\Users\JButler\Downloads\chromeinstall-7u55 (1).exe
2014-04-17 11:16 - 2014-04-17 11:15 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 11:13 - 2014-04-17 11:13 - 00921512 _____ (Oracle Corporation) C:\Users\JButler\Downloads\chromeinstall-7u55.exe
2014-04-14 09:59 - 2014-04-23 09:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-09 11:45 - 2014-04-09 11:45 - 00012415 _____ () C:\Users\JButler\Desktop\2013 Stampede Breakfast Expenses.xlsx
2014-04-09 10:19 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:19 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 10:19 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 10:19 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 10:19 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 10:19 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 10:19 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 10:19 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 10:19 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 10:19 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 10:19 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 10:18 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:18 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:18 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:18 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:18 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 10:18 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-26 10:52 - 2014-03-26 10:55 - 00011543 _____ () C:\Users\JButler\Desktop\2013 Expenses.xlsx
==================== One Month Modified Files and Folders =======
2014-04-23 13:53 - 2014-04-23 13:52 - 00027965 _____ () C:\Users\JButler\Desktop\FRST.txt
2014-04-23 13:52 - 2014-04-22 11:04 - 00000000 ____D () C:\FRST
2014-04-23 13:47 - 2012-04-03 22:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 13:46 - 2014-04-23 13:46 - 04981160 _____ (Adobe Systems Inc.) C:\Users\JButler\Downloads\Shockwave_Installer_Slim.exe
2014-04-23 13:46 - 2014-04-23 13:46 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-04-23 13:44 - 2014-04-23 13:43 - 18134016 _____ (Adobe Systems Inc.) C:\Users\JButler\Downloads\AdobeAIRInstaller.exe
2014-04-23 13:44 - 2011-05-17 13:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-23 13:42 - 2014-04-23 13:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 13:42 - 2014-04-23 13:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-23 13:42 - 2014-04-23 13:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-23 13:42 - 2011-10-06 17:30 - 00000000 ____D () C:\Users\JButler\AppData\Local\Adobe
2014-04-23 12:59 - 2012-09-28 14:01 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 12:05 - 2011-09-08 06:59 - 01265099 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 10:25 - 2011-10-06 16:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68809F62-1306-49BA-99C4-8BAF2943F43D}
2014-04-23 09:51 - 2009-07-13 22:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 09:51 - 2009-07-13 22:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 09:47 - 2014-04-14 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 09:47 - 2014-03-19 13:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-23 09:47 - 2012-10-22 12:36 - 00000000 ____D () C:\Users\JButler\Documents\SST
2014-04-23 09:47 - 2011-11-18 16:20 - 00000000 ____D () C:\Program Files (x86)\Insync26
2014-04-23 09:47 - 2011-10-10 00:26 - 00000000 ____D () C:\Users\JButler\AppData\Local\CrashDumps
2014-04-23 09:07 - 2014-04-23 09:05 - 00004633 _____ () C:\VEW.txt
2014-04-23 09:03 - 2014-04-23 09:03 - 00061440 _____ ( ) C:\Users\JButler\Desktop\VEW.exe
2014-04-23 09:01 - 2014-04-22 09:40 - 00263008 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-23 08:33 - 2012-09-28 14:01 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-23 08:28 - 2011-10-24 12:00 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-04-23 08:28 - 2009-07-13 23:13 - 00801138 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 08:25 - 2012-06-22 15:59 - 00000000 ____D () C:\Users\JButler\AppData\Roaming\Dropbox
2014-04-22 15:00 - 2012-06-22 16:01 - 00000000 ___RD () C:\Users\JButler\Dropbox
2014-04-22 15:00 - 2004-10-19 14:30 - 00000172 _____ () C:\Windows\Maritimelife.ini
2014-04-22 14:59 - 2013-10-10 13:16 - 00000408 _____ () C:\Windows\SysWOW64\iolo.ini
2014-04-22 14:59 - 2013-10-10 13:16 - 00000408 _____ () C:\Windows\system32\iolo.ini
2014-04-22 14:59 - 2013-10-10 13:16 - 00000392 _____ () C:\Windows\SysWOW64\iolo.ini.txt
2014-04-22 14:58 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 14:58 - 2009-07-13 22:51 - 00145667 _____ () C:\Windows\setupact.log
2014-04-22 12:55 - 2014-04-22 12:55 - 01016754 _____ () C:\Users\JButler\Downloads\AdobeFlashPopupconstantlyonmyLaptoppageNumber-VirusSpywareMalwareRemoval.html
2014-04-22 12:14 - 2014-04-22 11:24 - 00296094 _____ () C:\Users\JButler\Desktop\Post.txt
2014-04-22 10:20 - 2014-04-22 10:20 - 02061312 _____ (Farbar) C:\Users\JButler\Desktop\FRST64.exe
2014-04-22 10:13 - 2014-02-13 18:44 - 00000000 ____D () C:\AdwCleaner
2014-04-22 10:01 - 2014-04-22 10:01 - 01016261 _____ (Thisisu) C:\Users\JButler\Desktop\JRT.exe
2014-04-22 09:59 - 2014-04-22 09:59 - 01335637 _____ () C:\Users\JButler\Desktop\AdwCleaner.exe
2014-04-22 09:47 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 09:44 - 2011-10-07 11:39 - 00000000 ____D () C:\Desjardins
2014-04-22 09:42 - 2014-04-22 09:42 - 00000000 ____D () C:\_OTL
2014-04-21 11:54 - 2014-04-21 11:54 - 00602112 _____ (OldTimer Tools) C:\Users\JButler\Desktop\OTL.scr
2014-04-21 11:22 - 2012-09-03 15:10 - 00000000 ____D () C:\ProgramData\Leapfrog
2014-04-21 11:21 - 2011-10-07 12:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 11:19 - 2012-09-03 15:10 - 00000000 ____D () C:\Program Files (x86)\LeapFrog
2014-04-21 11:16 - 2011-11-04 17:38 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-21 11:16 - 2011-10-07 11:10 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-21 11:12 - 2013-08-21 10:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-21 11:07 - 2011-10-06 17:35 - 00000000 ___RD () C:\Users\JButler\Desktop\Utilities
2014-04-21 11:06 - 2011-10-09 00:03 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-21 11:03 - 2013-08-24 13:27 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJButler
2014-04-21 11:03 - 2013-08-24 13:27 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJButler.job
2014-04-17 15:11 - 2012-04-25 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 15:11 - 2010-11-20 21:47 - 00999352 _____ () C:\Windows\PFRO.log
2014-04-17 15:10 - 2009-07-13 20:34 - 00000935 _____ () C:\Windows\win.ini
2014-04-17 13:08 - 2012-12-17 11:36 - 00006006 _____ () C:\Users\JButler\Documents\MLTMTRA.DAT
2014-04-17 13:06 - 2012-10-12 11:38 - 00000097 _____ () C:\Windows\fdpxld.ini
2014-04-17 13:06 - 2012-10-12 11:37 - 00000000 ____D () C:\Program Files (x86)\illustrate inc
2014-04-17 13:06 - 2012-10-12 11:37 - 00000000 ____D () C:\Program Files (x86)\Empire
2014-04-17 13:05 - 2014-04-17 13:05 - 13656402 _____ (Macrovision Corporation) C:\Users\JButler\Downloads\Envision-9-3-update.exe
2014-04-17 13:04 - 2012-12-17 11:36 - 00011719 _____ () C:\Users\JButler\Documents\MLTMTRA1.DAT
2014-04-17 12:57 - 2012-10-22 12:36 - 00009654 _____ () C:\Users\JButler\Documents\GWSHTRA.DAT
2014-04-17 12:57 - 2012-10-22 12:36 - 00008690 _____ () C:\Users\JButler\Documents\GWTMTRA.DAT
2014-04-17 12:55 - 2012-05-30 12:00 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-04-17 12:54 - 2012-02-10 14:24 - 00000000 ____D () C:\Users\JButler\AppData\Local\Downloaded Installations
2014-04-17 12:51 - 2014-04-17 12:51 - 00000460 _____ () C:\Users\JButler\Documents\AIBRIDGE.NIS
2014-04-17 12:51 - 2013-01-24 10:28 - 00004273 _____ () C:\Users\JButler\Documents\AIWVTRA.DAT
2014-04-17 12:51 - 2012-05-30 11:56 - 00000029 _____ () C:\Windows\MLI.INI
2014-04-17 12:39 - 2011-10-07 11:39 - 00000914 _____ () C:\Windows\Partenai.log
2014-04-17 12:35 - 2011-10-07 11:39 - 00000000 ____D () C:\repres
2014-04-17 11:19 - 2014-04-17 11:19 - 00921512 _____ (Oracle Corporation) C:\Users\JButler\Downloads\chromeinstall-7u55 (1).exe
2014-04-17 11:17 - 2013-09-26 19:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 11:15 - 2014-04-17 11:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 11:15 - 2014-04-17 11:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 11:13 - 2014-04-17 11:13 - 00921512 _____ (Oracle Corporation) C:\Users\JButler\Downloads\chromeinstall-7u55.exe
2014-04-15 13:55 - 2011-10-06 16:07 - 00000000 ___RD () C:\Users\JButler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 13:28 - 2014-03-03 13:23 - 00000000 ____D () C:\Users\JButler\Desktop\JavaRa-2.5
2014-04-14 13:18 - 2013-04-22 13:37 - 00000000 ____D () C:\Users\JButler\Documents\Personal
2014-04-14 13:16 - 2011-10-31 10:53 - 00000000 ____D () C:\Users\JButler\Documents\Google Talk Received Files
2014-04-14 09:59 - 2014-02-19 14:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-04-09 11:45 - 2014-04-09 11:45 - 00012415 _____ () C:\Users\JButler\Desktop\2013 Stampede Breakfast Expenses.xlsx
2014-04-03 11:17 - 2009-07-13 22:45 - 00514944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 11:16 - 2012-07-31 11:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 11:16 - 2012-07-31 11:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-02 14:09 - 2013-11-24 18:14 - 00000000 ____D () C:\Program Files (x86)\CIMS.Net
2014-03-31 09:35 - 2010-11-20 21:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-27 07:54 - 2012-09-28 14:01 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 07:54 - 2012-09-28 14:01 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 10:55 - 2014-03-26 10:52 - 00011543 _____ () C:\Users\JButler\Desktop\2013 Expenses.xlsx
2014-03-24 11:27 - 2014-03-13 19:56 - 00012377 _____ () C:\Users\JButler\Desktop\Larry Smith Retirement.xlsx
2014-03-24 09:27 - 2012-05-30 11:57 - 00000000 ____D () C:\Users\JButler\Desktop\SE EDA
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-06 19:41
==================== End Of Log ============================