FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Bowplus (administrator) on CBSTOSH on 07-08-2014 12:02:41
Running from C:\Users\Bowplus\Desktop\PC Repair Tools
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1569536 2014-08-05] (Bitdefender)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [814064 2014-08-05] (Bitdefender)
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {2F436636-E538-4692-912F-207099FB0E90} URL = http://www.bing.com/...=IE11TR&pc=TNJB
SearchScopes: HKCU - {2F436636-E538-4692-912F-207099FB0E90} URL =
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Bowplus\AppData\Roaming\Mozilla\Firefox\Profiles\far87mnr.default-1407361548559
FF Homepage: hxxp://www.memotoo.com/
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-07-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-06-06] (Bitdefender)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-06-12] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-08-05] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2013-07-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291032 2013-11-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-10] (Windows ® Win 7 DDK provider)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
U0 SR;
U2 srservice;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-07 12:02 - 2014-08-07 12:02 - 00000000 ____D () C:\FRST
2014-08-07 12:01 - 2014-08-07 12:01 - 05185536 _____ (AVAST Software) C:\Users\Bowplus\Downloads\aswmbr.exe
2014-08-07 11:59 - 2014-08-07 11:59 - 02094080 _____ (Farbar) C:\Users\Bowplus\Downloads\FRST64.exe
2014-08-07 10:50 - 2014-08-07 10:50 - 00001424 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sfc.exe.lnk
2014-08-07 09:05 - 2014-08-07 09:06 - 00000000 ____D () C:\B+Data
2014-08-06 17:25 - 2014-08-06 17:42 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Rescue RC - d2b29833-16cd-4316-9494-9e33219ff49c
2014-08-06 15:30 - 2014-08-06 15:30 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (5).lnk
2014-08-06 15:26 - 2014-08-06 15:26 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (4).lnk
2014-08-06 15:22 - 2014-08-06 15:22 - 01475072 _____ () C:\Users\Bowplus\Downloads\adwcleaner_3.303.exe
2014-08-06 15:04 - 2014-08-06 15:04 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Rescue.lnk
2014-08-06 13:59 - 2014-08-07 08:54 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\LogMeIn Rescue Applet
2014-08-06 13:59 - 2014-08-06 13:59 - 01528640 _____ (LogMeIn, Inc.) C:\Users\Bowplus\Downloads\Support-LogMeInRescue(1).exe
2014-08-06 13:59 - 2014-08-06 13:59 - 00002280 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (3).lnk
2014-08-06 12:23 - 2014-08-06 12:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-06 12:04 - 2014-08-06 12:27 - 00014498 _____ () C:\zoek-results.log
2014-08-06 12:02 - 2014-08-06 12:20 - 00000000 ____D () C:\zoek_backup
2014-08-06 12:01 - 2014-08-06 12:01 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\bdch
2014-08-06 12:01 - 2014-08-06 12:01 - 00000000 ____D () C:\ProgramData\bdch
2014-08-06 11:28 - 2014-08-06 11:28 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 11:02 - 2014-08-06 15:28 - 00001846 _____ () C:\Windows\PFRO.log
2014-08-06 11:01 - 2014-08-06 11:01 - 00000000 ____D () C:\_OTL
2014-08-06 11:00 - 2014-08-06 11:00 - 01288704 _____ () C:\Users\Bowplus\Downloads\zoek.exe
2014-08-06 10:59 - 2014-08-06 10:59 - 01016261 _____ (Thisisu) C:\Users\Bowplus\Downloads\JRT.exe
2014-08-06 10:57 - 2014-08-06 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\Bowplus\Downloads\OTL.exe
2014-08-06 10:55 - 2014-08-06 10:55 - 00854410 _____ () C:\Users\Bowplus\Downloads\SecurityCheck.exe
2014-08-05 17:03 - 2014-08-05 17:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-08-05 17:02 - 2014-08-05 17:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-05 17:01 - 2014-08-05 17:02 - 11188736 _____ (SurfRight B.V.) C:\Users\Bowplus\Downloads\HitmanPro_x64.exe
2014-08-05 16:57 - 2014-08-07 12:02 - 00000000 ___RD () C:\Users\Bowplus\Desktop\PC Repair Tools
2014-08-05 16:41 - 2014-08-06 15:25 - 00000000 ____D () C:\AdwCleaner
2014-08-05 16:41 - 2014-08-05 16:41 - 01361309 _____ () C:\Users\Bowplus\Downloads\adwcleaner_3.302.exe
2014-08-05 16:12 - 2014-08-06 13:01 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-08-05 16:11 - 2014-08-05 16:11 - 00753184 _____ () C:\Users\Bowplus\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-05 15:24 - 2014-08-05 15:39 - 00000000 ____D () C:\Flood-Backup
2014-08-04 14:18 - 2014-08-04 15:26 - 00000000 ___RD () C:\Users\Bowplus\Desktop\Scan
2014-07-31 17:02 - 2014-07-31 17:02 - 00004952 _____ () C:\Users\Bowplus\Downloads\google-Ruben-Munoz.csv
2014-07-30 13:09 - 2014-07-30 13:09 - 00001095 _____ () C:\Windows\setupact.log
2014-07-30 13:09 - 2014-07-30 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-29 14:34 - 2014-07-29 14:34 - 00921135 _____ () C:\Users\Bowplus\Downloads\yahoo_contacts.csv
2014-07-29 12:08 - 2014-07-29 12:37 - 00000000 ___HD () C:\Backup Files
2014-07-29 10:13 - 2014-07-29 10:13 - 01545711 _____ () C:\Users\Bowplus\Downloads\contacts-all-CURRENT-notGoogle.csv
2014-07-29 10:12 - 2014-07-29 10:12 - 03457000 _____ () C:\Users\Bowplus\Downloads\google-all-CURRENT.csv
2014-07-29 09:55 - 2014-07-29 09:55 - 03455044 _____ () C:\Users\Bowplus\Downloads\google-all-(14-07-29@9am).csv
2014-07-29 09:23 - 2014-07-29 09:23 - 03230050 _____ () C:\Users\Bowplus\Downloads\google-all-INCOMPLETE.csv
2014-07-28 14:33 - 2014-07-29 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-28 14:33 - 2014-07-29 11:36 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-28 14:32 - 2014-07-28 14:32 - 01376768 _____ () C:\Users\Bowplus\Downloads\7z920-x64.msi
2014-07-28 13:08 - 2014-07-28 13:08 - 03455044 _____ () C:\Users\Bowplus\Downloads\google-all-latest.csv
2014-07-25 22:54 - 2014-07-25 22:54 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Adobe
2014-07-25 16:25 - 2014-07-25 16:28 - 03400514 _____ () C:\Users\Bowplus\Downloads\google-mycontacts.csv
2014-07-25 16:25 - 2014-07-25 16:25 - 03422034 _____ () C:\Users\Bowplus\Downloads\google-all.csv
2014-07-22 09:37 - 2014-07-22 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 15:17 - 2014-07-21 15:17 - 00000000 ____H () C:\Users\Bowplus\Documents\Default.rdp
2014-07-16 13:13 - 2014-08-06 11:01 - 00000000 ____D () C:\Users\Bowplus\AppData\Temp
2014-07-15 20:03 - 2014-07-15 20:03 - 00000385 _____ () C:\Users\Bowplus\AppData\Roaminguser_gensett.xml
2014-07-15 20:01 - 2014-07-15 20:01 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-07-15 16:24 - 2014-07-15 16:24 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-07-15 15:55 - 2014-07-15 15:55 - 00660470 _____ () C:\ProgramData\1405460800.bdinstall.bin
2014-07-15 15:54 - 2014-07-15 16:13 - 00000000 ____D () C:\ProgramData\BDLogging
2014-07-15 15:54 - 2014-07-15 15:54 - 00002224 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-07-15 15:54 - 2014-07-15 15:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-07-15 15:54 - 2014-07-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-07-15 15:54 - 2013-12-02 12:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-07-15 15:54 - 2013-12-02 12:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-07-15 15:54 - 2013-11-19 15:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2014-07-15 15:54 - 2013-11-04 16:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-07-15 15:54 - 2013-11-04 16:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-07-15 15:54 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2014-07-15 15:54 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-07-15 15:54 - 2013-07-17 19:31 - 00261496 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-07-15 15:54 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-07-15 15:50 - 2014-07-15 16:13 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\Bitdefender
2014-07-15 15:46 - 2014-07-15 15:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-07-15 15:46 - 2014-07-15 15:50 - 00000000 ____D () C:\Program Files\Bitdefender
2014-07-15 15:46 - 2014-07-15 15:46 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\QuickScan
2014-07-15 15:46 - 2013-11-04 16:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-07-15 15:46 - 2013-11-04 16:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-07-15 15:46 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-07-15 15:46 - 2013-08-07 13:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-07-15 15:37 - 2014-07-15 15:46 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-07-15 15:36 - 2014-07-15 15:36 - 06770080 _____ () C:\Users\Bowplus\Downloads\bitdefender_tsecurity.exe
2014-07-14 16:53 - 2014-07-14 16:53 - 00001766 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-14 16:53 - 2014-07-14 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-14 16:52 - 2014-07-14 16:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-14 16:52 - 2014-07-14 16:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-14 16:52 - 2014-07-14 16:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-14 16:52 - 2014-07-14 16:52 - 00000000 ____D () C:\Program Files\iPod
2014-07-14 16:21 - 2014-07-14 16:21 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Bowplus\Downloads\mbam-setup(1).exe
2014-07-14 16:17 - 2014-07-14 16:17 - 00000000 ____D () C:\Users\Bowplus\Documents\Autoruns
2014-07-14 16:08 - 2014-07-14 16:08 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (2).lnk
2014-07-14 15:18 - 2014-08-06 15:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 15:17 - 2014-07-14 15:23 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-14 15:17 - 2014-07-14 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 15:17 - 2014-07-14 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-14 15:17 - 2014-07-14 15:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 15:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-14 15:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-14 15:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-14 15:16 - 2014-07-14 15:16 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Bowplus\Downloads\mbam-setup.exe
2014-07-14 15:09 - 2014-07-14 15:09 - 00002280 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2014-07-14 15:08 - 2014-07-14 15:08 - 01528640 _____ (LogMeIn, Inc.) C:\Users\Bowplus\Downloads\Support-LogMeInRescue.exe
2014-07-14 14:23 - 2014-08-06 18:24 - 00064512 ___SH () C:\Users\Bowplus\Downloads\Thumbs.db
2014-07-09 13:05 - 2014-06-16 16:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 13:05 - 2014-06-16 16:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:05 - 2014-06-06 08:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:05 - 2014-05-29 21:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 13:05 - 2014-05-29 06:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-09 13:05 - 2014-05-29 01:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-09 13:05 - 2014-05-29 00:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-09 13:05 - 2014-05-29 00:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-09 13:05 - 2014-05-28 23:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-09 13:05 - 2014-05-28 23:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:04 - 2014-06-18 19:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:04 - 2014-06-18 18:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:04 - 2014-06-18 18:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 13:04 - 2014-06-18 18:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:04 - 2014-06-18 17:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:04 - 2014-06-18 17:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:04 - 2014-06-18 17:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:04 - 2014-06-18 17:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:04 - 2014-06-18 17:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:04 - 2014-06-18 17:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:04 - 2014-06-18 17:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 13:04 - 2014-06-18 17:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:04 - 2014-06-18 17:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 13:04 - 2014-06-18 16:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 13:04 - 2014-06-18 16:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:04 - 2014-06-18 16:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 13:04 - 2014-06-18 16:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 13:04 - 2014-06-18 16:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 13:04 - 2014-06-18 16:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:04 - 2014-06-18 16:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 13:04 - 2014-06-18 16:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 13:04 - 2014-06-18 16:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 13:04 - 2014-06-18 16:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:04 - 2014-06-18 16:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 13:04 - 2014-06-18 16:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 13:04 - 2014-06-18 16:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 13:04 - 2014-06-18 16:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-08 15:53 - 2014-07-08 15:53 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\Apple Computer
2014-07-08 15:53 - 2014-07-08 15:53 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Apple Computer
2014-07-08 15:53 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-08 15:52 - 2014-07-14 16:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-08 15:51 - 2014-07-08 15:51 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Apple
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-08 15:50 - 2014-07-08 15:51 - 00000000 ____D () C:\ProgramData\Apple
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-08 15:45 - 2014-07-08 15:47 - 112616784 _____ (Apple Inc.) C:\Users\Bowplus\Downloads\iTunes64Setup.exe
2014-07-08 15:41 - 2014-08-07 12:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-08 15:41 - 2014-07-08 15:41 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 15:41 - 2014-07-08 15:41 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Macromedia
2014-07-08 14:05 - 2014-08-07 12:00 - 01757135 _____ () C:\Windows\WindowsUpdate.log
2014-07-08 14:05 - 2014-04-13 21:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-08 13:40 - 2014-07-08 13:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-08 13:40 - 2014-07-08 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-08 13:40 - 2014-07-08 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-08 13:39 - 2014-02-22 11:26 - 04721920 _____ (Piriform Ltd) C:\Users\Bowplus\Downloads\ccsetup410.exe
2014-07-08 13:35 - 2014-06-06 07:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-08 13:35 - 2014-06-06 06:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-08 13:35 - 2014-05-31 04:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-08 13:35 - 2014-05-31 04:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-08 13:35 - 2014-05-30 21:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-08 13:35 - 2014-05-30 21:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-08 13:35 - 2014-05-30 21:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 13:35 - 2014-05-30 21:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-08 13:35 - 2014-05-30 21:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-08 13:35 - 2014-05-30 21:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 13:35 - 2014-05-30 20:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-08 13:35 - 2014-05-30 20:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-08 13:35 - 2014-05-30 20:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-08 13:35 - 2014-05-30 20:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-08 13:35 - 2014-05-30 20:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-08 13:35 - 2014-05-30 20:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-08 13:35 - 2014-05-30 20:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-08 13:31 - 2014-07-08 13:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-08 13:16 - 2014-08-06 13:11 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\lptmp1170911795
2014-07-08 13:15 - 2014-07-15 20:00 - 00000000 ____D () C:\Program Files\Webroot
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-07 12:02 - 2014-08-07 12:02 - 00000000 ____D () C:\FRST
2014-08-07 12:02 - 2014-08-05 16:57 - 00000000 ___RD () C:\Users\Bowplus\Desktop\PC Repair Tools
2014-08-07 12:01 - 2014-08-07 12:01 - 05185536 _____ (AVAST Software) C:\Users\Bowplus\Downloads\aswmbr.exe
2014-08-07 12:00 - 2014-07-08 15:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-07 12:00 - 2014-07-08 14:05 - 01757135 _____ () C:\Windows\WindowsUpdate.log
2014-08-07 12:00 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-07 11:59 - 2014-08-07 11:59 - 02094080 _____ (Farbar) C:\Users\Bowplus\Downloads\FRST64.exe
2014-08-07 11:46 - 2014-04-18 13:31 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-07 10:50 - 2014-08-07 10:50 - 00001424 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sfc.exe.lnk
2014-08-07 09:16 - 2014-06-13 06:37 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-696741958-2862974563-846841340-1001
2014-08-07 09:06 - 2014-08-07 09:05 - 00000000 ____D () C:\B+Data
2014-08-07 08:58 - 2014-06-17 21:09 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 08:58 - 2014-06-13 06:32 - 00001366 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-07 08:54 - 2014-08-06 13:59 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\LogMeIn Rescue Applet
2014-08-07 08:54 - 2014-06-17 09:28 - 00000000 __RDO () C:\Users\Bowplus\OneDrive
2014-08-07 08:53 - 2014-04-18 13:31 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-06 18:24 - 2014-07-14 14:23 - 00064512 ___SH () C:\Users\Bowplus\Downloads\Thumbs.db
2014-08-06 17:42 - 2014-08-06 17:25 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Rescue RC - d2b29833-16cd-4316-9494-9e33219ff49c
2014-08-06 17:24 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 17:23 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-06 15:51 - 2014-07-14 15:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-06 15:30 - 2014-08-06 15:30 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (5).lnk
2014-08-06 15:28 - 2014-08-06 11:02 - 00001846 _____ () C:\Windows\PFRO.log
2014-08-06 15:26 - 2014-08-06 15:26 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (4).lnk
2014-08-06 15:25 - 2014-08-05 16:41 - 00000000 ____D () C:\AdwCleaner
2014-08-06 15:22 - 2014-08-06 15:22 - 01475072 _____ () C:\Users\Bowplus\Downloads\adwcleaner_3.303.exe
2014-08-06 15:04 - 2014-08-06 15:04 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Rescue.lnk
2014-08-06 15:02 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-06 13:59 - 2014-08-06 13:59 - 01528640 _____ (LogMeIn, Inc.) C:\Users\Bowplus\Downloads\Support-LogMeInRescue(1).exe
2014-08-06 13:59 - 2014-08-06 13:59 - 00002280 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (3).lnk
2014-08-06 13:11 - 2014-07-08 13:16 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\lptmp1170911795
2014-08-06 13:06 - 2014-06-26 12:04 - 00073728 ___SH () C:\Users\Bowplus\Desktop\Thumbs.db
2014-08-06 13:01 - 2014-08-05 16:12 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-08-06 12:58 - 2014-06-17 13:08 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\CrashDumps
2014-08-06 12:53 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-06 12:27 - 2014-08-06 12:04 - 00014498 _____ () C:\zoek-results.log
2014-08-06 12:27 - 2014-06-13 06:29 - 00000000 ____D () C:\Users\Bowplus
2014-08-06 12:20 - 2014-08-06 12:02 - 00000000 ____D () C:\zoek_backup
2014-08-06 12:02 - 2014-08-06 12:23 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-06 12:01 - 2014-08-06 12:01 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\bdch
2014-08-06 12:01 - 2014-08-06 12:01 - 00000000 ____D () C:\ProgramData\bdch
2014-08-06 11:28 - 2014-08-06 11:28 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 11:01 - 2014-08-06 11:01 - 00000000 ____D () C:\_OTL
2014-08-06 11:01 - 2014-07-16 13:13 - 00000000 ____D () C:\Users\Bowplus\AppData\Temp
2014-08-06 11:01 - 2013-08-22 07:25 - 00000098 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-08-06 11:00 - 2014-08-06 11:00 - 01288704 _____ () C:\Users\Bowplus\Downloads\zoek.exe
2014-08-06 10:59 - 2014-08-06 10:59 - 01016261 _____ (Thisisu) C:\Users\Bowplus\Downloads\JRT.exe
2014-08-06 10:57 - 2014-08-06 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\Bowplus\Downloads\OTL.exe
2014-08-06 10:55 - 2014-08-06 10:55 - 00854410 _____ () C:\Users\Bowplus\Downloads\SecurityCheck.exe
2014-08-05 17:14 - 2014-08-05 17:02 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-05 17:03 - 2014-08-05 17:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-08-05 17:02 - 2014-08-05 17:01 - 11188736 _____ (SurfRight B.V.) C:\Users\Bowplus\Downloads\HitmanPro_x64.exe
2014-08-05 16:41 - 2014-08-05 16:41 - 01361309 _____ () C:\Users\Bowplus\Downloads\adwcleaner_3.302.exe
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-08-05 16:11 - 2014-08-05 16:11 - 00753184 _____ () C:\Users\Bowplus\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-05 15:39 - 2014-08-05 15:24 - 00000000 ____D () C:\Flood-Backup
2014-08-04 18:34 - 2014-06-17 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-04 15:26 - 2014-08-04 14:18 - 00000000 ___RD () C:\Users\Bowplus\Desktop\Scan
2014-07-31 17:02 - 2014-07-31 17:02 - 00004952 _____ () C:\Users\Bowplus\Downloads\google-Ruben-Munoz.csv
2014-07-30 13:09 - 2014-07-30 13:09 - 00001095 _____ () C:\Windows\setupact.log
2014-07-30 13:09 - 2014-07-30 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-29 14:34 - 2014-07-29 14:34 - 00921135 _____ () C:\Users\Bowplus\Downloads\yahoo_contacts.csv
2014-07-29 12:37 - 2014-07-29 12:08 - 00000000 ___HD () C:\Backup Files
2014-07-29 11:36 - 2014-07-28 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-29 11:36 - 2014-07-28 14:33 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-29 10:13 - 2014-07-29 10:13 - 01545711 _____ () C:\Users\Bowplus\Downloads\contacts-all-CURRENT-notGoogle.csv
2014-07-29 10:12 - 2014-07-29 10:12 - 03457000 _____ () C:\Users\Bowplus\Downloads\google-all-CURRENT.csv
2014-07-29 09:55 - 2014-07-29 09:55 - 03455044 _____ () C:\Users\Bowplus\Downloads\google-all-(14-07-29@9am).csv
2014-07-29 09:23 - 2014-07-29 09:23 - 03230050 _____ () C:\Users\Bowplus\Downloads\google-all-INCOMPLETE.csv
2014-07-28 14:32 - 2014-07-28 14:32 - 01376768 _____ () C:\Users\Bowplus\Downloads\7z920-x64.msi
2014-07-28 13:08 - 2014-07-28 13:08 - 03455044 _____ () C:\Users\Bowplus\Downloads\google-all-latest.csv
2014-07-25 22:54 - 2014-07-25 22:54 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Adobe
2014-07-25 16:28 - 2014-07-25 16:25 - 03400514 _____ () C:\Users\Bowplus\Downloads\google-mycontacts.csv
2014-07-25 16:25 - 2014-07-25 16:25 - 03422034 _____ () C:\Users\Bowplus\Downloads\google-all.csv
2014-07-22 09:37 - 2014-07-22 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 15:17 - 2014-07-21 15:17 - 00000000 ____H () C:\Users\Bowplus\Documents\Default.rdp
2014-07-16 14:39 - 2013-08-22 09:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-07-16 13:18 - 2014-03-25 22:52 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-16 13:18 - 2014-03-25 22:51 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-15 20:03 - 2014-07-15 20:03 - 00000385 _____ () C:\Users\Bowplus\AppData\Roaminguser_gensett.xml
2014-07-15 20:01 - 2014-07-15 20:01 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-07-15 20:00 - 2014-07-08 13:15 - 00000000 ____D () C:\Program Files\Webroot
2014-07-15 16:24 - 2014-07-15 16:24 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-07-15 16:13 - 2014-07-15 15:54 - 00000000 ____D () C:\ProgramData\BDLogging
2014-07-15 16:13 - 2014-07-15 15:50 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\Bitdefender
2014-07-15 15:55 - 2014-07-15 15:55 - 00660470 _____ () C:\ProgramData\1405460800.bdinstall.bin
2014-07-15 15:55 - 2014-07-15 15:46 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-07-15 15:54 - 2014-07-15 15:54 - 00002224 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-07-15 15:54 - 2014-07-15 15:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-07-15 15:54 - 2014-07-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-07-15 15:50 - 2014-07-15 15:46 - 00000000 ____D () C:\Program Files\Bitdefender
2014-07-15 15:46 - 2014-07-15 15:46 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\QuickScan
2014-07-15 15:46 - 2014-07-15 15:37 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-07-15 15:43 - 2014-04-18 13:34 - 00000000 ____D () C:\ProgramData\Norton
2014-07-15 15:36 - 2014-07-15 15:36 - 06770080 _____ () C:\Users\Bowplus\Downloads\bitdefender_tsecurity.exe
2014-07-14 16:53 - 2014-07-14 16:53 - 00001766 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-14 16:53 - 2014-07-14 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-14 16:53 - 2014-07-14 16:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-14 16:53 - 2014-07-14 16:52 - 00000000 ____D () C:\Program Files\iTunes
2014-07-14 16:53 - 2014-07-14 16:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-14 16:52 - 2014-07-14 16:52 - 00000000 ____D () C:\Program Files\iPod
2014-07-14 16:52 - 2014-07-08 15:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-14 16:21 - 2014-07-14 16:21 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Bowplus\Downloads\mbam-setup(1).exe
2014-07-14 16:17 - 2014-07-14 16:17 - 00000000 ____D () C:\Users\Bowplus\Documents\Autoruns
2014-07-14 16:08 - 2014-07-14 16:08 - 00002254 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support (2).lnk
2014-07-14 16:07 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\addins
2014-07-14 15:23 - 2014-07-14 15:17 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-14 15:23 - 2014-07-14 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 15:23 - 2014-07-14 15:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-14 15:17 - 2014-07-14 15:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 15:16 - 2014-07-14 15:16 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Bowplus\Downloads\mbam-setup.exe
2014-07-14 15:09 - 2014-07-14 15:09 - 00002280 _____ () C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2014-07-14 15:08 - 2014-07-14 15:08 - 01528640 _____ (LogMeIn, Inc.) C:\Users\Bowplus\Downloads\Support-LogMeInRescue.exe
2014-07-11 17:33 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-11 17:06 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\rescache
2014-07-11 13:38 - 2013-08-22 08:44 - 00335784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 21:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-09 21:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-09 15:22 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-08 18:47 - 2014-04-18 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 15:53 - 2014-07-08 15:53 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\Apple Computer
2014-07-08 15:53 - 2014-07-08 15:53 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Apple Computer
2014-07-08 15:51 - 2014-07-08 15:51 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Apple
2014-07-08 15:51 - 2014-07-08 15:51 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-08 15:51 - 2014-07-08 15:50 - 00000000 ____D () C:\ProgramData\Apple
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-08 15:50 - 2014-07-08 15:50 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-08 15:47 - 2014-07-08 15:45 - 112616784 _____ (Apple Inc.) C:\Users\Bowplus\Downloads\iTunes64Setup.exe
2014-07-08 15:41 - 2014-07-08 15:41 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 15:41 - 2014-07-08 15:41 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\Macromedia
2014-07-08 14:07 - 2014-06-21 16:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-08 14:05 - 2014-06-21 16:19 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 14:05 - 2013-08-22 13:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 13:56 - 2014-03-26 14:07 - 00000000 ____D () C:\Windows\Panther
2014-07-08 13:40 - 2014-07-08 13:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-08 13:40 - 2014-07-08 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-08 13:40 - 2014-07-08 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-08 13:39 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-08 13:31 - 2014-07-08 13:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-01 13:08
==================== End Of Log ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Bowplus at 2014-08-07 12:03:36
Running from C:\Users\Bowplus\Desktop\PC Repair Tools
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{893CB813-4179-4BFE-8D33-ABCC38816B48}) (Version: 1.0.6 - Amazon)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.12.0.958 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3920.05 - CyberLink Corp.) Hidden
Digital Pass Launcher (HKLM-x32\...\{2359C6E9-DE4F-4FDA-9C12-AE6EFC2EE330}) (Version: 1.0.0.0 - TOSHIBA America Information Systems, Inc)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29073 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.6 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.3 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.81.2C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 2.0.0.15C - Toshiba Corporation) Hidden
Toshiba Quality Application (x32 Version: 1.0.9.4B2 - TOSHIBA) Hidden
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{4F0F44AF-90E9-4A6E-9E82-354A3AB79F22}) (Version: 1.0.0.2 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
16-07-2014 00:23:01 Scheduled Checkpoint
25-07-2014 20:06:49 Scheduled Checkpoint
28-07-2014 20:32:54 Installed 7-Zip 9.20 (x64 edition)
06-08-2014 18:04:36 zoek.exe restore point
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C009AC2-E6A8-4EDA-A27F-6E8AB981E890} - \SMW_UpdateTask_Time_323632373832343038302d2350785732325b6c342a2d45 No Task File <==== ATTENTION
Task: {0DCB0136-761A-487F-9E87-83547AA6E636} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E4F6B29-2EC0-456F-96D9-C53C890E8F73} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4307FE6C-33DB-4725-A7A0-7127C3021633} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {562DB143-2F5C-4BD8-9E5A-8E72E39328DE} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe [2014-03-30] ()
Task: {5BD00B8C-019E-4B7F-BB0D-EEBC11EFD9F2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {5DD0D483-11B3-4B5D-AF8F-80ABCA676C6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {64A4CF6E-DD5E-4E57-A57C-2D5B678B17D5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {67C9D1B7-34FC-43AA-A80B-9DEE7D44C237} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A055BEB8-7005-4D10-BA29-5A1E003D71FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A4A943C2-3D3C-48E2-BAC8-A4C678A6E09E} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {B6081EFB-F46A-47BB-ADC1-4C97B6954E53} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {B9F99432-A804-454D-9F30-6D76091B719A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {BC1590F8-806D-4539-9433-E0ECE6C14B39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-08] (Microsoft Corporation)
Task: {C3A4C192-7D17-4DC3-B2C5-6A0C2B524700} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CA8A3DDD-F5C0-4086-BE7C-390D69B87919} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D3C51065-CAF6-49F1-A5EC-0477D852843B} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D890D92B-00FC-46BF-BF1A-57C776471516} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-15 15:54 - 2014-06-06 15:11 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-07-15 15:54 - 2014-07-11 17:30 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-07-15 15:54 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-07-25 13:34 - 2014-07-25 13:34 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpbr.mdl
2014-07-25 13:34 - 2014-07-25 13:34 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpdsp.mdl
2014-07-25 13:34 - 2014-07-25 13:34 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpph.mdl
2014-07-25 13:34 - 2014-07-25 13:34 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttprbl.mdl
2014-07-15 15:54 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-18 12:58 - 2013-12-10 08:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Bowplus\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Bowplus\Downloads\Adware-Removal-Tool-v3.9.1.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\adwcleaner_3.302.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\adwcleaner_3.303.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\aswmbr.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\HitmanPro_x64.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\SecurityCheck.exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\Support-LogMeInRescue(1).exe:BDU
AlternateDataStreams: C:\Users\Bowplus\Downloads\zoek.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2014 09:16:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (08/07/2014 09:16:39 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
System errors:
=============
Error: (08/07/2014 11:00:13 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: CBSTOSH)
Description: There was an error while attempting to read the local hosts file.
Error: (08/06/2014 05:24:54 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (08/06/2014 05:24:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (08/06/2014 05:23:00 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (08/06/2014 05:23:00 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (08/06/2014 05:23:00 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (08/06/2014 03:29:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (08/06/2014 03:29:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (08/06/2014 03:28:08 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (08/06/2014 03:28:08 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office Sessions:
=========================
Error: (08/07/2014 09:16:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (08/07/2014 09:16:39 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 6054.98 MB
Available physical RAM: 4646.58 MB
Total Pagefile: 7014.98 MB
Available Pagefile: 5148.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (TI10692000E) (Fixed) (Total:687.94 GB) (Free:645.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
And here is all the info I know about the problem application:
Location:
C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe
Aliases:
Utilities.SearchHandler.exe
Created:
03-30-2014
Modified:
03-30-2014
Accessed:
06-17-2014
Notes:
CONSTANTLY changes web browser properties to redirect to www-search.net (Tuvaro Search Engine)
Tuvaro Search Engine is associated with YTDownloader, iWebar, and ShopperPro
Runs on every boot up
Strongly appears to be Pre-Installed:
Laptop was purchased and first booted in June
Some research suggests that Toshiba satellite (this PC model) is a common laptop to have this preinstalled
There is no Uninstaller to be found so far
Edited by Spencer4134, 07 August 2014 - 12:30 PM.