Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Potential Virus [Solved]


  • This topic is locked This topic is locked

#1
nancy32986

nancy32986

    Member

  • Member
  • PipPip
  • 55 posts

Hi, 

 

I'm not sure if I have a virus or not but I received the below email from Google App:

 

The following is an automated security notification from Google about your domain accounts.

It has come to our attention that some of your user accounts might have been compromised and are being used to send spam from your domain: XXXXXXXXXXX

The following users in your Google Apps domain appear to be affected:

 

X[email protected]

We have disabled the users in a way that they can be recovered by the admin. Please follow the actions below before you re-enable these users.

ACTIONS REQUIRED

 

1. To reset the user’s password, follow the steps in this Help Center article:http://www.google.co...en&answer=33319

Inform the user of their new temporary password, and ask them to set a new password (it should not be a password used with any other sites).  

 

2. To help check whether their account might have been compromised, advise users to:

  • Check for filters and forwarding rules so that email is not being forwarded to suspect addresses.
  • Check to make sure their signature has not been changed.

 

BEST PRACTICES FOR SECURITY

 

As an administrator, you may also consider implementing additional security features for your Google Apps domain:

 

1. Enrolling your domain in 2-step verification, which offers an additional layer of user authentication:http://www.google.co...n&answer=175197

2. Completing the Gmail Security Checklist:https://support.goog...st.cs&tab=29488

Additional Information about the activity of affected user accounts can be obtained by using the Audit API:http://code.google.c...e_protocol.html

 

Sincerely,

The Google Apps Team


  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi Nancy,

 

Uggh...I dislike these emails and I'm sure you do too! Although the email "could" be legitimate, I don't think it is. However, with out the exact email, I can't tell you. So, assume it is legitimate and as it suggests, change your Google App password, but not by following the links in the email, rather, you navigage to the appropriate website/app/location and reset your password yourself. Then, I'd be happy to check your computer for you. To do so, please follwo the instruction below and post the logs. I will assess the logs and return with either a plan to remove malware if malware is evident. Or, I will send you on your way with a clean bill of health.

 

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

 


  • 0

#3
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by UpShot Desktop (administrator) on UPSHOTPC on 20-08-2014 10:48:40
Running from C:\Users\UpShot Desktop\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(FedEx Corporation) C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.LoggingService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\FedEx\ShipManager\SQLAnywhere\Bin32\dbsrv11.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(PJLM Software Inc.) C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clhlp64.exe
(KYOCERA MITA CORPORATION) C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe
(KYOCERA MITA Corporation) C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHCA.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Panasonic System Networks Co., Ltd.) C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe
(KYOCERA MITA Corporation) C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(PJLM Software Inc.) C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clint.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(APN LLC.) C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-04] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-06] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-10-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)
HKLM-x32\...\Run: [PrintAudit6] => C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clint.exe [1546616 2014-01-09] (PJLM Software Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [SkyDrive] => C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-07] (Microsoft Corporation)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHCA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"
HKU\S-1-5-21-3452355537-503043710-2882785224-1000\...\RunOnce: [Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Panasonic Communications Utility.lnk
ShortcutTarget: Panasonic Communications Utility.lnk -> C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe (Panasonic System Networks Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner File Utility.lnk
ShortcutTarget: Scanner File Utility.lnk -> C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe (KYOCERA MITA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\UpShot Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D0ABE37A-FB93-457E-B35F-0883E1609C40} URL = http://websearch.ask...21-98B38381C823
BHO: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avery Toolbar - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Avery Toolbar - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.10.1
Tcpip\..\Interfaces\{6ACD9FD1-1254-46C3-B3C3-A1C698310948}: [NameServer]10.1.10.1,192.168.1.1
 
FireFox:
========
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-02-26]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-02-27]
CHR Extension: (Google Wallet) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\UPSHOT~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [aaaaigmelgfmkfjicbbgbkcbagedejhj] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-09-05]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 FedExAdminService; C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminService.exe [24576 2013-07-24] () [File not signed]
R2 FedExLoggingService; C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.LoggingService.exe [7168 2013-07-24] (FedEx Corporation) [File not signed]
R2 FedExShipnetDBService; C:\Program Files (x86)\FedEx\ShipManager\SQLAnywhere\Bin32\dbsrv11.exe [141176 2013-07-24] (iAnywhere Solutions, Inc.)
S3 FedExShipService; C:\Program Files (x86)\FedEx\ShipManager\BIN\ShipEngineService.exe [5120 2013-07-24] (FedEx Corporation) [File not signed]
S3 FedExTransactionService; C:\Program Files (x86)\FedEx\ShipManager\BIN\TransEngineService.exe [6656 2013-07-24] (FedEx Corporation) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-18] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-18] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 PA6ClientHelper; C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clhlp64.exe [389496 2014-01-09] (PJLM Software Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 SFUSVC; C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe [61440 2003-09-16] (KYOCERA MITA CORPORATION) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-20 10:48 - 2014-08-20 10:48 - 02101760 _____ (Farbar) C:\Users\UpShot Desktop\Downloads\FRST64.exe
2014-08-20 10:48 - 2014-08-20 10:48 - 00032324 _____ () C:\Users\UpShot Desktop\Downloads\FRST.txt
2014-08-20 10:48 - 2014-08-20 10:48 - 00000000 ____D () C:\FRST
2014-08-18 14:32 - 2014-08-18 14:32 - 01035696 _____ (Ask.com) C:\Users\UpShot Desktop\Downloads\OffercastInstaller_AVR_U-0027-01-L_.exe
2014-08-18 14:32 - 2014-08-18 14:32 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\VNT
2014-08-18 14:32 - 2014-08-18 14:32 - 00000000 ____D () C:\Program Files (x86)\VNT
2014-08-18 14:32 - 2014-03-05 17:31 - 00509872 _____ (Ask Partner Network) C:\Users\UpShot Desktop\Documents\APNSetup1.exe
2014-08-18 13:17 - 2014-08-18 13:17 - 00006144 _____ () C:\Users\UpShot Desktop\Downloads\Survey_Gizmo_report (1).xls
2014-08-16 03:00 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 03:00 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 03:00 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 03:00 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 03:00 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 03:00 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 03:00 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 03:00 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 12:56 - 2014-08-15 12:56 - 00008204 _____ () C:\Users\UpShot Desktop\Downloads\Motion_to_Sell_Assets_USPS_Forward_.xlsx
2014-08-15 11:27 - 2014-07-31 17:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 11:27 - 2014-07-31 17:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 11:27 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 11:27 - 2014-07-25 08:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 11:27 - 2014-07-25 08:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 11:27 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 11:27 - 2014-07-25 07:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 11:27 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 11:27 - 2014-07-25 07:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 11:27 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 11:27 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 11:27 - 2014-07-25 07:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 11:27 - 2014-07-25 07:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 11:27 - 2014-07-25 07:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 11:27 - 2014-07-25 07:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 11:27 - 2014-07-25 07:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 11:27 - 2014-07-25 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 11:27 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 11:27 - 2014-07-25 06:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 11:27 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 11:27 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 11:27 - 2014-07-25 06:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 11:27 - 2014-07-25 06:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 11:27 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 11:27 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 11:27 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 11:27 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 11:27 - 2014-07-25 06:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 11:27 - 2014-07-25 06:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 11:27 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 11:27 - 2014-07-25 06:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 11:27 - 2014-07-25 06:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 11:27 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 11:27 - 2014-07-25 06:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 11:27 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 11:27 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 11:27 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 11:27 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 11:27 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 11:27 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 11:27 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 11:27 - 2014-07-25 05:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 11:27 - 2014-07-25 05:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 11:27 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 11:27 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 11:27 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 11:27 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 11:27 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 11:27 - 2014-07-25 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 11:27 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 11:27 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 11:27 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 11:27 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 11:27 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 11:27 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 11:27 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 11:27 - 2014-07-15 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 11:27 - 2014-07-15 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 11:27 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 11:27 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 11:27 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 11:27 - 2014-06-03 04:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 11:27 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 11:27 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 11:27 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 11:27 - 2014-06-03 03:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 11:27 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 11:27 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 11:26 - 2014-08-06 20:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 11:26 - 2014-08-06 20:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 11:26 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 11:26 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 11:24 - 2014-08-15 11:24 - 00008800 _____ () C:\Users\UpShot Desktop\Downloads\Notice_of_Commencement_USPS_Forward_ (1).xlsx
2014-08-15 11:19 - 2014-08-15 11:19 - 00051967 _____ () C:\Users\UpShot Desktop\Downloads\Motion_to_Sell_Assets.xlsx
2014-08-15 09:55 - 2014-08-15 09:55 - 138479285 _____ () C:\Users\UpShot Desktop\Downloads\ExhibitA-8-14.zip
2014-08-15 09:53 - 2014-08-15 09:53 - 00010369 _____ () C:\Users\UpShot Desktop\Downloads\Saab Seventh Omni - Exhibit List.xlsx
2014-08-15 09:26 - 2014-08-15 09:26 - 00028492 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (23).xls
2014-08-13 14:44 - 2014-08-13 14:44 - 00005120 _____ () C:\Users\UpShot Desktop\Downloads\Survey_Gizmo_report.xls
2014-08-12 13:22 - 2014-08-12 13:22 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files\iTunes
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files\iPod
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-12 13:19 - 2014-08-12 13:19 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-12 13:19 - 2014-08-12 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-12 13:19 - 2014-08-12 13:19 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-08 13:38 - 2014-08-08 13:38 - 00010326 _____ () C:\Users\UpShot Desktop\Downloads\Notice_of_Commencement_USPS_Forward_.xlsx
2014-08-08 11:05 - 2014-08-08 11:05 - 00025487 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (22).xls
2014-08-07 13:46 - 2014-08-07 13:46 - 00027749 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (21).xls
2014-08-06 12:37 - 2014-08-06 12:37 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{4F65489C-F192-4464-B0D7-5CA2DD7A5368}
2014-08-06 12:25 - 2014-08-06 12:44 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Travis + Friends
2014-08-06 12:24 - 2014-08-06 12:50 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Couples
2014-08-06 12:24 - 2014-08-06 12:33 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Pre-Travis
2014-08-06 11:17 - 2014-08-06 11:17 - 00029718 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (20).xls
2014-08-05 10:42 - 2014-08-05 10:42 - 00030637 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (19).xls
2014-08-01 10:42 - 2014-08-01 10:42 - 00029072 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (18).xls
2014-07-31 10:59 - 2014-07-31 10:59 - 00025027 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (17).xls
2014-07-30 19:09 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-30 19:09 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-30 19:09 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-30 19:09 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-30 19:09 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-30 19:09 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-30 19:09 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-30 19:09 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-30 19:09 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-30 19:09 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-30 19:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-30 19:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-30 19:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 19:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 11:02 - 2014-07-30 11:02 - 00022985 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (16).xls
2014-07-29 13:13 - 2014-08-06 10:27 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\Windows Live
2014-07-29 13:13 - 2014-07-29 13:13 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{563009D6-6CBB-4C40-BC1E-C4127DF85FF6}
2014-07-29 13:12 - 2014-07-29 13:12 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{559F3CFA-35F3-4977-AC5E-FE108ACF94E6}
2014-07-29 09:38 - 2014-07-29 09:38 - 00033860 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (15).xls
2014-07-28 12:56 - 2014-07-28 12:57 - 05981830 _____ (Tim Kosse) C:\Users\UpShot Desktop\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-23 14:14 - 2014-07-23 14:14 - 00008180 _____ () C:\Users\UpShot Desktop\Downloads\Sixth_Omnibus_Objection_to_Affected_Parties_USPS_forward_.xlsx
2014-07-23 14:06 - 2014-07-23 14:06 - 00008172 _____ () C:\Users\UpShot Desktop\Downloads\Fifth_Omnibus_Objection_to_Affected_Parties_USPS_forward_.xlsx
2014-07-23 10:24 - 2014-07-23 10:24 - 00015709 _____ () C:\Users\UpShot Desktop\Downloads\NameExport072314092347.xlsx
2014-07-21 13:45 - 2014-07-21 13:45 - 00008035 _____ () C:\Users\UpShot Desktop\Downloads\Sixth_Omnibus_Objection_to_Affected_Party_USPS_forward_.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-20 10:48 - 2014-08-20 10:48 - 02101760 _____ (Farbar) C:\Users\UpShot Desktop\Downloads\FRST64.exe
2014-08-20 10:48 - 2014-08-20 10:48 - 00032324 _____ () C:\Users\UpShot Desktop\Downloads\FRST.txt
2014-08-20 10:48 - 2014-08-20 10:48 - 00000000 ____D () C:\FRST
2014-08-20 10:40 - 2012-10-15 08:34 - 00000000 ____D () C:\Users\UpShot Desktop\Documents\Outlook Files
2014-08-20 10:35 - 2013-02-25 14:26 - 00000000 ___RD () C:\Users\UpShot Desktop\SkyDrive
2014-08-20 10:35 - 2012-11-08 12:12 - 00000031 _____ () C:\dev.ini
2014-08-20 10:35 - 2012-10-25 10:45 - 00000000 ___RD () C:\Users\UpShot Desktop\Google Drive
2014-08-20 10:35 - 2012-04-28 16:00 - 01877363 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 10:34 - 2012-10-05 16:11 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 10:14 - 2012-10-05 16:11 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 10:02 - 2013-07-30 13:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-20 09:52 - 2012-04-05 22:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-18 19:14 - 2012-11-06 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-18 16:36 - 2013-04-17 16:48 - 00000036 ____H () C:\Windows\SysWOW64\f9t.dat
2014-08-18 14:32 - 2014-08-18 14:32 - 01035696 _____ (Ask.com) C:\Users\UpShot Desktop\Downloads\OffercastInstaller_AVR_U-0027-01-L_.exe
2014-08-18 14:32 - 2014-08-18 14:32 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\VNT
2014-08-18 14:32 - 2014-08-18 14:32 - 00000000 ____D () C:\Program Files (x86)\VNT
2014-08-18 13:17 - 2014-08-18 13:17 - 00006144 _____ () C:\Users\UpShot Desktop\Downloads\Survey_Gizmo_report (1).xls
2014-08-18 10:14 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\spool
2014-08-16 03:47 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-08-16 03:23 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-16 03:23 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-16 03:18 - 2009-07-13 23:13 - 00786598 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-16 03:11 - 2014-01-22 10:21 - 00001011 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-08-16 03:11 - 2014-01-22 10:21 - 00000995 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-08-16 03:10 - 2010-11-20 21:47 - 00961496 _____ () C:\Windows\PFRO.log
2014-08-16 03:10 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-16 03:10 - 2009-07-13 22:51 - 00069669 _____ () C:\Windows\setupact.log
2014-08-16 03:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 03:06 - 2012-10-15 08:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 03:00 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 13:03 - 2013-03-20 15:10 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\CrashDumps
2014-08-15 12:56 - 2014-08-15 12:56 - 00008204 _____ () C:\Users\UpShot Desktop\Downloads\Motion_to_Sell_Assets_USPS_Forward_.xlsx
2014-08-15 11:24 - 2014-08-15 11:24 - 00008800 _____ () C:\Users\UpShot Desktop\Downloads\Notice_of_Commencement_USPS_Forward_ (1).xlsx
2014-08-15 11:19 - 2014-08-15 11:19 - 00051967 _____ () C:\Users\UpShot Desktop\Downloads\Motion_to_Sell_Assets.xlsx
2014-08-15 09:55 - 2014-08-15 09:55 - 138479285 _____ () C:\Users\UpShot Desktop\Downloads\ExhibitA-8-14.zip
2014-08-15 09:53 - 2014-08-15 09:53 - 00010369 _____ () C:\Users\UpShot Desktop\Downloads\Saab Seventh Omni - Exhibit List.xlsx
2014-08-15 09:26 - 2014-08-15 09:26 - 00028492 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (23).xls
2014-08-13 14:44 - 2014-08-13 14:44 - 00005120 _____ () C:\Users\UpShot Desktop\Downloads\Survey_Gizmo_report.xls
2014-08-12 13:22 - 2014-08-12 13:22 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files\iTunes
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files\iPod
2014-08-12 13:22 - 2014-08-12 13:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-12 13:19 - 2014-08-12 13:19 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-12 13:19 - 2014-08-12 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-12 13:19 - 2014-08-12 13:19 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-08 13:38 - 2014-08-08 13:38 - 00010326 _____ () C:\Users\UpShot Desktop\Downloads\Notice_of_Commencement_USPS_Forward_.xlsx
2014-08-08 11:05 - 2014-08-08 11:05 - 00025487 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (22).xls
2014-08-07 15:51 - 2012-10-08 11:15 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\UpShot
2014-08-07 13:46 - 2014-08-07 13:46 - 00027749 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (21).xls
2014-08-07 10:09 - 2014-02-20 10:18 - 00002209 _____ () C:\Users\UpShot Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-06 20:06 - 2014-08-15 11:26 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 20:01 - 2014-08-15 11:26 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 12:50 - 2014-08-06 12:24 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Couples
2014-08-06 12:44 - 2014-08-06 12:25 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Travis + Friends
2014-08-06 12:37 - 2014-08-06 12:37 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{4F65489C-F192-4464-B0D7-5CA2DD7A5368}
2014-08-06 12:33 - 2014-08-06 12:24 - 00000000 ____D () C:\Users\UpShot Desktop\Desktop\Pre-Travis
2014-08-06 11:17 - 2014-08-06 11:17 - 00029718 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (20).xls
2014-08-06 10:27 - 2014-07-29 13:13 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\Windows Live
2014-08-05 10:42 - 2014-08-05 10:42 - 00030637 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (19).xls
2014-08-05 09:20 - 2010-11-20 21:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:01 - 2013-03-13 14:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 10:01 - 2013-03-13 14:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 10:01 - 2012-10-08 12:14 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-01 10:42 - 2014-08-01 10:42 - 00029072 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (18).xls
2014-07-31 17:41 - 2014-08-15 11:27 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 17:16 - 2014-08-15 11:27 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 10:59 - 2014-07-31 10:59 - 00025027 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (17).xls
2014-07-30 11:02 - 2014-07-30 11:02 - 00022985 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (16).xls
2014-07-30 10:50 - 2013-03-28 11:13 - 00001366 _____ () C:\Windows\system32\ricdb.ini
2014-07-30 10:43 - 2012-10-08 12:14 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Roaming\FileZilla
2014-07-30 10:42 - 2012-10-08 12:14 - 00002007 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-07-30 10:42 - 2012-10-08 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-29 13:16 - 2010-11-21 01:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-29 13:13 - 2014-07-29 13:13 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{563009D6-6CBB-4C40-BC1E-C4127DF85FF6}
2014-07-29 13:12 - 2014-07-29 13:12 - 00000000 ____D () C:\Users\UpShot Desktop\AppData\Local\{559F3CFA-35F3-4977-AC5E-FE108ACF94E6}
2014-07-29 09:38 - 2014-07-29 09:38 - 00033860 _____ () C:\Users\UpShot Desktop\Downloads\CaseReportDownload (15).xls
2014-07-28 12:57 - 2014-07-28 12:56 - 05981830 _____ (Tim Kosse) C:\Users\UpShot Desktop\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-25 08:52 - 2014-08-15 11:27 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 08:02 - 2014-08-15 11:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 08:01 - 2014-08-15 11:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 07:51 - 2014-08-15 11:27 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 07:30 - 2014-08-15 11:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 07:28 - 2014-08-15 11:27 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 07:28 - 2014-08-15 11:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 07:25 - 2014-08-15 11:27 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 07:25 - 2014-08-15 11:27 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 07:11 - 2014-08-15 11:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 07:10 - 2014-08-15 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 07:04 - 2014-08-15 11:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 07:03 - 2014-08-15 11:27 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 07:00 - 2014-08-15 11:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 07:00 - 2014-08-15 11:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 06:59 - 2014-08-15 11:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 06:47 - 2014-08-15 11:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 06:40 - 2014-08-15 11:27 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 06:34 - 2014-08-15 11:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 06:34 - 2014-08-15 11:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 06:33 - 2014-08-15 11:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 06:30 - 2014-08-15 11:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 06:28 - 2014-08-15 11:27 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 06:28 - 2014-08-15 11:27 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 06:21 - 2014-08-15 11:27 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 06:19 - 2014-08-15 11:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 06:18 - 2014-08-15 11:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 06:17 - 2014-08-15 11:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 06:17 - 2014-08-15 11:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 06:12 - 2014-08-15 11:27 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 06:10 - 2014-08-15 11:27 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 06:10 - 2014-08-15 11:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 06:08 - 2014-08-15 11:27 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 06:06 - 2014-08-15 11:27 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 05:52 - 2014-08-15 11:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 05:47 - 2014-08-15 11:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 05:43 - 2014-08-15 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 05:42 - 2014-08-15 11:27 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 05:39 - 2014-08-15 11:27 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 05:39 - 2014-08-15 11:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 05:36 - 2014-08-15 11:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 05:34 - 2014-08-15 11:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 05:29 - 2014-08-15 11:27 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 05:23 - 2014-08-15 11:27 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 05:13 - 2014-08-15 11:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 05:07 - 2014-08-15 11:27 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 05:07 - 2014-08-15 11:27 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 05:03 - 2014-08-15 11:27 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 04:52 - 2014-08-15 11:27 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 04:26 - 2014-08-15 11:27 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 04:17 - 2014-08-15 11:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 04:09 - 2014-08-15 11:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 04:05 - 2014-08-15 11:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 04:00 - 2014-08-15 11:27 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 03:01 - 2013-03-13 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 14:14 - 2014-07-23 14:14 - 00008180 _____ () C:\Users\UpShot Desktop\Downloads\Sixth_Omnibus_Objection_to_Affected_Parties_USPS_forward_.xlsx
2014-07-23 14:06 - 2014-07-23 14:06 - 00008172 _____ () C:\Users\UpShot Desktop\Downloads\Fifth_Omnibus_Objection_to_Affected_Parties_USPS_forward_.xlsx
2014-07-23 10:24 - 2014-07-23 10:24 - 00015709 _____ () C:\Users\UpShot Desktop\Downloads\NameExport072314092347.xlsx
2014-07-21 14:45 - 2014-07-03 15:31 - 00011163 _____ () C:\Users\UpShot Desktop\Desktop\Amended Claims.xlsx
2014-07-21 13:45 - 2014-07-21 13:45 - 00008035 _____ () C:\Users\UpShot Desktop\Downloads\Sixth_Omnibus_Objection_to_Affected_Party_USPS_forward_.xlsx
 
Some content of TEMP:
====================
C:\Users\UpShot Desktop\AppData\Local\Temp\APNSetup.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\APNStub.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\autorun.dll
C:\Users\UpShot Desktop\AppData\Local\Temp\COMAP.EXE
C:\Users\UpShot Desktop\AppData\Local\Temp\contentDATs.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\kmpd53iq.dlL
C:\Users\UpShot Desktop\AppData\Local\Temp\kmpd60rq.dlL
C:\Users\UpShot Desktop\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\mssinstaller.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\ose00000.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\UpShot Desktop\AppData\Local\Temp\SpotifyUninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 00:01
 
==================== End Of Log ============================

  • 0

#4
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by UpShot Desktop at 2014-08-20 10:49:13
Running from C:\Users\UpShot Desktop\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.05 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0F05}) (Version: 12.15.5.7 - APN, LLC) <==== ATTENTION
Avery Toolbar (HKLM-x32\...\{41565256-3700-A76A-76A7-A758B70C0F05}) (Version: 12.15.5.991 - APN, LLC)
Best Buy pc app (HKCU\...\e55b814e55744b76) (Version: 3.5.752.2 - Best Buy)
Best Buy pc app (Version: 3.3.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.3.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-6490CW (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-9460CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.0.30.0 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (HKLM-x32\...\InstallShield_{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.2001 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (x32 Version: 1.1.2001 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor 5.0 (HKLM-x32\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2001 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.2001 - Brother Industries, Ltd.) Hidden
Brother P-touch Update Software (HKLM-x32\...\{08BAC163-A5E8-4838-90A9-8C9343400579}) (Version: 1.0.0030 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (HKLM-x32\...\InstallShield_{A242CAB2-870C-4AC9-8AFE-34379D9383CD}) (Version: 1.00.0000 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (x32 Version: 1.00.0000 - Brother Industries, Ltd.) Hidden
Communications Utility (x32 Version: 1.000 - Panasonic System Networks Co., Ltd.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3313.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3313.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-7510 Series Printer Uninstall (HKLM\...\EPSON WF-7510 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FedEx Ship Manager (HKLM-x32\...\{F24211D9-08C8-495F-A9AE-A680CAF0EEC2}) (Version: 27.04.3775 - FedEx Corporation)
FileZilla Client 3.9.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Fitbit Connect (HKLM-x32\...\Fitbit Connect) (Version: 1.0.0.2578 - Fitbit Inc.)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3506 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0225.2011 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Gateway Incorporated)
Google Apps Migration For Microsoft Outlook® 3.0.19.44 (HKLM-x32\...\{16CA4BD4-27ED-4DA0-9190-48F69D8AAC25}) (Version: 3.0.19.44 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.5.370.990 (HKLM-x32\...\{2E92FFC5-4082-40BF-9CA7-0E5D16C811CE}) (Version: 3.5.370.990 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3510 - Gateway Incorporated)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 3.3.0728 - KYOCERA Document Solutions Inc.)
Kyocera Scanner File Utility (HKLM-x32\...\{61C79AE1-5403-4687-AC68-28BFA5EF3895}) (Version: 3.16.9 - KyoceraMita)
LogMeIn (HKLM-x32\...\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}) (Version: 4.1.3268 - LogMeIn, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.70.1104.04 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
OnMerge Barcodes Sample Documents 2.18; User UpShot Desktop (HKLM-x32\...\OnMerge Barcodes Sample Documents_is1) (Version: 2.18 - OnMerge)
OnMerge Barcodes v2.18 for Microsoft Word (HKLM-x32\...\OnMerge Barcodes_is1) (Version: 2.18 - OnMerge)
Panasonic Communications Utility (HKLM-x32\...\InstallShield_{DEA90EEC-CA16-4092-9604-25B2ACC5273B}) (Version: 1.000 - Panasonic System Networks Co., Ltd.)
Panasonic Windows Firewall Setting Tool (HKLM-x32\...\InstallShield_{695603EE-5D13-4406-A034-B1346652CC4D}) (Version: 1.00.0004 - Panasonic System Networks Co., Ltd.)
Print Audit 6 (HKLM-x32\...\{47E965E1-9F19-44F4-A3ED-AD892912D182}) (Version: 6.8.0 - PJLM Software Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6505 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Stamps.com (HKLM-x32\...\Stamps.com) (Version:  - Stamps.com, Inc.)
Stamps.com (x32 Version: 10.1.1.2456 - Stamps.com, Inc.) Hidden
Stamps.com Application Support for Microsoft Word 2000-2010 (x32 Version: 8.7.0.1506 - Stamps.com, Inc.) Hidden
Stamps.com support for Microsoft Word 2000-2010 (HKLM-x32\...\Stamps.com support for Microsoft Word 2000-2010) (Version:  - Stamps.com, Inc.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.17292 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3507 - Gateway Incorporated)
Windows Firewall Setting Tool (x32 Version: 1.00.0004 - Panasonic System Networks Co., Ltd.) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3452355537-503043710-2882785224-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3452355537-503043710-2882785224-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3452355537-503043710-2882785224-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3452355537-503043710-2882785224-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3452355537-503043710-2882785224-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
16-08-2014 09:00:12 Windows Update
19-08-2014 10:09:37 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2013-02-27 16:22 - 00000924 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D6FB188-802B-4BB6-89F7-7FAC5FB0CD1B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {37AF65BC-7643-46CD-A388-EE7A7F529762} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)
Task: {48088C80-F500-4BD9-B5E9-73C3E7DDFDEB} - System32\Tasks\UALU notificatin => C:\Program Files\Gateway\Gateway Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {59E68238-5EA1-44CE-8C0B-321C4967FA00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {6A5A4FD2-D7F7-4D6E-AD5F-791A1ADA0657} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7999ECEB-BFB5-47D0-9583-1C9105662273} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {80948D55-AB9F-4012-802B-7A33A422DDE0} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2012-01-16] (Nero AG)
Task: {935FC0DA-F485-4CE9-BAFF-C37B69015916} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)
Task: {9C81821E-7D4A-46C9-B10F-3BBBAAB42BB2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {C1EBE14F-5A70-4BFF-84F8-BDE4F9109144} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-07-24 17:32 - 2013-07-24 17:32 - 00024576 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminService.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-04-05 22:30 - 2011-12-15 00:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-06 20:17 - 2012-02-06 20:17 - 00636520 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
2012-10-24 09:51 - 2010-03-15 17:18 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-24 17:31 - 2013-07-24 17:31 - 00023040 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.Logging.dll
2013-07-24 17:30 - 2013-07-24 17:30 - 00049152 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.ConfigManager.dll
2013-03-19 13:58 - 2000-11-09 11:17 - 00190464 _____ () C:\Program Files (x86)\Kyocera\FileUtility\HgTiff2Pdf.dll
2013-07-24 17:31 - 2013-07-24 17:31 - 00831488 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.Entities.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00053248 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminEntities.dll
2013-07-24 17:35 - 2013-07-24 17:35 - 00262144 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminLogic.dll
2013-07-24 17:29 - 2013-07-24 17:29 - 00005632 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\SnapShotEntities.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00782336 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.DataAccess.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00020992 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.FSMDataAccess.dll
2013-07-24 17:33 - 2013-07-24 17:33 - 00053248 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminComm.dll
2013-07-24 17:38 - 2013-07-24 17:38 - 00018584 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Communication.CommLogger.dll
2013-07-24 17:31 - 2013-07-24 17:31 - 01011712 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.Languafier.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00045056 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.ServiceInterfaces.dll
2013-07-24 17:33 - 2013-07-24 17:33 - 00421888 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.Route.BusinessLogic.dll
2013-07-24 17:31 - 2013-07-24 17:31 - 00463360 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\eSRGApi.dll
2013-07-24 17:27 - 2013-07-24 17:27 - 00155648 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\SASV.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00211456 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\UvSDKWrapper.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00045056 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.Route.Entities.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00131584 _____ () C:\Program Files (x86)\FedEx\ShipManager\Bin\Snapshot.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00249856 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.ABDataAccess.dll
2013-07-24 17:30 - 2013-07-24 17:30 - 00006144 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.GSM.Common.Security.dll
2013-07-24 17:33 - 2013-07-24 17:33 - 01261568 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.WebService.XmlSerializers.dll
2013-07-24 17:37 - 2013-07-24 17:37 - 00066160 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\ProxySettings.dll
2013-05-23 11:30 - 2013-05-23 11:30 - 00032768 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\IctlIEntities.v1.0.dll
2013-05-23 11:30 - 2013-05-23 11:30 - 00073728 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\Ictl.v1.0.1.dll
2013-07-24 17:27 - 2013-07-24 17:27 - 00010240 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\NglIEntities.v2.1.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00458752 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.EditService.Data.dll
2013-07-24 17:32 - 2013-07-24 17:32 - 00015360 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.Utilities.Common.dll
2013-07-24 17:33 - 2013-07-24 17:33 - 00061440 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.RateService.BusinessLogic.dll
2013-07-24 17:27 - 2013-07-24 17:27 - 00048640 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\ManagedLZH.dll
2013-07-24 17:31 - 2013-07-24 17:31 - 02347008 _____ () C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.ShipEngine.Entities.XmlSerializers.dll
2012-04-28 16:09 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-04-28 16:13 - 2012-02-07 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-01-24 09:47 - 2013-01-24 09:47 - 00063384 _____ () C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6hook.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2005-01-24 23:01 - 2005-01-24 23:01 - 00098304 _____ () C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\MFPPROC.DLL
2003-12-07 17:30 - 2003-12-07 17:30 - 00110592 _____ () C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\MFPSEQ.DLL
2006-11-27 13:19 - 2006-11-27 13:19 - 00057344 _____ () C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\PdfMake.Dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-08-20 10:35 - 2014-08-20 10:35 - 00098816 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32api.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00110080 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\pywintypes27.dll
2014-08-20 10:35 - 2014-08-20 10:35 - 00364544 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\pythoncom27.dll
2014-08-20 10:35 - 2014-08-20 10:35 - 00045568 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_socket.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 01160704 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_ssl.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00320512 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32com.shell.shell.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00713216 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_hashlib.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 01175040 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._core_.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00805888 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._gdi_.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00811008 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._windows_.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 01062400 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._controls_.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00735232 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._misc_.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00128512 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_elementtree.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00127488 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\pyexpat.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00557056 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\pysqlite2._sqlite.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00007168 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\hashobjs_ext.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00087552 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_ctypes.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00119808 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32file.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00108544 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32security.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00018432 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32event.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00038912 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32inet.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00070656 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._html2.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00167936 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32gui.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00011264 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32crypt.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00027136 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\_multiprocessing.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00686080 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\unicodedata.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00122368 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._wizard.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00010240 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\select.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00024064 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32pipe.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00025600 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32pdh.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00525640 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\windows._lib_cacheinvalidation.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00035840 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32process.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00017408 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32profile.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00022528 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\win32ts.pyd
2014-08-20 10:35 - 2014-08-20 10:35 - 00078336 _____ () C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI41162\wx._animate.pyd
2012-02-06 20:18 - 2012-02-06 20:18 - 00151656 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll
2012-10-24 09:51 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2009-07-13 15:03 - 2009-07-13 19:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-09-05 08:04 - 2013-09-05 08:04 - 03990248 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 06:16 - 2014-08-06 21:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 02:42:32 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome
 
Error: (08/18/2014 02:42:31 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome
 
Error: (08/18/2014 02:42:23 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome
 
Error: (08/16/2014 03:12:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/15/2014 01:06:04 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word experienced a serious problem with the 'onmerge barcodes' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?.
Accepted Safe Mode action : Microsoft Word.
 
Error: (08/15/2014 01:03:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 14.0.7125.5000, time stamp: 0x53745315
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x14e4
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
 
Error: (08/15/2014 00:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Acrobat.exe, version: 11.0.4.63, time stamp: 0x52288928
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x114af8ac
Faulting process id: 0x173c
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3
 
Error: (08/07/2014 03:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Acrobat.exe, version: 11.0.4.63, time stamp: 0x52288928
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0e21f9b0
Faulting process id: 0x1e20
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3
 
Error: (08/07/2014 02:07:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 11.0.4.63 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12fc
 
Start Time: 01cfb274d51f3378
 
Termination Time: 10
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
 
Report Id: 779f8681-1e6e-11e4-9fa1-e840f2a6dc24
 
Error: (08/07/2014 02:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Acrobat.exe, version: 11.0.4.63, time stamp: 0x52288928
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x5c250812
Faulting process id: 0x12fc
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3
 
 
System errors:
=============
Error: (08/19/2014 08:05:34 PM) (Source: BROWSER) (EventID: 8019) (User: )
Description: The browser was unable to promote itself to master browser.  The browser will continue
to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.
 
Error: (08/19/2014 06:22:12 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: The browser was unable to promote itself to master browser.  The computer that currently
believes it is the master browser is unknown.
 
Error: (08/19/2014 06:01:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.130.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.
 
Error: (08/18/2014 08:47:56 PM) (Source: BROWSER) (EventID: 8019) (User: )
Description: The browser was unable to promote itself to master browser.  The browser will continue
to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.
 
Error: (08/18/2014 07:04:34 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: The browser was unable to promote itself to master browser.  The computer that currently
believes it is the master browser is unknown.
 
Error: (08/18/2014 06:43:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.130.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.
 
Error: (08/16/2014 05:15:40 AM) (Source: BROWSER) (EventID: 8019) (User: )
Description: The browser was unable to promote itself to master browser.  The browser will continue
to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.
 
Error: (08/16/2014 03:32:18 AM) (Source: BROWSER) (EventID: 8009) (User: )
Description: The browser was unable to promote itself to master browser.  The computer that currently
believes it is the master browser is WINEYWIRELESSNE.
 
Error: (08/16/2014 03:11:38 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.130.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.
 
Error: (08/16/2014 03:09:10 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
 
Microsoft Office Sessions:
=========================
Error: (08/18/2014 02:42:32 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/18/2014 02:42:31 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/18/2014 02:42:23 PM) (Source: MsiInstaller) (EventID: 10005) (User: UpShotPC)
Description: Product: Avery Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/16/2014 03:12:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/15/2014 01:06:04 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: )
Description: Microsoft WordWord experienced a serious problem with the 'onmerge barcodes' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?
 
Error: (08/15/2014 01:03:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE14.0.7125.500053745315ntdll.dll6.1.7601.18247521ea8e7c0000374000ce75314e401cfb8bb9477898bC:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXEC:\Windows\SysWOW64\ntdll.dlld36645bc-24ae-11e4-9fa1-e840f2a6dc24
 
Error: (08/15/2014 00:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Acrobat.exe11.0.4.6352288928unknown0.0.0.000000000c0000005114af8ac173c01cfb8a28cfc05b1C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exeunknown6026b1e8-24a6-11e4-9fa1-e840f2a6dc24
 
Error: (08/07/2014 03:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Acrobat.exe11.0.4.6352288928unknown0.0.0.000000000c00000050e21f9b01e2001cfb288a02c9c99C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exeunknown063eb02f-1e7c-11e4-9fa1-e840f2a6dc24
 
Error: (08/07/2014 02:07:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Acrobat.exe11.0.4.6312fc01cfb274d51f337810C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe779f8681-1e6e-11e4-9fa1-e840f2a6dc24
 
Error: (08/07/2014 02:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Acrobat.exe11.0.4.6352288928unknown0.0.0.000000000c00000055c25081212fc01cfb274d51f3378C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exeunknown4e32d2c9-1e6e-11e4-9fa1-e840f2a6dc24
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:02.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-03 00:31:02.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-03 00:31:02.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-03 00:31:02.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-03 00:31:02.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-03 00:31:02.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-01 00:31:28.606
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-01 00:31:28.606
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-01 00:31:28.606
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-01 00:31:28.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 63%
Total physical RAM: 6022.59 MB
Available physical RAM: 2218.8 MB
Total Pagefile: 12043.37 MB
Available Pagefile: 7831.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (Gateway) (Fixed) (Total:917.41 GB) (Free:758.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61C388DC)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#5
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Ok, let's get started :)

 

FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start
    
    (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    
    (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    
    (APN LLC.) C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe
    
    HKLM-x32\...\Run: [] => [X]
    
    HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)
    
    HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)
    
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    
    SearchScopes: HKCU - {D0ABE37A-FB93-457E-B35F-0883E1609C40} URL = http://websearch.ask...21-98B38381C823
    
    BHO: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
    
    BHO-x32: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)
    
    Toolbar: HKLM - Avery Toolbar - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
    
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    
    CHR Plugin: (Norton Confidential) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
    
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
    
    CHR HKLM-x32\...\Chrome\Extension: [aaaaigmelgfmkfjicbbgbkcbagedejhj] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]
    
    CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]
    
    R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)[/B]
    
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    
    C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe
    
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)
    
    C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)
    
    C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
    
    C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    
    c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
    
    C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]
    
    C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]
    
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.
 
adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.
 
51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    
    process;
    
    services-list;
    
    systemspecs;
    
    startupall;
    
    skipfix-iedefaults;
    
    firefoxlook;
    
    chromelook;
    
    filesrcm;
    
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 


  • 0

#6
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by UpShot Desktop at 2014-08-21 10:44:32 Run:1
Running from C:\Users\UpShot Desktop\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
 
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
 
(APN LLC.) C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe
 
HKLM-x32\...\Run: [] => [X]
 
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)
 
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)
 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
 
SearchScopes: HKCU - {D0ABE37A-FB93-457E-B35F-0883E1609C40} URL = http://websearch.ask...21-98B38381C823
 
BHO: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
 
BHO-x32: Avery Toolbar -> {41565256-3700-A76A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)
 
Toolbar: HKLM - Avery Toolbar - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)
 
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
 
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
 
CHR Plugin: (Norton Confidential) - C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
 
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
 
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
 
CHR HKLM-x32\...\Chrome\Extension: [aaaaigmelgfmkfjicbbgbkcbagedejhj] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]
 
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]
 
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)[/B]
 
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
 
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
 
C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe
 
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)
 
C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)
 
C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
 
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
 
c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
 
C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]
 
C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]
 
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)end
*****************
 
[9080] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe => Process closed successfully.
[5876] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe => Process closed successfully.
[7008] C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe => Process closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\VNT => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0ABE37A-FB93-457E-B35F-0883E1609C40}" => Key deleted successfully.
"HKCR\CLSID\{D0ABE37A-FB93-457E-B35F-0883E1609C40}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41565256-3700-A76A-76A7-7A786E7484D7}" => Key deleted successfully.
"HKCR\CLSID\{41565256-3700-A76A-76A7-7A786E7484D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41565256-3700-A76A-76A7-7A786E7484D7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{41565256-3700-A76A-76A7-7A786E7484D7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41565256-3700-A76A-76A7-7A786E7484D7} => value deleted successfully.
"HKCR\CLSID\{41565256-3700-A76A-76A7-7A786E7484D7}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaigmelgfmkfjicbbgbkcbagedejhj" => Key deleted successfully.
C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop" => Key deleted successfully.
C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx => Moved successfully.
APNMCP => Service deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe => Moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe => Moved successfully.
C:\Users\UpShot Desktop\AppData\Local\VNT\vntldr.exe => Moved successfully.
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-05] (APN)" => File/Directory not found.
"C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-07-31] (APN LLC.)" => File/Directory not found.
"C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File" => File/Directory not found.
"C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File" => File/Directory not found.
"c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File" => File/Directory not found.
"C:\ProgramData\AskPartnerNetwork\Toolbar\AVRV7\CRX\ToolbarCR.crx [2014-08-06]" => File/Directory not found.
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-05]" => File/Directory not found.
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)end" => File/Directory not found.
 
==== End of Fixlog ====

  • 0

#7
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
# AdwCleaner v3.308 - Report created 21/08/2014 at 10:55:35
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : UpShot Desktop - UPSHOTPC
# Running from : C:\Users\UpShot Desktop\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : APNMCP
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\VNT
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\Users\UpShot Desktop\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\UpShot Desktop\AppData\Local\VNT
Folder Found : C:\Users\UPSHOT~1\AppData\Local\Temp\apn
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : pljcgbedjplidkdjahbaalanadmjfgop
 
*************************
 
AdwCleaner[R0].txt - [4625 octets] - [21/08/2014 10:55:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4685 octets] ##########

  • 0

#8
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Zoek.exe v5.0.0.0 Updated 21-08-2014

Tool run by UpShot Desktop on Thu 08/21/2014 at 11:03:04.82.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\UpShot Desktop\Downloads\zoek.exe [Scan all users] [Script inserted] 

 

==== System Restore Info ======================

 

8/21/2014 11:04:10 AM Zoek.exe System Restore Point Created Succesfully.

 

==== Installed Programs ======================

 

64 Bit HP CIO Components Installer  

Adobe Acrobat XI Pro  

Adobe AIR  

Adobe Download Assistant  

Adobe Flash Player 14 ActiveX  

Adobe Reader X (10.1.4) MUI  

Apple Application Support  

Apple Mobile Device Support  

Apple Software Update  

Ask Toolbar  

Avery Toolbar  

Best Buy pc app  

Bing Bar  

Bonjour  

Brother MFL-Pro Suite MFC-6490CW  

Brother MFL-Pro Suite MFC-9460CDN  

Brother P-touch Address Book 1.1  

Brother P-touch Editor 5.0  

Brother P-touch Update Software  

Brother QL-Series Software User's Guide  

Communications Utility  

CyberLink PowerDVD 10  

D3DX10  

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition  

Epson Customer Participation  

Epson Event Manager  

Epson FAX Utility  

Epson PC-FAX Driver  

EPSON Scan  

EPSON WF-7510 Series Printer Uninstall  

EpsonNet Print  

Evernote v. 4.5.2  

FedEx Ship Manager  

FileZilla Client 3.9.0.1  

Fitbit Connect  

Galer¡a fotogr fica de Windows Live  

Galerie de photos Windows Live  

Gateway Recovery Management  

Gateway Registration  

Gateway ScreenSaver  

Gateway Updater  

Google Apps Migration For Microsoft Outlookr 3.0.19.44  

Google Apps SyncT for Microsoft Outlookr 3.5.370.990  

Google Chrome  

Google Drive  

Google Update Helper  

Hotkey Utility  

iCloud  

Identity Card  

Intel® Control Center  

Intel® Management Engine Components  

Intel® OpenCL CPU Runtime  

Intel® Processor Graphics  

Intel® Rapid Storage Technology  

Intel® USB 3.0 eXtensible Host Controller Driver  

Intelr Trusted Connect Service Client  

iTunes  

Java 7 Update 55  

Java Auto Updater  

Junk Mail filter update  

Kyocera Product Library  

Kyocera Scanner File Utility  

LogMeIn  

McAfee Security Scan Plus  

Mesh Runtime  

Microsoft .NET Framework 4.5.1  

Microsoft Application Error Reporting  

Microsoft Mouse and Keyboard Center  

Microsoft Office Access MUI (English) 2010  

Microsoft Office Access Setup Metadata MUI (English) 2010  

Microsoft Office Excel MUI (English) 2010  

Microsoft Office Groove MUI (English) 2010  

Microsoft Office InfoPath MUI (English) 2010  

Microsoft Office Office 64-bit Components 2010  

Microsoft Office OneNote MUI (English) 2010  

Microsoft Office Outlook MUI (English) 2010  

Microsoft Office PowerPoint MUI (English) 2010  

Microsoft Office Professional Plus 2010  

Microsoft Office Proof (English) 2010  

Microsoft Office Proof (French) 2010  

Microsoft Office Proof (Spanish) 2010  

Microsoft Office Proofing (English) 2010  

Microsoft Office Publisher MUI (English) 2010  

Microsoft Office Shared 64-bit MUI (English) 2010  

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010  

Microsoft Office Shared MUI (English) 2010  

Microsoft Office Shared Setup Metadata MUI (English) 2010  

Microsoft Office Word MUI (English) 2010  

Microsoft OneDrive  

Microsoft Silverlight  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2005 Redistributable (x64)  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319  

Microsoft Visual J# 2.0 Redistributable Package  

Microsoft XML Parser  

MSVCRT  

MSVCRT_amd64  

MSXML 4.0 SP2 (KB954430)  

MSXML 4.0 SP2 (KB973688)  

Nero BackItUp 10  

Nero BackItUp 10 Help (CHM)  

Nero Control Center 10  

Nero ControlCenter 10 Help (CHM)  

Nero Core Components 10  

Nero DiscSpeed 10  

Nero DiscSpeed 10 Help (CHM)  

Nero Express 10  

Nero Express 10 Help (CHM)  

Nero Multimedia Suite 10 Essentials  

Nero RescueAgent 10  

Nero RescueAgent 10 Help (CHM)  

Nero StartSmart 10  

Nero StartSmart 10 Help (CHM)  

Nero Update  

OnMerge Barcodes Sample Documents 2.18; User UpShot Desktop  

OnMerge Barcodes v2.18 for Microsoft Word  

Panasonic Communications Utility  

Panasonic Windows Firewall Setting Tool  

Print Audit 6  

QuickTime 7  

Realtek High Definition Audio Driver  

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition  

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition  

Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition  

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition  

Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition  

Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition  

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition  

SkypeT 6.11  

SMPlayer 0.6.9  

Software Updater  

Stamps.com  

Stamps.com Application Support for Microsoft Word 2000-2010  

Stamps.com support for Microsoft Word 2000-2010  

TeamViewer 8  

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition  

Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition  

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition  

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition  

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition  

Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition  

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition  

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition  

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition  

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition  

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition  

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition  

Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition  

Welcome Center  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live Galeria de Fotos  

Windows Live ID Sign-in Assistant  

Windows Live Installer  

Windows Live Language Selector  

Windows Live Mail  

Windows Live Mesh  

Windows Live Messenger  

Windows Live MIME IFilter  

Windows Live Movie Maker  

Windows Live Photo Common  

Windows Live Photo Gallery  

Windows Live PIMT Platform  

Windows Live Remote Client  

Windows Live Remote Client Resources  

Windows Live Remote Service  

Windows Live Remote Service Resources  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Windows Live Writer  

Windows Live Writer Resources  

 

==== Running Processes ======================

 

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.LoggingService.exe

C:\Program Files (x86)\FedEx\ShipManager\SQLAnywhere\Bin32\dbsrv11.exe

C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe

C:\Program Files (x86)\Kyocera\FileUtility\nsCatCom.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files (x86)\FedEx\ShipManager\BIN\AdminService.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe

C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe

C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clint.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\UpShot Desktop\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\sysWow64\SearchProtocolHost.exe

 

==== Services (whitelist) ======================

Powered by E Dev

 

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

R2 - [BBUpdate] - BBUpdate - "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"

R2 - [EpsonCustomerParticipation] - EpsonCustomerParticipation - "C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe"

R2 - [FedExLoggingService] - FedEx Logging Service - "C:\Program Files (x86)\FedEx\ShipManager\BIN\FedEx.Gsm.Common.LoggingService.exe"

R2 - [Fitbit Connect] - Fitbit Connect Service - C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

R2 - [GREGService] - GREGService - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

R2 - [IAStorDataMgrSvc] - Intel® Rapid Storage Technology - "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

R2 - [Intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - "C:\Program Files\Intel\iCLS Client\HeciServer.exe"

R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

R2 - [Live Updater Service] - Live Updater Service - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

R2 - [LMIGuardianSvc] - LMIGuardianSvc - "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"

R2 - [LMIMaint] - LogMeIn Maintenance Service - "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"

R2 - [LMS] - Intel® Management and Security Application Local Management Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

R2 - [LogMeIn] - LogMeIn - "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"

R2 - [NAUpdate] - Nero Update - "C:\Program Files (x86)\Nero\Update\NASvc.exe"

R2 - [PA6ClientHelper] - Print Audit 6 Client Helper 64-bit - "C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clhlp64.exe"

R2 - [SFUSVC] - SFUSVC - C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe

R2 - [TeamViewer8] - TeamViewer 8 - "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"

R2 - [UNS] - Intel® Management and Security Application User Notification Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding

R3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"

R3 - [osppsvc] - Office Software Protection Platform - "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe

R3 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"

S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

S2 - [SkypeUpdate] - Skype Updater - "C:\Program Files (x86)\Skype\Updater\Updater.exe"

S2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe

S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe

S3 - [BBSvc] - Bing Bar Update Service - "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"

S3 - [BrYNSvc] - BrYNSvc - "C:\Program Files (x86)\Browny02\BrYNSvc.exe"

S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

S3 - [cphs] - Intel® Content Protection HECI Service - C:\Windows\SysWow64\IntelCpHeciSvc.exe

S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe

S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe

S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe

S3 - [FedExShipService] - FedEx Shipping Engine - "C:\Program Files (x86)\FedEx\ShipManager\BIN\ShipEngineService.exe"

S3 - [FedExTransactionService] - FedEx Transaction Engine - "C:\Program Files (x86)\FedEx\ShipManager\BIN\TransEngineService.exe"

S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc

S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V

S3 - [McComponentHostService] - McAfee Security Scan Component Host Service - "C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe"

S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice

S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe

S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V

S3 - [ose] - Office  Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe

S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe

S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe

S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe

S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe

S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe

S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"

S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe

S4 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

S4 - [wlcrasvc] - Windows Live Mesh remote connections service - "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"

SUnknown - [APNMCP] - Ask Update Service - 

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 6023 MB

CPU Info: Intel® Core™ i3-2120 CPU @ 3.30GHz

CPU Speed: 3289.7 MHz

Sound Card: T24C550 (Intel® Display Audio | 

Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver | LogMeIn Mirror Driver

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel® 82579V Gigabit Network Connection | 802.11n Wireless LAN Card

CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH70N

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C:  917.4GB

Hard Disks - Free: C:  758.4GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 03/12/12 | ACRSYS - 1072009

Time Zone: Mountain Standard Time

Motherboard *: Gateway DX4870

Country: United States 

Language: ENU 

 

==== System Specs (Software) ======================

 

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 36.0.1985.143

Internet Explorer Version: 11.0.9600.17239 

Google Chrome version: 36.0.1985.143

Adobe Reader version: 10.1.4.38

Sun Java version: 1.7.0_55 (32-bit) 

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

====== C:\Users\UPSHOT~1\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-08-21 16:46:32 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll

2014-08-16 09:00:58 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\SysWOW64\infocardapi.dll

2014-08-16 09:00:58 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\SysWOW64\icardagt.exe

2014-08-16 09:00:58 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\SysWOW64\icardres.dll

2014-08-16 09:00:47 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-15 17:27:42 C212A43AA83A717AD38505F23ACDCB33 2363392 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-08-15 17:27:42 9DA1CCDBBF8136AC2383C2624CA8CD14 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll

2014-08-15 17:27:42 43CD23B65CBF04D6F8ACA984B0EF93FE 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll

2014-08-15 17:27:37 D08819FEE0CDB8A8A58E2B34D05E7A11 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2014-08-15 17:27:25 386BF6FD9FC562B1A5558C49E1C3A6FB 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll

2014-08-15 17:27:24 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-08-15 17:27:24 41A3A54603686FD437FA4E8EB95025F9 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-15 17:27:23 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-15 17:27:23 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-08-15 17:27:23 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-08-15 17:27:23 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-08-15 17:27:23 478824EC0BCE9968C0DC787164B1753B 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-08-15 17:27:23 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-08-15 17:27:23 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-08-15 17:27:22 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-08-15 17:27:22 F48A1A114382AB4EF8000E1943E6CF1F 438784 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-08-15 17:27:22 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-08-15 17:27:22 7B051C4A70F23A84A09366999FE63CBD 307384 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-08-15 17:27:22 4D0E91438CE181AF94C653B3BBE3C65A 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-08-15 17:27:22 36B67392AFB8901CC442EA988AD4603D 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-08-15 17:27:22 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-08-15 17:27:21 E8D46F442AB53A52BDBB3EA0C51BDABD 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-08-15 17:27:21 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-08-15 17:27:20 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-08-15 17:27:20 B91AA3BC8083E66925FAE29FDA485CEA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-08-15 17:27:20 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-08-15 17:27:20 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-08-15 17:27:20 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-08-15 17:27:20 49FFD37673BD20279A8BF27CC20040B3 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-15 17:27:20 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-15 17:27:20 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-08-15 17:26:51 D8BED6BA298DBAAF6F3D746739FCD333 664064 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-08-16 09:00:58 EE415EC9288182BCFB6E6896A376EA53 8856 ----a-w- C:\Windows\Sysnative\icardres.dll

2014-08-16 09:00:58 9C44FB5B3A8A192FCE1103AC9BA4E576 171160 ----a-w- C:\Windows\Sysnative\infocardapi.dll

2014-08-16 09:00:58 8A08BB0D12BE40DC09632CD5D04A48A0 1389208 ----a-w- C:\Windows\Sysnative\icardagt.exe

2014-08-16 09:00:47 E4312738B500577BABC232A49F67A67D 35480 ----a-w- C:\Windows\Sysnative\TsWpfWrp.exe

2014-08-15 17:27:42 B0F8CCA08DBC392442E27377B98DD0CD 112064 ----a-w- C:\Windows\Sysnative\consent.exe

2014-08-15 17:27:42 A6D0DC3B30F6BB1421DAA92537424822 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll

2014-08-15 17:27:42 5DFFC12BF7DB53BDB401804A3C3A475E 1941504 ----a-w- C:\Windows\Sysnative\authui.dll

2014-08-15 17:27:42 3B39F9D51E4D8BAABDA6518955B58C13 3241984 ----a-w- C:\Windows\Sysnative\msi.dll

2014-08-15 17:27:37 EBFEF789E32279C2ED7C81260B186AD7 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2014-08-15 17:27:25 AE57F6C7AB3ED244B5F14151C4EA0057 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll

2014-08-15 17:27:23 19FA60D3AE1804A559306DE931A5B415 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-08-15 17:27:23 08C5E6033786C1E41B63FD38CA22917A 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-08-15 17:27:22 FE7D99399F7761AA2695A7B1AD30DAAF 1431040 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-08-15 17:27:22 FCF5C8BB9AFD8D15B324B702F9B186B7 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-08-15 17:27:22 F00D0AE7648CA45C6434E2885485BE0B 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-08-15 17:27:22 6598F2A876E13B6FFA5AE418D41CE7D6 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-08-15 17:27:22 5574B09C4676E8E2EBE125C18BDF9FBF 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-08-15 17:27:22 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-08-15 17:27:22 13A852B606F3644A7A35EDD99F74A685 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-08-15 17:27:21 DF485877CCE229776E6B8BB9116B67FE 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-08-15 17:27:21 9C9FE69902CD45A7D9AB1F0C4EDE646C 348856 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-08-15 17:27:21 39A85C005BCDEEF4092646EBBC2526AA 2087936 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-08-15 17:27:21 1FD1F16C35946BA28FDEB40F18B7729D 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-08-15 17:27:20 FCC86367BB0FB6DEB6614885CBE74FD5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-08-15 17:27:20 DB382D89D8004F40BD2C55BAE6A15B30 2774528 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-08-15 17:27:20 1DE8B71A1C7D8943034188556AF50B07 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-08-15 17:27:19 920F690FC7424DE71888AA2E46E917EA 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-08-15 17:27:19 72B7D166D1B0D353330A34FDED3F5AA6 598016 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-08-15 17:27:19 472C409F9B0FF67C1015F511C73E1889 5824512 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-08-15 17:27:19 2639E152D246F2A651F09764807CA153 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-08-15 17:27:19 1F02286D001AB5EA5719540C587224FE 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-08-15 17:27:19 1EEF9FE30DBE458A89B5F7A16FC68397 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-08-15 17:27:19 1B26610C1659EF54ED000233FB96F20C 13547008 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-08-15 17:27:18 EDF22FBAE75ACB48BF51D099C6808B39 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-08-15 17:27:18 C02C78DE9BB4E68F6C78B1588ADD6ADC 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-08-15 17:27:18 BAC44396088ECC1C9021ED3E3345337C 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-08-15 17:27:18 8E71A5CB5312B8392D4DA4CA37BB5868 2266624 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-08-15 17:27:18 6ED6DA2A04F8F0C9BDAD647284BAEFB6 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-08-15 17:27:17 ECA387DCD57F683C52171C766CF400F0 23645696 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-08-15 17:27:17 1C660588CFFB3A17BCF0F6B4779BF985 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-08-15 17:26:51 F947D57534E01E3CA597BCF2AD8AE65B 1216000 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2014-08-15 17:26:50 9D455E3049B7F93483D7165422B7D0AF 529920 ----a-w- C:\Windows\Sysnative\aepdu.dll

2014-08-15 17:26:50 349CF386805783D2E6810A767642F1B8 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll

====== C:\Windows\Sysnative\drivers =====

2014-08-15 17:27:27 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-08-12 19:22:21 -------- d-----w- C:\Program Files\iPod

2014-08-12 19:22:20 -------- d-----w- C:\Program Files\iTunes

======= C:\PROGRA~2 =====

2014-08-18 20:32:23 -------- d-----w- C:\PROGRA~2\VNT

2014-08-12 19:22:20 -------- d-----w- C:\PROGRA~2\iTunes

2014-08-12 19:19:02 -------- d-----w- C:\PROGRA~2\QuickTime

======= C: =====

====== C:\Users\UpShot Desktop\AppData\Roaming ======

2014-08-18 20:32:25 -------- d-----w- C:\Users\UpShot Desktop\AppData\Local\VNT

2014-08-12 19:18:54 -------- d-----w- C:\Users\UpShot Desktop\AppData\Locallow\Apple Computer

2014-07-29 19:13:41 -------- d-----w- C:\Users\UpShot Desktop\AppData\Local\Windows Live

====== C:\Users\UpShot Desktop ======

2014-08-21 16:55:26 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\UpShot Desktop\Downloads\AdwCleaner.exe

2014-08-21 16:44:55 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64 (2).exe

2014-08-21 16:43:40 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64 (1).exe

2014-08-20 16:48:16 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64.exe

2014-08-18 20:32:17 B763782BEB7D4BE135B493A66AE2C841 509872 ----a-w- C:\Users\UpShot Desktop\Documents\APNSetup1.exe

2014-08-18 20:32:08 302DD0119A39F3E726721BC6D82E29A4 1035696 ----a-w- C:\Users\UpShot Desktop\Downloads\OffercastInstaller_AVR_U-0027-01-L_.exe

2014-08-12 19:22:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-12 19:22:20 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-12 19:19:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

 

====== C: exe-files ==

2014-08-21 16:55:26 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\UpShot Desktop\Downloads\AdwCleaner.exe

2014-08-21 16:44:55 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64 (2).exe

2014-08-21 16:43:40 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64 (1).exe

2014-08-20 16:48:16 2B306A1F849141A6FB5404655C1B4E3B 2101760 ----a-w- C:\Users\UpShot Desktop\Downloads\FRST64.exe

2014-08-18 20:32:24 F6889BCCBDE71A249C8320C8DCE14BE0 365976 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe

2014-08-18 20:32:24 E7F2414D8EBF7C269FC5FC878C1DD1E9 165784 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe

2014-08-18 20:32:24 E5FE41E1C8F7861D7402991A1D775854 150936 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe

2014-08-18 20:32:24 D77868F87ADB80F9333AAF0DB2E0C93A 115608 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe

2014-08-18 20:32:24 902B775B3295BCC1B7D2A85632D36C6C 1957784 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

2014-08-18 20:32:24 8A4FED42855A9EC0116DC4B6E94707EC 156112 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe

2014-08-18 20:32:24 770ADEF90ECB6FEF3C408E5077017D9A 106392 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe

2014-08-18 20:32:24 63C5CBF33AE7B007F01B8BAE5ACB0500 196504 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\VNT\vntldr.exe

2014-08-18 20:32:24 48E60CE28CC280F64868D88BE1312C2B 142744 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe

2014-08-18 20:32:17 B763782BEB7D4BE135B493A66AE2C841 509872 ----a-w- C:\Users\UpShot Desktop\Documents\APNSetup1.exe

2014-08-18 20:32:08 302DD0119A39F3E726721BC6D82E29A4 1035696 ----a-w- C:\Users\UpShot Desktop\Downloads\OffercastInstaller_AVR_U-0027-01-L_.exe

2014-08-18 20:15:38 B379482B5F0BD777A3AFFCC961038A1F 14134008 ----a-w- C:\Program Files (x86)\Google\Update\Download\{7DF3B6EE-9890-4307-BDE5-E1F3FCB09771}\3.0.19.44\clientmigrationsetup.exe

2014-08-16 09:00:58 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\SysWOW64\icardagt.exe

2014-08-16 09:00:58 8A08BB0D12BE40DC09632CD5D04A48A0 1389208 ----a-w- C:\Windows\System32\icardagt.exe

2014-08-16 09:00:47 E4312738B500577BABC232A49F67A67D 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe

2014-08-16 09:00:47 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-15 17:27:42 B0F8CCA08DBC392442E27377B98DD0CD 112064 ----a-w- C:\Windows\System32\consent.exe

2014-08-15 17:27:37 37C7C89B03F9D39629EDA545A1645D68 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe

2014-08-15 17:27:23 7BAF83ECFCB4AC9E90A4B459BDD59BCA 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-08-15 17:27:23 31A7689F580F37B52F65B9653F8916D4 810176 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-08-15 17:27:22 FCF5C8BB9AFD8D15B324B702F9B186B7 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-08-15 17:27:22 CDF01A5C7927786A708EAEE91F14797B 812224 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-08-15 17:27:22 8D526C6DFC13CC2F81395771B7BE1AC6 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-08-15 17:27:22 6A60D0D167D35A07646EBCF796D770B4 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-08-15 17:27:22 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-08-15 17:27:21 7D709E893B53092E3F5995FF5C3061E2 483328 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-08-15 17:27:20 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-08-15 17:27:19 1EEF9FE30DBE458A89B5F7A16FC68397 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-08-15 17:27:17 1C660588CFFB3A17BCF0F6B4779BF985 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-08-15 17:26:50 5BB980114F9A3D750A5C827B69C8A13B 156672 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe

2014-08-15 17:26:50 1E3976298791F63775B64BE5B9C97618 31232 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe

2014-08-15 12:15:23 C56CB929FDC62BA6AFA025C0DF95CA73 1836624 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe

=== C: other files ==

2014-08-21 16:24:40 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI58482\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx

2014-08-21 16:24:40 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\UpShot Desktop\AppData\Local\Temp\_MEI58482\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-08-18 20:32:24 FA0BB24FC3D1408C01A34617BBAA0D59 466264 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\[email protected]

2014-08-18 20:32:24 9184E1732435B1B39E0941C0552E9636 433903 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx

2014-08-18 20:32:24 7A682C2B521D61830DD24792B20297EA 251354 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\program files\VNT\content.zip

2014-08-18 20:32:24 40AE007010E6A2A8A2B84CC01A888479 452064 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx

2014-08-15 17:27:27 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-08-15 15:55:03 BAFBAE2EBFC782EF3494711897D01B24 138479285 ----a-w- C:\Users\UpShot Desktop\Downloads\ExhibitA-8-14.zip

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-21-3452355537-503043710-2882785224-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"SkyDrive"="C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"Fitbit Connect"="C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe /autorun"

"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHCA.EXE /EPT EPLTarget\P0000000000000000 /M WF-7510 Series"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-21-3452355537-503043710-2882785224-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"Hotkey Utility"="C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe"

"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"

"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"

"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"

"Fitbit Connect"="C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe /autorun"

"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"PrintAudit6"="C:\Program Files (x86)\Print Audit Inc\Print Audit 6\Client\pa6clint.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"FUFAXRCV"=""C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe""

"FUFAXSTM"=""C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe""

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"SkyDrive"="C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"Fitbit Connect"="C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe /autorun"

"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHCA.EXE /EPT EPLTarget\P0000000000000000 /M WF-7510 Series"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"

"Uninstall C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\UpShot Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"LogMeIn GUI"="C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

 

==== Startup Folders ======================

 

2012-04-06 03:52:27 829 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

2012-04-06 03:52:27 829 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

2012-11-06 21:24:13 1147 ----a-w- C:\Users\UpShot Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk

2013-08-27 16:46:18 1936 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

2012-11-08 18:11:54 2318 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Panasonic Communications Utility.lnk

2013-03-19 19:58:49 1756 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner File Utility.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/09/2014 12:52 AM]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/05/2012 04:11 PM]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/05/2012 04:11 PM]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\NBAgent" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe]

"C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Gateway\Gateway Updater\UALU.exe"]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"[email protected]"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [02/26/2013 02:19 PM]

 

==== Chrome Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[09/05/2013 08:04 AM]

 

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\UPSHOT~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[05/02/2013 09:34 AM]

 

Google Drive - UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Google Voice Search Hotword (Beta) - UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

Adobe Acrobat - Create PDF - UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj

Google Wallet - UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

 

==== Chromium Startpages ======================

 

C:\Users\UpShot Desktop\AppData\Local\Google\Chrome\User Data\Default\Preferences

"startup_urls": [ "http://google.com/" ],

 

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

"Default_Page_URL"="http://www.bing.com/?pc=MAGW"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=0 folders=0 0 bytes)

 

==== EOF on Thu 08/21/2014 at 11:09:20.32 ======================


  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Looks pretty good. How are things running?


  • 0

#10
nancy32986

nancy32986

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

It is running just like normal. So was anything wrong with my computer? I changed my password for Google. Are those emails legitimate?


  • 0

#11
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

You had a few tool bars and some other annoying malware, but nothing of significance and nothing that would have exposed your credentials.

 

These emails might be legitimate, but if I were a betting man, I'd bet that they are not.

 

Unless you have other questions or concerns, I think we're done :)

 

I'll keep this open until I hear from you one way or the other :thumbsup:


  • 0

#12
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP