Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

crazy behavior, not sure whats happening [Solved]

Started by niksrule , Aug 14 2014 07:30 PM

This topic is locked

#16
niksrule

Posted 18 August 2014 - 03:33 PM

Member

Topic Starter
Member
108 posts

it is a notebook with a trackpad. it also has touchscreen which i disabled because that was doing the same thing with the cursor but it was also clicking things as it bounced around the screen

here are the fresh scans....

Zoek-results.txt

Zoek.exe v5.0.0.0 Updated 18-08-2014

Tool run by Joseph on Mon 08/18/2014 at 16:56:29.59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Joseph\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8/18/2014 4:58:45 PM Zoek.exe System Restore Point Created Succesfully.

==== VirusTotal Scan ======================

C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\IEUpdate\systeminfo.exe not found

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

7-Zip 9.20

AccelerometerP11

Adobe AIR

Adobe Community Help

Adobe Flash Player 14 ActiveX

Adobe Flash Player 14 Plugin

Adobe Media Player

Adobe Photoshop CS5

Adobe Reader X (10.1.4) MUI

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bing Bar

Bing Maps 3D

BitComet 1.35 64-bit

Bonjour

Canon MP280 series MP Drivers

Catalina Savings Printer

Consumer In-Home Service Agreement

Cooking Academy

Coupon Printer for Windows

CyberLink PowerDVD 9.6

CyberLink YouPaint

D3DX10

DAEMON Tools Pro

Dell DataSafe Local Backup

Dell DataSafe Online

Dell Edoc Viewer

Dell Getting Started Guide

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell Support Center

Dell Touch Software Suite Games

Dell VideoStage

Dell Webcam Central

DirectX 9 Runtime

DivX 4.12 Codec

eBay

Face Recognition

ffdshow x64 v1.3.4515 [2013-06-12]

GmoteServer

Google Chrome

Google Talk (remove only)

Google Update Helper

GoToAssist Corporate

HP Officejet Pro 8500 A910 Basic Device Software

HP Officejet Pro 8500 A910 Help

HP Officejet Pro 8500 A910 Product Improvement Study

HP Update

I.R.I.S. OCR

Intel PROSet Wireless

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® PROSet/Wireless WiFi Software

Intel® Turbo Boost Technology Monitor 2.0

Intel® WiDi

Intel® Wireless Display

IrfanView (remove only)

iTunes

Java Auto Updater

Java™ 7 Update 1 (64-bit)

Java™ 7 Update 3

Java™ SE Development Kit 7 Update 3

JavaFX 2.0.3

JavaFX 2.0.3 SDK

Junk Mail filter update

Malwarebytes Anti-Malware version 2.0.2.1012

McAfee SecurityCenter

Mesh Runtime

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Touch Pack for Windows 7

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 3.0

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery of Mortlake Mansion 1.00

N-trig DuoSense Multi-touch package for Windows 7

Nero 10 Movie ThemePack Basic

Nero Blu-ray Player

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

NVIDIA 3D Vision Driver 285.77

NVIDIA Control Panel 285.77

NVIDIA Graphics Driver 285.77

NVIDIA HD Audio Driver 1.2.24.0

NVIDIA Install Application

NVIDIA Optimus 1.5.21

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

Origin

PDF Settings CS5

PhotoShowExpress

PlayReady PC Runtime x86

Project64 1.6

Quickset64

RBVirtualFolder64Inst

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Samsung AllShare

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)

Shared C Run-time for x64

SkypeT 6.11

Sonic CinePlayer Decoder Pack

Steam

StickyNotes

Synaptics Pointing Device Driver

SyncUP

The Rosetta Stone

The SimsT 3

The SimsT 3 Generations

The Weather Channel Desktop 6

Top Chef

TrustedID

TrustedID IDMonitor Identity Protection

Veetle TV

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

VLC media player 2.0.3

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.11 (64-bit)

Xvid MPEG-4 Video Codec

Xvid Video Codec

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Joseph\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Joseph\Desktop\zoek.exe

C:\Windows\SysWOW64\cmd.exe

==== Services (whitelist) ======================

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

R2 - [AERTFilters] - Andrea RT Filters Service - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

R2 - [AMPPALR3] - IntelÂ® CentrinoÂ® Wireless BluetoothÂ® 3.0 + High Speed Service - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

R2 - [BBUpdate] - BBUpdate - "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"

R2 - [BTHSSecurityMgr] - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service - "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

R2 - [cvhsvc] - Client Virtualization Handler - "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

R2 - [EvtEng] - Intel® PROSet/Wireless Event Log - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

R2 - [FAService] - FAService - "C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe" -fa

R2 - [LMS] - Intel® Management and Security Application Local Management Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

R2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

R2 - [MBAMService] - MBAMService - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

R2 - [McAPExe] - McAfee AP Service - "C:\Program Files\McAfee\MSC\McAPExe.exe"

R2 - [mfecore] - McAfee Anti-Malware Core - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

R2 - [mfefire] - McAfee Firewall Core Service - "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"

R2 - [mfevtp] - McAfee Validation Trust Protection Service - "C:\Windows\system32\mfevtps.exe"

R2 - [NAUpdate] - Nero Update - "C:\Program Files (x86)\Nero\Update\NASvc.exe"

R2 - [NOBU] - Dell DataSafe Online - "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE

R2 - [nvsvc] - NVIDIA Display Driver Service - C:\Windows\system32\nvvsvc.exe

R2 - [RegSrvc] - Intel® PROSet/Wireless Registry Service - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

R2 - [sftlist] - Application Virtualization Client - "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

R2 - [SftService] - SoftThinks Agent Service - "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"

R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

R2 - [UNS] - Intel® Management and Security Application User Notification Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"

R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding

R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

R3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"

R3 - [sftvsa] - Application Virtualization Service Agent - "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

R3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe

R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - "C:\Program Files\Intel\TurboBoost\TurboBoost.exe"

R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe

S2 - [CLKMSVC10_9EC60124] - CyberLink Product - 2012/04/06 05:02:46 - "c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe" /svc

S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

S2 - [SamsungAllShareV2.0] - Samsung AllShare PC - "C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"

S2 - [SkypeUpdate] - Skype Updater - "C:\Program Files (x86)\Skype\Updater\Updater.exe"

S2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe

S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe

S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

S3 - [BBSvc] - Bing Bar Update Service - "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"

S3 - [BITCOMET_HELPER_SERVICE] - BitComet Disk Boost Service - C:\Program Files\BitComet\tools\BitCometService.exe -service

S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe

S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe

S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe

S3 - [GoToAssist] - GoToAssist - "C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe" Start=service

S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V

S3 - [McAWFwk] - McAfee Activation Service - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

S3 - [McODS] - McAfee Scanner - "C:\Program Files\mcafee\VirusScan\mcods.exe"

S3 - [MozillaMaintenance] - Mozilla Maintenance Service - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe

S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V

S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

S3 - [ose] - Office Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

S3 - [osppsvc] - Office Software Protection Platform - "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe

S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe

S3 - [SimpleSlideShowServer] - SimpleSlideShowServer - "C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe"

S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe

S3 - [Steam Client Service] - Steam Client Service - "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

S3 - [stllssvr] - stllssvr - "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"

S3 - [SwitchBoard] - Adobe SwitchBoard - "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe

S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe

S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"

S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe

S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

S4 - [wlcrasvc] - Windows Live Mesh remote connections service - "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HPSLPSVC deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HPSLPSVC deleted successfully

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 8087 MB

CPU Info: Intel® Core™ i7-2670QM CPU @ 2.20GHz

CPU Speed: 2193.1 MHz

Sound Card: Speakers (Realtek High Definiti |

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel® Centrino® Advanced-N 6230 | Bluetooth Device (Personal Area Network) | Realtek PCIe GBE Family Controller

CD / DVD Drives: 6x (D: | E: | F: | G: | H: | I: | ) D: Optiarc DVDRWBD BC-5540H | E: DTSOFT BDROM | F: DTSOFT BDROM | G: DTSOFT BDROM | H: DTSOFT BDROM | I: DTSOFT BDROM

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 218.8GB | Q: 0.0MB

Hard Disks - Free: C: 38.9GB | Q: 0.0MB

Manufacturer *: Dell Inc.

BIOS Info: AT/AT COMPATIBLE | 02/20/12 | DELL - 2

Time Zone: Eastern Standard Time

Motherboard *: Dell Inc. 0NJT03

Country: United States

Language: ENU

==== System Specs (Software) ======================

Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)

Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Firewall: McAfee Firewall disabled

Default Browser: Google Chrome 36.0.1985.143

Internet Explorer Version: 11.0.9600.17239

Mozilla Firefox version: 16.0.2 (x86 en-US)

Google Chrome version: 36.0.1985.143

Adobe Reader version: 10.1.4.38

Sun Java version: 1.7.0_03 (32-bit)

Sun Java version: 1.7.0_01 (64-bit)

Flash Player version: 14.0.0.145

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-08-18 01:44:53 0A34066D56D57C0DA73BFFC1E4169FF2 85 ----a-w- C:\Windows\wininit.ini

====== C:\Users\Joseph\AppData\Local\Temp ====

2014-08-18 01:47:48 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-08-16 18:14:42 2976808EF2E740C24F47561A70DE879A 94419912 ----a-w- C:\Users\Joseph\AppData\Local\Temp\FAInstallV4.001.199.Dell.exe

2014-08-06 15:48:25 1047253DC45264B2B8B9CD486A9E8AB0 377107 ----a-w- C:\Users\Joseph\AppData\Local\Temp\Quarantine.exe

====== Java Cache =====

2014-08-16 23:21:55 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Joseph\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-54a7c0b7

====== C:\Windows\SysWOW64 =====

2014-08-18 02:05:07 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll

2014-08-16 17:46:50 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\SysWOW64\infocardapi.dll

2014-08-16 17:46:49 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\SysWOW64\icardagt.exe

2014-08-16 17:46:49 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\SysWOW64\icardres.dll

2014-08-16 17:46:45 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-15 01:04:38 D08819FEE0CDB8A8A58E2B34D05E7A11 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2014-08-15 01:04:32 C212A43AA83A717AD38505F23ACDCB33 2363392 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-08-15 01:04:32 9DA1CCDBBF8136AC2383C2624CA8CD14 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll

2014-08-15 01:04:32 43CD23B65CBF04D6F8ACA984B0EF93FE 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll

2014-08-15 01:04:26 386BF6FD9FC562B1A5558C49E1C3A6FB 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll

2014-08-15 01:04:24 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-15 01:04:24 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-08-15 01:04:24 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-08-15 01:04:24 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-08-15 01:04:24 478824EC0BCE9968C0DC787164B1753B 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-08-15 01:04:24 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-08-15 01:04:24 41A3A54603686FD437FA4E8EB95025F9 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-15 01:04:24 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-08-15 01:04:24 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-08-15 01:04:22 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-08-15 01:04:22 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-08-15 01:04:22 7B051C4A70F23A84A09366999FE63CBD 307384 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-08-15 01:04:22 4D0E91438CE181AF94C653B3BBE3C65A 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-08-15 01:04:22 36B67392AFB8901CC442EA988AD4603D 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-08-15 01:04:21 F48A1A114382AB4EF8000E1943E6CF1F 438784 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-08-15 01:04:21 E8D46F442AB53A52BDBB3EA0C51BDABD 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-08-15 01:04:21 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-08-15 01:04:21 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-08-15 01:04:19 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-08-15 01:04:19 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-08-15 01:04:19 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-08-15 01:04:19 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-08-15 01:04:19 49FFD37673BD20279A8BF27CC20040B3 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-15 01:04:19 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-08-15 01:04:18 B91AA3BC8083E66925FAE29FDA485CEA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-08-15 01:04:18 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-15 01:03:49 D8BED6BA298DBAAF6F3D746739FCD333 664064 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-08-16 17:46:49 EE415EC9288182BCFB6E6896A376EA53 8856 ----a-w- C:\Windows\Sysnative\icardres.dll

2014-08-16 17:46:49 9C44FB5B3A8A192FCE1103AC9BA4E576 171160 ----a-w- C:\Windows\Sysnative\infocardapi.dll

2014-08-16 17:46:49 8A08BB0D12BE40DC09632CD5D04A48A0 1389208 ----a-w- C:\Windows\Sysnative\icardagt.exe

2014-08-16 17:46:45 E4312738B500577BABC232A49F67A67D 35480 ----a-w- C:\Windows\Sysnative\TsWpfWrp.exe

2014-08-15 01:04:38 EBFEF789E32279C2ED7C81260B186AD7 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2014-08-15 01:04:33 3B39F9D51E4D8BAABDA6518955B58C13 3241984 ----a-w- C:\Windows\Sysnative\msi.dll

2014-08-15 01:04:32 B0F8CCA08DBC392442E27377B98DD0CD 112064 ----a-w- C:\Windows\Sysnative\consent.exe

2014-08-15 01:04:32 A6D0DC3B30F6BB1421DAA92537424822 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll

2014-08-15 01:04:32 5DFFC12BF7DB53BDB401804A3C3A475E 1941504 ----a-w- C:\Windows\Sysnative\authui.dll

2014-08-15 01:04:27 AE57F6C7AB3ED244B5F14151C4EA0057 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll

2014-08-15 01:04:24 19FA60D3AE1804A559306DE931A5B415 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-08-15 01:04:24 08C5E6033786C1E41B63FD38CA22917A 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-08-15 01:04:22 FE7D99399F7761AA2695A7B1AD30DAAF 1431040 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-08-15 01:04:22 6598F2A876E13B6FFA5AE418D41CE7D6 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-08-15 01:04:22 5574B09C4676E8E2EBE125C18BDF9FBF 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-08-15 01:04:22 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-08-15 01:04:22 13A852B606F3644A7A35EDD99F74A685 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-08-15 01:04:21 FCF5C8BB9AFD8D15B324B702F9B186B7 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-08-15 01:04:21 F00D0AE7648CA45C6434E2885485BE0B 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-08-15 01:04:21 1FD1F16C35946BA28FDEB40F18B7729D 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-08-15 01:04:20 DF485877CCE229776E6B8BB9116B67FE 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-08-15 01:04:20 9C9FE69902CD45A7D9AB1F0C4EDE646C 348856 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-08-15 01:04:20 39A85C005BCDEEF4092646EBBC2526AA 2087936 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-08-15 01:04:19 DB382D89D8004F40BD2C55BAE6A15B30 2774528 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-08-15 01:04:18 FCC86367BB0FB6DEB6614885CBE74FD5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-08-15 01:04:18 72B7D166D1B0D353330A34FDED3F5AA6 598016 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-08-15 01:04:18 1DE8B71A1C7D8943034188556AF50B07 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-08-15 01:04:17 2639E152D246F2A651F09764807CA153 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-08-15 01:04:17 1F02286D001AB5EA5719540C587224FE 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-08-15 01:04:17 1B26610C1659EF54ED000233FB96F20C 13547008 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-08-15 01:04:16 920F690FC7424DE71888AA2E46E917EA 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-08-15 01:04:16 6ED6DA2A04F8F0C9BDAD647284BAEFB6 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-08-15 01:04:16 472C409F9B0FF67C1015F511C73E1889 5824512 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-08-15 01:04:16 1EEF9FE30DBE458A89B5F7A16FC68397 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-08-15 01:04:15 C02C78DE9BB4E68F6C78B1588ADD6ADC 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-08-15 01:04:15 BAC44396088ECC1C9021ED3E3345337C 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-08-15 01:04:15 8E71A5CB5312B8392D4DA4CA37BB5868 2266624 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-08-15 01:04:14 EDF22FBAE75ACB48BF51D099C6808B39 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-08-15 01:04:14 ECA387DCD57F683C52171C766CF400F0 23645696 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-08-15 01:04:14 1C660588CFFB3A17BCF0F6B4779BF985 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-08-15 01:03:49 F947D57534E01E3CA597BCF2AD8AE65B 1216000 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2014-08-15 01:03:48 9D455E3049B7F93483D7165422B7D0AF 529920 ----a-w- C:\Windows\Sysnative\aepdu.dll

2014-08-15 01:03:48 349CF386805783D2E6810A767642F1B8 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll

====== C:\Windows\Sysnative\drivers =====

2014-08-15 01:04:28 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

2014-08-14 01:22:22 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys

2014-08-14 01:22:10 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys

2014-08-14 01:22:10 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys

====== C:\Windows\Tasks ======

2014-08-18 01:44:53 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking

2014-08-16 17:44:46 1C3F6B9DC3E6111A5ECA477C27687182 314 ----a-w- C:\Windows\Tasks\0614tUpdateInfo.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-08-16 23:16:56 -------- d-----w- C:\Program Files\iTunes

2014-08-16 23:16:56 -------- d-----w- C:\Program Files\iPod

======= C:\PROGRA~2 =====

======= C: =====

====== C:\Users\Joseph\AppData\Roaming ======

2014-08-15 02:49:57 -------- d-----w- C:\Users\Joseph\AppData\Roaming\TuneUp Software

2014-08-13 23:47:22 -------- d-----w- C:\Users\Joseph\AppData\Local\Azbfworks

2014-08-03 02:17:07 -------- d-----w- C:\Users\Joseph\AppData\Local\ARDworks

2014-08-02 19:30:41 -------- d-----w- C:\Users\Joseph\AppData\Local\Microsoft Help

====== C:\Users\Joseph ======

2014-08-18 01:50:42 E960C16E42BD9A3D0BC6123CD0887F01 1361671 ----a-w- C:\Users\Joseph\Desktop\adwcleaner_3.307.exe

2014-08-18 01:46:23 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Joseph\Desktop\JRT.exe

2014-08-16 23:17:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-16 23:16:56 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-16 17:38:27 9302D77A9F6683672A4F231DA2B86059 5185536 ----a-w- C:\Users\Joseph\Downloads\aswMBR.exe

2014-08-16 17:37:40 B7E2E5D8DA320E5627B48FCC07AC5D41 2101760 ----a-w- C:\Users\Joseph\Desktop\FRST64.exe

2014-08-02 19:30:41 -------- d-----w- C:\ProgramData\Microsoft Help

====== C: exe-files ==

2014-08-18 01:50:42 E960C16E42BD9A3D0BC6123CD0887F01 1361671 ----a-w- C:\Users\Joseph\Desktop\adwcleaner_3.307.exe

2014-08-18 01:47:48 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-08-18 01:46:23 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Joseph\Desktop\JRT.exe

2014-08-16 23:14:37 30A4B7EB1E0B01D3D358079BE43348CC 77136 ----a-w- C:\Users\Joseph\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRVUJ8YI\SetupAdmin[1].exe

2014-08-16 23:14:37 30A4B7EB1E0B01D3D358079BE43348CC 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.3.1.2\SetupAdmin.exe

2014-08-16 22:14:51 BA5F72768993C9FF697B16D8D131018E 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1134877362-3312589417-341762073-1001\$IF171R8.exe

2014-08-16 18:14:42 2976808EF2E740C24F47561A70DE879A 94419912 ----a-w- C:\Users\Joseph\AppData\Local\Temp\FAInstallV4.001.199.Dell.exe

2014-08-16 18:06:16 C56CB929FDC62BA6AFA025C0DF95CA73 1836624 ----a-w- C:\Users\Joseph\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe

2014-08-16 17:46:49 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\SysWOW64\icardagt.exe

2014-08-16 17:46:49 8A08BB0D12BE40DC09632CD5D04A48A0 1389208 ----a-w- C:\Windows\System32\icardagt.exe

2014-08-16 17:46:45 E4312738B500577BABC232A49F67A67D 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe

2014-08-16 17:46:45 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-16 17:44:42 F8B752B674B40F588EF061EB3EF55777 3085904 ----a-w- C:\Windows\Temp\7zS23A6.tmp\avg.exe

2014-08-16 17:44:42 EE2C15CD4214E6F4CAF35B5381630603 157000 ----a-w- C:\Windows\Temp\7zS23A6.tmp\MachineIdCreator.exe

2014-08-16 17:44:42 5DE2B386086F051571F4D1DE2A791D05 22040 ----a-w- C:\Windows\Temp\7zS23A6.tmp\Setup.exe

2014-08-16 17:44:42 397B42F989468A3C2E6FEA788A45C592 3166288 ----a-w- C:\Windows\Temp\7zS23A6.tmp\safeguard.exe

2014-08-16 17:44:42 0795094ACD5D25FE69F4544BB2CB3E5A 2726936 ----a-w- C:\Windows\Temp\7zS23A6.tmp\AVG-Secure-Search-Update.exe

2014-08-16 17:38:27 9302D77A9F6683672A4F231DA2B86059 5185536 ----a-w- C:\Users\Joseph\Downloads\aswMBR.exe

2014-08-16 17:37:40 B7E2E5D8DA320E5627B48FCC07AC5D41 2101760 ----a-w- C:\Users\Joseph\Desktop\FRST64.exe

2014-08-15 01:04:38 37C7C89B03F9D39629EDA545A1645D68 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe

2014-08-15 01:04:32 B0F8CCA08DBC392442E27377B98DD0CD 112064 ----a-w- C:\Windows\System32\consent.exe

2014-08-15 01:04:24 7BAF83ECFCB4AC9E90A4B459BDD59BCA 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-08-15 01:04:24 31A7689F580F37B52F65B9653F8916D4 810176 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-08-15 01:04:22 CDF01A5C7927786A708EAEE91F14797B 812224 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-08-15 01:04:22 8D526C6DFC13CC2F81395771B7BE1AC6 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-08-15 01:04:22 6A60D0D167D35A07646EBCF796D770B4 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-08-15 01:04:22 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-08-15 01:04:21 FCF5C8BB9AFD8D15B324B702F9B186B7 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-08-15 01:04:20 7D709E893B53092E3F5995FF5C3061E2 483328 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-08-15 01:04:19 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-08-15 01:04:16 1EEF9FE30DBE458A89B5F7A16FC68397 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-08-15 01:04:14 1C660588CFFB3A17BCF0F6B4779BF985 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-08-15 01:03:48 5BB980114F9A3D750A5C827B69C8A13B 156672 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe

2014-08-15 01:03:48 1E3976298791F63775B64BE5B9C97618 31232 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe

=== C: other files ==

2014-08-18 01:47:48 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\TDL4.bat

2014-08-18 01:47:48 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\medfos.bat

2014-08-18 01:47:48 A87CD1BAC46CAC0EEEDB571F07077032 8104 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\modules.bat

2014-08-18 01:47:48 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\searchlnk.bat

2014-08-18 01:47:48 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\firefox.bat

2014-08-18 01:47:48 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\ev_clear.bat

2014-08-18 01:47:48 7D8282EB94B5D639B7378811C1924A8F 9516 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\runvalues.bat

2014-08-18 01:47:48 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\delorphans.bat

2014-08-18 01:47:48 5B92615B0CEA08D6BA1217C08CBB1443 15919 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\get.bat

2014-08-18 01:47:48 5B71358F97544D9DE58A9A0893079506 39458 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\prelim.bat

2014-08-18 01:47:48 53B191266B30D57F2F835ABBF54C68C5 13963 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\chrome.bat

2014-08-18 01:47:48 3BC04DEBBE9027060D51901133F60101 154678 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\misc.bat

2014-08-18 01:47:48 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\ask.bat

2014-08-18 01:47:48 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\iexplore.bat

2014-08-18 01:47:48 2F80D807DB405C8F6E0F3706B9FED710 10161 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\JRT.bat

2014-08-18 01:47:48 0D08FBD2E6F6C6AC6A504712C4CE6CE3 1226 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\FWPolicy.bat

2014-08-18 01:47:48 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Joseph\AppData\Local\Temp\jrt\delfolders.bat

2014-08-15 01:04:28 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-08-14 01:22:22 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-08-14 01:22:10 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-08-14 01:22:10 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1134877362-3312589417-341762073-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"FATrayAlert"="C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe"

"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "

"NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"NtrigApplet"="C:\Program Files\N-trig\DuoSense Control Apps\NtrigApplet.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeAAMUpdater-1.0"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeCS5ServiceManager"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AllShareAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AllShareAgent"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BDRegion"

"hkey"="HKLM"

"command"="c:\\Program Files (x86)\\Cyberlink\\Shared Files\\brs.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BTMTrayAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BTMTrayAgent"

"hkey"="HKLM"

"command"="rundll32.exe \"C:\\Program Files (x86)\\Intel\\Bluetooth\\btmshell.dll\",TrayApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Pro Agent"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dell DataSafe Online"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Dell\\Dell Datasafe Online\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellStage"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Desktop Disc Tool"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Roxio\\OEM\\Roxio Burn\\RoxioBurnLauncher.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FreeFallProtection]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="FreeFallProtection"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\STMicroelectronics\\AccelerometerP11\\FF_Protection.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\Joseph\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\googletalk]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="googletalk"

"hkey"="HKCU"

"command"="C:\\Users\\Joseph\\AppData\\Roaming\\Google\\Google Talk\\googletalk.exe /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HP Software Update"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelPAN]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IntelPAN"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe\" /tf Intel PAN Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelTBRunOnce]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IntelTBRunOnce"

"hkey"="HKLM"

"command"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroLauncher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroLauncher"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Nero\\SyncUP\\NeroLauncher.exe 900"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD9LanguageShortcut]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PDVD9LanguageShortcut"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\CyberLink\\PowerDVD9\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickSet]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickSet"

"hkey"="HKLM"

"command"="c:\\Program Files\\Dell\\QuickSet\\QuickSet.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl9]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RemoteControl9"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\CyberLink\\PowerDVD9\\PDVD9Serv.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoxWatchTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RoxWatchTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Roxio Shared\\OEM\\12.0\\SharedCOM\\RoxWatchTray12OEM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpybotSD TeaTimer"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Steam"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StickyNotesWidget]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="StickyNotesWidget"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\Dell Touch Software Suite\\StickyNotes\\notes_startup_widgets.exe\" \"c:\\Program Files (x86)\\Dell Touch Software Suite\\StickyNotes\\start.umj\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SwitchBoard"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TkBellExe"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Xvid]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Xvid"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Xvid\\CheckUpdate.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\eventlog]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wecsvc]

==== Startup Folders ======================

2012-04-11 14:47:57 1025 ----a-w- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk

2014-08-14 00:41:47 1114 ----a-w- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeminfo.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\0614tUpdateInfo.job --a------ C:\ProgramData\Avg_Update_0614t\0614t_AVG-Secure-Search-Update.exe [07/03/2014 04:01 AM]

C:\Windows\tasks\Ad-Aware Update (Daily 1).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

C:\Windows\tasks\Ad-Aware Update (Daily 2).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

C:\Windows\tasks\Ad-Aware Update (Daily 3).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

C:\Windows\tasks\Ad-Aware Update (Daily 4).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

C:\Windows\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/16/2014 09:46 PM]

C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job --a------ C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdate.exe []

C:\Windows\tasks\FaxApplications.exe_{19DEDDF1-DAB2-487A-8266-DEEB500E3E25}.job --a------ C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\FaxApplications.exe [10/17/2012 04:34 AM]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134877362-3312589417-341762073-1001Core1cf8f1b408d5f18.job --a------ C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe [08/10/2012 09:49 PM]

C:\Windows\tasks\HP Officejet Pro 8500 A910.exe_{C7D08713-E261-48B4-8982-075AE919F6A0}.job --a------ [Undetermined Task]

C:\Windows\tasks\HPCustPartic.exe_{4DDE9E9D-1556-48C5-9C69-B528590AEEFD}.job --a------ C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [10/17/2012 04:34 AM]

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [04/13/2012 02:11 AM]

C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1134877362-3312589417-341762073-1001.job --a------ C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [07/27/2012 02:27 PM]

C:\Windows\tasks\ReclaimerResumeInstall_Joseph.job --a------ C:\Users\Joseph\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [12/15/2012 03:52 PM]

C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files (x86)\Spybot - Search Destroy 2\SDImmunize.exe []

C:\Windows\tasks\RunOW.job --a------ C:\Program Files (x86)\Overwolf\Overwolf.exe []

C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files (x86)\Spybot - Search Destroy 2\SDScan.exe []

C:\Windows\tasks\ScanToPCActivationApp.exe_{38EA9C5D-2B58-42F4-B6B6-91D0A9987756}.job --a------ C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [10/17/2012 04:29 AM]

C:\Windows\tasks\SidebarExecute.job --a------ C:\Program Files (x86)\Windows Sidebar\sidebar.exe [11/20/2010 11:25 PM]

C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [04/13/2012 02:11 AM]

C:\Windows\tasks\Toolbox.exe_{6A3F764B-5BCD-49E0-9F9D-32C79C346117}.job --a------ [Undetermined Task]

C:\Windows\tasks\Your File Updater.job --a------ C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\JavaUpdateSched" [%COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"]

"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\StickyNotes Updater" ["c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\updater.exe"]

"C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"[email protected]"="C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso" [11/29/2013 11:46 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default

- STCD4Control App4 Class - %ProfilePath%\extensions\{73805692-8E39-65F6-01DB-5CCC38A88084}

- BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

- F6 - %ProfilePath%\extensions\[email protected]

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default

555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks™ Chrome Background Extension Plug-In (32-bit)

E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer™ HTML5VideoShim Plug-In (32-bit)

35502F96B83C31E38AE4A9B8ED70A2D8 - C:\Windows\SysWoW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.30.255

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cnpkmcjgpcihgfnkcjapiaabbbplkcmf - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx[]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[08/16/2012 01:51 AM]

STCD4Control App4 Class - Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla

Google Wallet - Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Docs - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

FastAccess SSO - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\feocblgcojafilfbgoineopkngchgaei

RealPlayer HTML5Video Downloader Extension - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

Google Wallet - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf

Google Voice Search Hotword (Beta) - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

YouTube - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

ShopAtHome.com extension - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc

RealPlayer HTML5Video Downloader Extension - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

MyPoints Score - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mcglgmippekbdbmniknikdgkmnnpdnmh

Google Wallet - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences

"homepage": "http://www2.delta-se...9795&tsp=5013",

==== Chrome Fix ======================

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_finder.healthcare.gov_0.localstorage deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_finder.healthcare.gov_0.localstorage-journal deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_businessfinder.silive.com_0.localstorage deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_businessfinder.silive.com_0.localstorage-journal deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.goodsearch.com_0.localstorage deleted successfully

C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.goodsearch.com_0.localstorage-journal deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cnpkmcjgpcihgfnkcjapiaabbbplkcmf deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=11 folders=0 46234 bytes)

==== EOF on Mon 08/18/2014 at 17:10:25.83 ======================

#17
niksrule

Posted 18 August 2014 - 03:35 PM

Member

Topic Starter
Member
108 posts

i guess i had to do them separate for some reason here are the rest

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04

Ran by Joseph (administrator) on LAPTOP on 18-08-2014 17:12:43

Running from C:\Users\Joseph\Desktop

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(N-trig LLC) C:\Program Files\N-trig\DuoSense Control Apps\NtrigApplet.exe

(Google Inc.) C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

() C:\Users\Joseph\Desktop\zoek.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)

HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start

HKLM\...\Run: [NtrigApplet] => C:\Program Files\N-trig\DuoSense Control Apps\NtrigApplet.exe [2563072 2012-04-06] (N-trig LLC)

HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [FAStartup] => [X]

HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2013-11-23] (Sensible Vision )

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\Run: [Google Update] => C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-10] (Google Inc.)

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\Policies\Explorer: [Run] "C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\IEUpdate\systeminfo.exe"

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\MountPoints2: E - E:\INSTALL.EXE

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\MountPoints2: {212b299a-1506-11e2-bb50-88532ea780c2} - J:\MotoCastSetup.exe -a

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\MountPoints2: {4a9397fb-e108-11e1-808c-88532ea780c2} - E:\INSTALL.EXE

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\...\MountPoints2: {64d0b619-969c-11e2-ab55-88532ea780c2} - J:\MotoCastSetup.exe -a

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-11-04] (NVIDIA Corporation)

Lsa: [Notification Packages] scecli FAPassSync

Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk

ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeminfo.lnk

ShortcutTarget: systeminfo.lnk -> C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\IEUpdate\systeminfo.exe (No File)

ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll No File

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {DC4EB31B-3C4D-44EC-8596-7E43FAF98FB6}

SearchScopes: HKCU - Backup.Old.DefaultScope {DC4EB31B-3C4D-44EC-8596-7E43FAF98FB6}

SearchScopes: HKCU - {4870D2FD-3DDD-9C6C-2C68-4FCDAA6B9C87} URL =

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{34FE9ED5-F2BF-4C01-8F42-C757CA2A5069}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{36C8E8B8-1CC8-4597-9C69-8B7EE98575E9}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{62855964-58AD-46BA-86FB-8C817A09EFF9}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{7BFCE718-F079-4B6F-B5D2-1AB7ABB1BD5A}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{E2B7F749-406E-465F-A1EC-6258146A8ED8}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{F6B621F8-8C25-4CEB-B956-6463724EE277}: [NameServer]8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

FireFox:

========

FF ProfilePath: C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\Windows\system32\npDeployJava1.dll No File

FF Plugin-x32: @java.com/JavaPlugin,version=10.3.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll ( )

FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Joseph\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)

FF Extension: STCD4Control App4 Class - C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default\Extensions\{73805692-8E39-65F6-01DB-5CCC38A88084} [2014-08-02]

FF Extension: BitComet Video Downloader - C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2012-04-11]

FF Extension: F6 - C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\faq48ug3.default\Extensions\[email protected] [2012-04-16]

FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-16]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso

FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2013-11-29]

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-04-06]

Chrome:

=======

CHR HomePage:

CHR DefaultSearchProvider: name

CHR Extension: (STCD4Control App4 Class) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-02]

CHR Extension: (No Name) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\feocblgcojafilfbgoineopkngchgaei [2012-08-10]

CHR Extension: (Google Wallet) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)

S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-12-16] (CyberLink)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)

S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-09-22] (AVG Technologies)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-11] (DT Soft Ltd)

S3 FACAP; C:\Windows\System32\DRIVERS\facap.sys [38400 2012-09-03] (Windows ® Win 7 DDK provider)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)

R3 NtrigDigitizerUSBLowerFilter; C:\Windows\System32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys [13776 2010-08-16] (Windows ® Codename Longhorn DDK provider)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2011-11-04] (NVIDIA Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-18 17:10 - 2014-08-18 17:10 - 00059528 _____ () C:\Users\Joseph\Desktop\zoek-results.txt

2014-08-18 17:01 - 2014-08-18 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-08-18 16:58 - 2014-08-18 17:10 - 00059528 _____ () C:\zoek-results.log

2014-08-18 16:56 - 2014-08-18 17:10 - 00001093 _____ () C:\runcheck.txt

2014-08-18 16:54 - 2014-08-18 17:07 - 00000000 ____D () C:\zoek_backup

2014-08-18 16:54 - 2014-08-18 16:54 - 01288704 _____ () C:\Users\Joseph\Desktop\zoek.exe

2014-08-17 22:13 - 2014-08-17 22:13 - 00006452 _____ () C:\Users\Joseph\Desktop\AdwCleaner[S0].txt

2014-08-17 22:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-08-17 22:04 - 2014-08-17 22:04 - 00009382 _____ () C:\Users\Joseph\Desktop\JRT.txt

2014-08-17 21:56 - 2014-08-17 22:05 - 00000000 ____D () C:\AdwCleaner

2014-08-17 21:50 - 2014-08-17 21:50 - 01361671 _____ () C:\Users\Joseph\Desktop\adwcleaner_3.307.exe

2014-08-17 21:47 - 2014-08-17 21:47 - 00000000 ____D () C:\Windows\ERUNT

2014-08-17 21:46 - 2014-08-17 21:46 - 01016261 _____ (Thisisu) C:\Users\Joseph\Desktop\JRT.exe

2014-08-17 21:44 - 2014-08-17 21:44 - 00000085 _____ () C:\Windows\wininit.ini

2014-08-17 21:44 - 2014-08-17 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-08-16 19:17 - 2014-08-16 19:17 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-08-16 19:17 - 2014-08-16 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-16 19:16 - 2014-08-16 19:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-16 19:16 - 2014-08-16 19:17 - 00000000 ____D () C:\Program Files\iTunes

2014-08-16 19:16 - 2014-08-16 19:16 - 00000000 ____D () C:\Program Files\iPod

2014-08-16 18:21 - 2014-08-16 18:21 - 01132704 _____ (ESET spol. s r.o.) C:\Users\Joseph\Downloads\eset_av_remover.exe

2014-08-16 18:19 - 2014-08-16 18:19 - 00002495 _____ () C:\Users\Joseph\Downloads\FSS.txt

2014-08-16 18:19 - 2014-08-16 18:19 - 00002495 _____ () C:\Users\Joseph\Desktop\FSS.txt

2014-08-16 14:12 - 2014-08-16 14:12 - 00002148 _____ () C:\Users\Joseph\Desktop\aswMBR.txt

2014-08-16 14:12 - 2014-08-16 14:12 - 00000512 _____ () C:\Users\Joseph\Desktop\MBR.dat

2014-08-16 14:08 - 2014-08-18 17:13 - 00025157 _____ () C:\Users\Joseph\Desktop\FRST.txt

2014-08-16 14:08 - 2014-08-17 22:16 - 00043050 _____ () C:\Users\Joseph\Desktop\Addition.txt

2014-08-16 14:06 - 2014-08-16 18:26 - 00048990 _____ () C:\Users\Joseph\Downloads\Addition.txt

2014-08-16 14:05 - 2014-08-16 18:26 - 00063000 _____ () C:\Users\Joseph\Downloads\FRST.txt

2014-08-16 13:46 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-16 13:46 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-16 13:46 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-16 13:46 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-16 13:46 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-16 13:46 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-16 13:46 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-16 13:46 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-16 13:44 - 2014-08-18 17:12 - 00000000 ____D () C:\FRST

2014-08-16 13:44 - 2014-08-16 13:44 - 00000314 _____ () C:\Windows\Tasks\0614tUpdateInfo.job

2014-08-16 13:44 - 2014-08-16 13:44 - 00000000 ____D () C:\ProgramData\Avg_Update_0614t

2014-08-16 13:39 - 2014-08-16 14:09 - 00001374 _____ () C:\Users\Joseph\Desktop\aswMBR.exe - Shortcut.lnk

2014-08-16 13:38 - 2014-08-16 13:38 - 05185536 _____ (AVAST Software) C:\Users\Joseph\Downloads\aswMBR.exe

2014-08-16 13:37 - 2014-08-16 13:37 - 02101760 _____ (Farbar) C:\Users\Joseph\Desktop\FRST64.exe

2014-08-14 22:49 - 2014-08-14 22:49 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\TuneUp Software

2014-08-14 22:48 - 2014-08-16 18:23 - 00000000 ____D () C:\ProgramData\MFAData

2014-08-14 22:48 - 2014-08-14 22:48 - 00000000 ____D () C:\Users\Joseph\AppData\Local\MFAData

2014-08-14 21:04 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-14 21:04 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-14 21:04 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-14 21:04 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-14 21:04 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-14 21:04 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-14 21:04 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-14 21:04 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-14 21:04 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-14 21:04 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-14 21:04 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-14 21:04 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-14 21:04 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-14 21:04 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-14 21:04 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-14 21:04 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-14 21:04 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-14 21:04 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-14 21:04 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-14 21:04 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-14 21:04 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-14 21:04 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-14 21:04 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-14 21:04 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-14 21:04 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-14 21:04 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-14 21:04 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-14 21:04 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-14 21:04 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-14 21:04 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-14 21:04 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-14 21:04 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-14 21:04 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-14 21:04 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-14 21:04 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-14 21:04 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-14 21:04 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-14 21:04 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-14 21:04 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-14 21:04 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-14 21:04 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-14 21:04 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-08-14 21:04 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-14 21:04 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-14 21:04 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-14 21:04 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-14 21:04 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-14 21:04 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-14 21:04 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-14 21:04 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-14 21:04 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-14 21:04 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-14 21:04 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-14 21:04 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-14 21:04 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-14 21:04 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-14 21:04 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-14 21:04 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-14 21:04 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-08-14 21:04 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-08-14 21:04 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-14 21:04 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-14 21:04 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-14 21:04 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-14 21:04 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-14 21:04 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-14 21:04 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-14 21:04 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-14 21:03 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-14 21:03 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-14 21:03 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-08-14 21:03 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-08-13 21:22 - 2014-08-18 16:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-13 21:22 - 2014-08-13 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-13 21:22 - 2014-08-13 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-13 21:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-08-13 21:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-08-13 20:51 - 2014-08-17 22:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-08-13 20:51 - 2014-08-13 20:51 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2014-08-13 20:51 - 2014-08-13 20:51 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2014-08-13 20:51 - 2014-08-13 20:51 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2014-08-13 20:50 - 2014-08-13 20:37 - 00001385 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140813-205013.backup

2014-08-13 20:49 - 2014-08-13 20:50 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joseph\Downloads\spybot-2.4.exe

2014-08-13 19:47 - 2014-08-16 14:04 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Azbfworks

2014-08-02 22:21 - 2014-08-13 20:37 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt

2014-08-02 22:17 - 2014-08-16 13:57 - 00000000 ____D () C:\Users\Joseph\AppData\Local\ARDworks

2014-08-02 15:30 - 2014-08-02 15:30 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Microsoft Help

2014-08-02 15:30 - 2014-08-02 15:30 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-01 17:18 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-08-01 17:18 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-08-01 17:18 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-08-01 17:18 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-08-01 17:18 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-08-01 17:18 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-08-01 17:18 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-08-01 17:18 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-08-01 17:18 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-08-01 17:18 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-08-01 17:18 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-08-01 17:18 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-08-01 17:18 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-08-01 17:18 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-07-31 18:11 - 2014-07-31 18:11 - 00013705 _____ () C:\Users\Joseph\Desktop\wedding list of girls (2) - Shortcut.lnk

2014-07-31 18:11 - 2014-07-31 18:11 - 00013653 _____ () C:\Users\Joseph\Desktop\wedding list of girls - Shortcut.lnk

2014-07-19 20:54 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-19 20:54 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-19 20:54 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-18 17:13 - 2014-08-16 14:08 - 00025157 _____ () C:\Users\Joseph\Desktop\FRST.txt

2014-08-18 17:12 - 2014-08-16 13:44 - 00000000 ____D () C:\FRST

2014-08-18 17:10 - 2014-08-18 17:10 - 00059528 _____ () C:\Users\Joseph\Desktop\zoek-results.txt

2014-08-18 17:10 - 2014-08-18 16:58 - 00059528 _____ () C:\zoek-results.log

2014-08-18 17:10 - 2014-08-18 16:56 - 00001093 _____ () C:\runcheck.txt

2014-08-18 17:07 - 2014-08-18 16:54 - 00000000 ____D () C:\zoek_backup

2014-08-18 17:03 - 2012-04-06 05:13 - 01823612 _____ () C:\Windows\WindowsUpdate.log

2014-08-18 17:01 - 2014-08-18 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-08-18 17:01 - 2012-04-26 23:11 - 00000506 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-08-18 16:56 - 2012-04-06 05:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-18 16:54 - 2014-08-18 16:54 - 01288704 _____ () C:\Users\Joseph\Desktop\zoek.exe

2014-08-18 16:53 - 2014-08-13 21:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-17 22:19 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-17 22:19 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-17 22:17 - 2009-07-14 01:13 - 00006506 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-17 22:16 - 2014-08-16 14:08 - 00043050 _____ () C:\Users\Joseph\Desktop\Addition.txt

2014-08-17 22:13 - 2014-08-17 22:13 - 00006452 _____ () C:\Users\Joseph\Desktop\AdwCleaner[S0].txt

2014-08-17 22:13 - 2013-11-03 14:01 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-08-17 22:12 - 2012-04-06 05:45 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-08-17 22:11 - 2014-08-13 20:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-08-17 22:11 - 2012-04-06 07:07 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-17 22:11 - 2010-11-20 23:47 - 00349032 _____ () C:\Windows\PFRO.log

2014-08-17 22:11 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-17 22:11 - 2009-07-14 00:51 - 00144458 _____ () C:\Windows\setupact.log

2014-08-17 22:05 - 2014-08-17 21:56 - 00000000 ____D () C:\AdwCleaner

2014-08-17 22:04 - 2014-08-17 22:04 - 00009382 _____ () C:\Users\Joseph\Desktop\JRT.txt

2014-08-17 21:50 - 2014-08-17 21:50 - 01361671 _____ () C:\Users\Joseph\Desktop\adwcleaner_3.307.exe

2014-08-17 21:47 - 2014-08-17 21:47 - 00000000 ____D () C:\Windows\ERUNT

2014-08-17 21:46 - 2014-08-17 21:46 - 01016261 _____ (Thisisu) C:\Users\Joseph\Desktop\JRT.exe

2014-08-17 21:44 - 2014-08-17 21:44 - 00000085 _____ () C:\Windows\wininit.ini

2014-08-17 21:44 - 2014-08-17 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-08-17 21:44 - 2012-08-15 21:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-08-17 21:43 - 2012-08-04 01:42 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\vlc

2014-08-17 16:32 - 2012-04-11 20:03 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2014-08-17 16:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-08-17 16:00 - 2012-04-26 23:11 - 00003530 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-08-17 16:00 - 2012-04-26 23:11 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher

2014-08-16 21:46 - 2012-04-06 05:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-08-16 21:46 - 2012-04-06 05:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-16 21:46 - 2012-04-06 05:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-08-16 19:18 - 2012-04-26 23:11 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-08-16 19:17 - 2014-08-16 19:17 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-08-16 19:17 - 2014-08-16 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-16 19:17 - 2014-08-16 19:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-16 19:17 - 2014-08-16 19:16 - 00000000 ____D () C:\Program Files\iTunes

2014-08-16 19:17 - 2013-02-26 19:38 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-08-16 19:16 - 2014-08-16 19:16 - 00000000 ____D () C:\Program Files\iPod

2014-08-16 18:34 - 2012-04-26 23:11 - 00004264 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2014-08-16 18:26 - 2014-08-16 14:06 - 00048990 _____ () C:\Users\Joseph\Downloads\Addition.txt

2014-08-16 18:26 - 2014-08-16 14:05 - 00063000 _____ () C:\Users\Joseph\Downloads\FRST.txt

2014-08-16 18:23 - 2014-08-14 22:48 - 00000000 ____D () C:\ProgramData\MFAData

2014-08-16 18:21 - 2014-08-16 18:21 - 01132704 _____ (ESET spol. s r.o.) C:\Users\Joseph\Downloads\eset_av_remover.exe

2014-08-16 18:19 - 2014-08-16 18:19 - 00002495 _____ () C:\Users\Joseph\Downloads\FSS.txt

2014-08-16 18:19 - 2014-08-16 18:19 - 00002495 _____ () C:\Users\Joseph\Desktop\FSS.txt

2014-08-16 14:12 - 2014-08-16 14:12 - 00002148 _____ () C:\Users\Joseph\Desktop\aswMBR.txt

2014-08-16 14:12 - 2014-08-16 14:12 - 00000512 _____ () C:\Users\Joseph\Desktop\MBR.dat

2014-08-16 14:09 - 2014-08-16 13:39 - 00001374 _____ () C:\Users\Joseph\Desktop\aswMBR.exe - Shortcut.lnk

2014-08-16 14:08 - 2012-08-10 21:49 - 00002371 _____ () C:\Users\Joseph\Desktop\Google Chrome.lnk

2014-08-16 14:04 - 2014-08-13 19:47 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Azbfworks

2014-08-16 13:58 - 2009-07-14 00:45 - 04877928 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-16 13:57 - 2014-08-02 22:17 - 00000000 ____D () C:\Users\Joseph\AppData\Local\ARDworks

2014-08-16 13:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-08-16 13:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-08-16 13:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-16 13:46 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-08-16 13:44 - 2014-08-16 13:44 - 00000314 _____ () C:\Windows\Tasks\0614tUpdateInfo.job

2014-08-16 13:44 - 2014-08-16 13:44 - 00000000 ____D () C:\ProgramData\Avg_Update_0614t

2014-08-16 13:38 - 2014-08-16 13:38 - 05185536 _____ (AVAST Software) C:\Users\Joseph\Downloads\aswMBR.exe

2014-08-16 13:37 - 2014-08-16 13:37 - 02101760 _____ (Farbar) C:\Users\Joseph\Desktop\FRST64.exe

2014-08-14 22:49 - 2014-08-14 22:49 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\TuneUp Software

2014-08-14 22:48 - 2014-08-14 22:48 - 00000000 ____D () C:\Users\Joseph\AppData\Local\MFAData

2014-08-14 22:42 - 2012-04-12 16:08 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Nero

2014-08-13 21:29 - 2012-04-11 11:23 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\BitComet

2014-08-13 21:22 - 2014-08-13 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-13 21:22 - 2014-08-13 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-13 21:22 - 2012-09-03 12:40 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-13 21:22 - 2012-09-03 12:40 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Malwarebytes

2014-08-13 21:22 - 2012-09-03 12:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-13 21:22 - 2012-09-03 12:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-08-13 20:51 - 2014-08-13 20:51 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2014-08-13 20:51 - 2014-08-13 20:51 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2014-08-13 20:51 - 2014-08-13 20:51 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2014-08-13 20:51 - 2012-08-15 21:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy

2014-08-13 20:50 - 2014-08-13 20:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joseph\Downloads\spybot-2.4.exe

2014-08-13 20:46 - 2012-04-11 23:22 - 00000000 ____D () C:\Users\Joseph\.nbi

2014-08-13 20:46 - 2012-04-11 23:22 - 00000000 ____D () C:\Program Files (x86)\NetBeans 7.1.1

2014-08-13 20:37 - 2014-08-13 20:50 - 00001385 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140813-205013.backup

2014-08-13 20:37 - 2014-08-02 22:21 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt

2014-08-13 20:37 - 2009-07-13 22:34 - 00001385 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140813-205504.backup

2014-08-13 20:37 - 2009-07-13 22:34 - 00001385 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140813-204956.backup

2014-08-13 20:36 - 2012-04-06 06:06 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-08-06 22:06 - 2014-08-14 21:03 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-06 22:01 - 2014-08-14 21:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-02 22:18 - 2012-04-30 23:10 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\SoftGrid Client

2014-08-02 21:20 - 2012-08-16 01:52 - 00000300 _____ () C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1134877362-3312589417-341762073-1001.job

2014-08-02 20:51 - 2012-04-11 10:44 - 00075248 _____ () C:\Users\Joseph\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-02 15:30 - 2014-08-02 15:30 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Microsoft Help

2014-08-02 15:30 - 2014-08-02 15:30 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-31 19:41 - 2014-08-14 21:04 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-31 19:16 - 2014-08-14 21:04 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-31 18:11 - 2014-07-31 18:11 - 00013705 _____ () C:\Users\Joseph\Desktop\wedding list of girls (2) - Shortcut.lnk

2014-07-31 18:11 - 2014-07-31 18:11 - 00013653 _____ () C:\Users\Joseph\Desktop\wedding list of girls - Shortcut.lnk

2014-07-31 17:55 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-31 17:55 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-31 17:55 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-31 09:43 - 2013-03-13 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-26 16:18 - 2012-04-06 06:06 - 00000000 ____D () C:\Program Files\Common Files\mcafee

2014-07-25 10:52 - 2014-08-14 21:04 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-25 10:02 - 2014-08-14 21:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-25 10:01 - 2014-08-14 21:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-25 09:51 - 2014-08-14 21:04 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-25 09:30 - 2014-08-14 21:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-25 09:28 - 2014-08-14 21:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-25 09:28 - 2014-08-14 21:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-25 09:25 - 2014-08-14 21:04 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-25 09:25 - 2014-08-14 21:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-25 09:11 - 2014-08-14 21:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-25 09:10 - 2014-08-14 21:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-25 09:04 - 2014-08-14 21:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-25 09:03 - 2014-08-14 21:04 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-25 09:00 - 2014-08-14 21:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-25 09:00 - 2014-08-14 21:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-25 08:59 - 2014-08-14 21:04 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-25 08:47 - 2014-08-14 21:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-25 08:40 - 2014-08-14 21:04 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-25 08:34 - 2014-08-14 21:04 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-25 08:34 - 2014-08-14 21:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-25 08:33 - 2014-08-14 21:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-25 08:30 - 2014-08-14 21:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-25 08:28 - 2014-08-14 21:04 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-25 08:28 - 2014-08-14 21:04 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-25 08:21 - 2014-08-14 21:04 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-25 08:19 - 2014-08-14 21:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-25 08:18 - 2014-08-14 21:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-25 08:17 - 2014-08-14 21:04 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-25 08:17 - 2014-08-14 21:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-25 08:12 - 2014-08-14 21:04 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-25 08:10 - 2014-08-14 21:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-25 08:10 - 2014-08-14 21:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-25 08:08 - 2014-08-14 21:04 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-25 08:06 - 2014-08-14 21:04 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-25 07:52 - 2014-08-14 21:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-25 07:47 - 2014-08-14 21:04 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-25 07:43 - 2014-08-14 21:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-25 07:42 - 2014-08-14 21:04 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-25 07:39 - 2014-08-14 21:04 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-25 07:39 - 2014-08-14 21:04 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-25 07:36 - 2014-08-14 21:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-25 07:34 - 2014-08-14 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-25 07:29 - 2014-08-14 21:04 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-25 07:23 - 2014-08-14 21:04 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-25 07:13 - 2014-08-14 21:04 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-25 07:07 - 2014-08-14 21:04 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-25 07:07 - 2014-08-14 21:04 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-25 07:03 - 2014-08-14 21:04 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-25 06:52 - 2014-08-14 21:04 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-25 06:26 - 2014-08-14 21:04 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-25 06:17 - 2014-08-14 21:04 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-25 06:09 - 2014-08-14 21:04 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-25 06:05 - 2014-08-14 21:04 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-25 06:00 - 2014-08-14 21:04 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Some content of TEMP:

====================

C:\Users\Joseph\AppData\Local\Temp\7za.exe

C:\Users\Joseph\AppData\Local\Temp\FAInstallV4.001.199.Dell.exe

C:\Users\Joseph\AppData\Local\Temp\hijackthis.exe

C:\Users\Joseph\AppData\Local\Temp\NirCmd.exe

C:\Users\Joseph\AppData\Local\Temp\PEVZ.EXE

C:\Users\Joseph\AppData\Local\Temp\Quarantine.exe

C:\Users\Joseph\AppData\Local\Temp\remove.exe

C:\Users\Joseph\AppData\Local\Temp\sed.exe

C:\Users\Joseph\AppData\Local\Temp\shortcut.exe

C:\Users\Joseph\AppData\Local\Temp\swreg.exe

C:\Users\Joseph\AppData\Local\Temp\swxcacls.exe

C:\Users\Joseph\AppData\Local\Temp\virustotal.exe

C:\Users\Joseph\AppData\Local\Temp\wget.exe

C:\Users\Joseph\AppData\Local\Temp\zoek-delete.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-17 16:25

==================== End Of Log ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04

Ran by Joseph at 2014-08-18 17:13:31

Running from C:\Users\Joseph\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)

Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)

BitComet 1.35 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.35 - CometNetwork)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )

Catalina Savings Printer (HKLM-x32\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

Cooking Academy (HKLM-x32\...\Cooking Academy) (Version: 32.0.0.0 - Shockwave.com)

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)

CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.)

CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.4827 - CyberLink Corp.) Hidden

CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.2615 - CyberLink Corp.)

CyberLink YouPaint (x32 Version: 1.2.2615 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)

Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)

Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)

Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.39 - Dell Inc.)

Dell Support Center (Version: 3.1.5907.39 - PC-Doctor, Inc.) Hidden

Dell Touch Software Suite Games (HKLM-x32\...\{6FB3428E-23AA-4CA1-BA9D-E6D5F3F692E4}) (Version: 1.5.133.0 - Fingertapps)

Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)

Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.46 - Creative Technology Ltd)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

DivX 4.12 Codec (HKLM-x32\...\DivXCodec) (Version: - )

eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

Face Recognition (HKLM\...\{9EBC07E3-0BE4-4256-A06C-CEB998399705}) (Version: 4.1.163.1 - Sensible Vision)

ffdshow x64 v1.3.4515 [2013-06-12] (HKLM\...\ffdshow64_is1) (Version: 1.3.4515.0 - )

GmoteServer (HKLM-x32\...\DDA23392-9C73-4909-A221-BC12C6D2664D) (Version: 2.0.2 - Gmote.org)

Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )

Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION

GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)

HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{13BE337F-9557-416D-A696-F91A6807B170}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)

HP Officejet Pro 8500 A910 Product Improvement Study (HKLM\...\{24E45339-C750-4EAE-8241-BA25A7DABBDD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

Intel PROSet Wireless (Version: - ) Hidden

Intel PROSet Wireless (x32 Version: - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)

iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)

Java Auto Updater (x32 Version: 2.1.5.1 - Sun Microsystems, Inc.) Hidden

Java™ 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)

Java™ 7 Update 3 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217003FF}) (Version: 7.0.30 - Oracle)

Java™ SE Development Kit 7 Update 3 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle)

JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)

JavaFX 2.0.3 SDK (HKLM-x32\...\{2222706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 16.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mystery of Mortlake Mansion 1.00 (HKLM-x32\...\Mystery of Mortlake Mansion 1.00) (Version: - )

Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden

Nero Blu-ray Player (x32 Version: 12.0.20012 - Nero AG) Hidden

Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden

Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden

N-trig DuoSense Multi-touch package for Windows 7 (HKLM-x32\...\{18C71DD4-0147-4318-8689-AE836278FBFE}) (Version: 6.31.00 - N-trig)

NVIDIA 3D Vision Driver 285.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.77 - NVIDIA Corporation)

NVIDIA Control Panel 285.77 (Version: 285.77 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 285.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.77 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.48.261 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.5.21 (Version: 1.5.21 - NVIDIA Corporation) Hidden

NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.8577 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.5.21 - NVIDIA Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2064 - Electronic Arts, Inc.)

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden

Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden

Roxio Burn (x32 Version: 1.8 - Roxio) Hidden

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden

Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden

Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)

Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

StickyNotes (HKLM-x32\...\{B0789AE7-70D4-454A-90D1-5BA5728E254A}) (Version: 1.5.135.0 - Dell)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)

SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden

The Rosetta Stone (HKLM-x32\...\The Rosetta Stone) (Version: - )

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.21.123 - Electronic Arts)

The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)

The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - )

Top Chef (HKLM-x32\...\Top Chef) (Version: 32.0.0.0 - Shockwave.com)

TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)

TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)

Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version: - )

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1134877362-3312589417-341762073-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1134877362-3312589417-341762073-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1134877362-3312589417-341762073-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1134877362-3312589417-341762073-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joseph\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

25-07-2014 23:10:29 Windows Update

30-07-2014 01:32:15 Windows Update

31-07-2014 13:41:06 Windows Update

01-08-2014 21:18:21 Windows Update

08-08-2014 16:07:40 Windows Update

15-08-2014 00:54:53 Windows Update

16-08-2014 17:46:14 Windows Update

16-08-2014 22:21:52 Removed AVG 2014

16-08-2014 22:22:50 Removed AVG 2014

18-08-2014 20:58:36 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-13 20:37 - 00001385 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

5.45.77.82 www.google-analytics.com.

5.45.77.82 google-analytics.com.

5.45.77.82 connect.facebook.net.

193.107.16.138 www.google-analytics.com.

193.107.16.138 google-analytics.com.

193.107.16.138 connect.facebook.net.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1A461BD1-AB17-49A0-AB80-C375FDE16535} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {30189E31-15E0-4B8E-AC60-85621CF0DDC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16] (Adobe Systems Incorporated)

Task: {3323E7E0-25D6-48BA-90EA-64C402CBA8B6} - System32\Tasks\JavaUpdateSched => %COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe

Task: {513288DB-CC34-4CFF-B6AE-49BAB1BC1515} - System32\Tasks\StickyNotes Updater => c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\updater.exe [2011-03-18] (Caphyon LTD)

Task: {80323949-D3AE-455C-A323-570D9F4E757F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-04-13] (PC-Doctor, Inc.)

Task: {B7561479-B35C-4BB3-91F5-379873CF325D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-04-13] (PC-Doctor, Inc.)

Task: {CE9829CB-79D6-470C-A63B-98A426FEEB85} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-04-13] (PC-Doctor, Inc.)

Task: C:\Windows\Tasks\0614tUpdateInfo.job => C:\ProgramData\Avg_Update_0614t\0614t_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\Ad-Aware Update (Daily 1).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Task: C:\Windows\Tasks\Ad-Aware Update (Daily 2).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Task: C:\Windows\Tasks\Ad-Aware Update (Daily 3).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Task: C:\Windows\Tasks\Ad-Aware Update (Daily 4).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: C:\Windows\Tasks\FaxApplications.exe_{19DEDDF1-DAB2-487A-8266-DEEB500E3E25}.job => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\FaxApplications.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1134877362-3312589417-341762073-1001Core1cf8f1b408d5f18.job => C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HP Officejet Pro 8500 A910.exe_{C7D08713-E261-48B4-8982-075AE919F6A0}.job => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HP Officejet Pro 8500 A910.exe

Task: C:\Windows\Tasks\HPCustPartic.exe_{4DDE9E9D-1556-48C5-9C69-B528590AEEFD}.job => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe

Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe

Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1134877362-3312589417-341762073-1001.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe

Task: C:\Windows\Tasks\ReclaimerResumeInstall_Joseph.job => C:\Users\Joseph\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe

Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\RunOW.job => C:\Program Files (x86)\Overwolf\Overwolf.exe

Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{38EA9C5D-2B58-42F4-B6B6-91D0A9987756}.job => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe

Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files (x86)\Windows Sidebar\sidebar.exe

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

Task: C:\Windows\Tasks\Toolbox.exe_{6A3F764B-5BCD-49E0-9F9D-32C79C346117}.job => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\Toolbox.exe

Task: C:\Windows\Tasks\Your File Updater.job => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-11-01 13:58 - 2011-11-01 13:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2012-04-11 21:13 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll

2012-04-06 06:39 - 2011-07-20 09:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-02-01 12:50 - 2012-02-01 12:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

2012-04-06 05:45 - 2012-01-26 22:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2014-08-18 16:54 - 2014-08-18 16:54 - 01288704 _____ () C:\Users\Joseph\Desktop\zoek.exe

2013-11-23 23:13 - 2013-11-23 23:13 - 00094000 _____ () C:\Windows\system32\FAIEExtension.DLL

2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

2014-08-16 14:08 - 2014-08-06 23:20 - 00718152 _____ () C:\Users\Joseph\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-16 14:08 - 2014-08-06 23:20 - 00126280 _____ () C:\Users\Joseph\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-16 14:08 - 2014-08-06 23:20 - 08537928 _____ () C:\Users\Joseph\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-16 14:08 - 2014-08-06 23:20 - 00353096 _____ () C:\Users\Joseph\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-16 14:08 - 2014-08-06 23:20 - 01732936 _____ () C:\Users\Joseph\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\Software\Classes\.exe: exefile => <===== ATTENTION!

HKU\S-1-5-21-1134877362-3312589417-341762073-1001\Software\Classes\exefile: <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: eventlog => 2

MSCONFIG\Services: Wecsvc => 3

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MSCONFIG\startupreg: Google Update => "C:\Users\Joseph\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: googletalk => C:\Users\Joseph\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: IntelPAN => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray

MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

MSCONFIG\startupreg: PDVD9LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime

MSCONFIG\startupreg: RemoteControl9 => "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

MSCONFIG\startupreg: StickyNotesWidget => "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe" "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\start.umj"

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture

Description: facap, FastAccess Video Capture

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Sensible Vision

Service: facap

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (08/18/2014 04:52:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 66601600

Error: (08/18/2014 04:52:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 66601600

Error: (08/18/2014 04:52:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2014 04:52:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 66600586

Error: (08/18/2014 04:52:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 66600586

Error: (08/18/2014 04:52:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2014 04:52:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 66598730

Error: (08/18/2014 04:52:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 66598730

Error: (08/18/2014 04:52:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2014 04:52:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 66595641

System errors:

=============

Error: (08/18/2014 05:01:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/18/2014 05:01:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/18/2014 05:01:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/18/2014 05:01:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/18/2014 05:01:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/17/2014 10:14:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (08/17/2014 10:13:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

Error: (08/17/2014 10:12:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/17/2014 10:12:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/17/2014 10:09:10 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:

=========================