Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 8 Laptop neverending pop ups [Closed]


  • This topic is locked This topic is locked

#1
taureanblack

taureanblack

    Member

  • Member
  • PipPip
  • 46 posts

Hi

 

I'm trying to help a coworker who is a cable cord cutter who may have downloaded some trojans accidentally to watch live tv.

 

She was using IE on a Win 8 OS.

 

Basically pop ups made surfing impossible.  I tried removing many of the items she downloaded and of course put her on Chrome with adblocker extensions which has helped  but I just want to be sure she's not infected. Here is her log. Any help is appreciated. She's a health care professional but a internet novice. 

 

 
OTL logfile created on: 11/3/2014 10:19:25 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.92 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 28.34% Memory free
8.17 Gb Paging File | 2.93 Gb Available in Paging File | 35.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.79 Gb Total Space | 579.78 Gb Free Space | 85.67% Space Free | Partition Type: NTFS
Drive D: | 21.07 Gb Total Space | 2.12 Gb Free Space | 10.05% Space Free | Partition Type: NTFS
 
Computer Name: HPPAVILLION | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/03 10:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.com
PRC - [2014/11/03 06:42:34 | 000,523,504 | ---- | M] () -- C:\Program Files (x86)\Krab Web\bin\utilKrabWeb.exe
PRC - [2014/11/03 06:39:25 | 000,523,504 | ---- | M] () -- C:\Program Files (x86)\Krab Web\updateKrabWeb.exe
PRC - [2014/11/02 06:57:00 | 002,726,256 | ---- | M] (Small Island Development) -- C:\ProgramData\VCRZNU\OATkuId.exe
PRC - [2014/11/01 09:23:41 | 000,399,464 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
PRC - [2014/11/01 09:23:41 | 000,111,208 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
PRC - [2014/11/01 09:15:05 | 000,572,320 | ---- | M] (app) -- C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-bg.exe
PRC - [2014/11/01 09:14:08 | 001,243,552 | ---- | M] (app) -- C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe
PRC - [2014/11/01 09:13:09 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
PRC - [2014/11/01 09:09:29 | 000,089,600 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\VOPackage\VOsrv.exe
PRC - [2014/11/01 02:52:16 | 004,959,744 | ---- | M] () -- C:\Windows\rcore.exe
PRC - [2014/10/31 14:03:36 | 003,339,208 | ---- | M] () -- C:\Users\Owner\AppData\Local\ospd_us_349\upospd_us_349.exe
PRC - [2014/10/24 09:07:24 | 000,379,440 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
PRC - [2014/10/21 23:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/10/08 08:39:10 | 001,111,936 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
PRC - [2014/09/22 08:14:24 | 001,190,768 | ---- | M] (Compete, Inc.) -- C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-host.exe
PRC - [2014/08/26 10:26:36 | 003,449,424 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Driver Pro\DriverPro.exe
PRC - [2014/08/26 10:26:36 | 000,947,280 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Driver Pro\DPTray.exe
PRC - [2014/07/21 05:50:19 | 000,697,344 | ---- | M] (The Chromium Authors) -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exe
PRC - [2014/03/26 14:35:26 | 000,475,448 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2014/03/26 14:35:26 | 000,469,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2014/02/22 03:00:27 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2013/08/22 13:08:56 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/09 07:25:18 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/08/09 07:25:16 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/08/09 07:25:12 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/08/05 02:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/08/01 07:34:53 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2013/07/09 00:02:44 | 000,114,920 | ---- | M] () -- C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
PRC - [2013/07/09 00:02:42 | 000,348,384 | ---- | M] () -- C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
PRC - [2013/06/07 15:56:48 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/09/06 20:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2012/09/06 20:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2012/06/06 14:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2009/05/05 16:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
 
 
========== Modules (All) ==========
 
MOD - [2014/11/03 10:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.com
MOD - [2014/11/01 09:23:41 | 000,399,464 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
MOD - [2014/11/01 09:15:05 | 000,572,320 | ---- | M] (app) -- C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-bg.exe
MOD - [2014/11/01 09:14:45 | 000,555,936 | ---- | M] (app) -- C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-bho.dll
MOD - [2014/11/01 09:14:09 | 000,137,632 | ---- | M] () -- C:\Program Files (x86)\Browsers+Apps+1.1\78afd125-787b-4118-b897-5aaed76bee90.dll
MOD - [2014/11/01 09:13:09 | 000,146,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2014/10/31 14:03:36 | 003,339,208 | ---- | M] () -- C:\Users\Owner\AppData\Local\ospd_us_349\upospd_us_349.exe
MOD - [2014/10/28 18:00:32 | 000,142,880 | ---- | M] () -- C:\Users\Owner\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
MOD - [2014/10/28 18:00:32 | 000,101,408 | ---- | M] () -- C:\Users\Owner\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
MOD - [2014/10/24 09:08:42 | 000,119,856 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll
MOD - [2014/10/24 09:08:36 | 000,056,880 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll
MOD - [2014/10/24 09:08:30 | 000,121,904 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll
MOD - [2014/10/24 09:08:10 | 000,092,720 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll
MOD - [2014/10/24 09:07:58 | 000,100,912 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll
MOD - [2014/10/24 09:07:46 | 000,069,168 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll
MOD - [2014/10/24 09:07:24 | 000,379,440 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
MOD - [2014/10/24 08:50:10 | 000,035,328 | ---- | M] () -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll
MOD - [2014/10/21 23:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2014/10/21 23:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
MOD - [2014/10/21 23:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/21 23:04:53 | 002,477,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libpeerconnection.dll
MOD - [2014/10/21 23:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/21 23:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/21 23:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/10/21 23:04:46 | 000,133,448 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome_elf.dll
MOD - [2014/10/21 23:04:45 | 034,098,504 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome_child.dll
MOD - [2014/10/21 23:04:36 | 031,893,832 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome.dll
MOD - [2014/10/21 22:34:23 | 003,231,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\d3dcompiler_46.dll
MOD - [2014/10/18 07:52:11 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0e4217ee2402382f925ada051b4e8f9e\System.Management.ni.dll
MOD - [2014/10/18 07:52:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2014/10/18 07:47:46 | 005,467,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/10/18 07:47:42 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/10/18 07:47:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/10/18 07:47:35 | 006,657,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\9056bdf1d8022eafb78c6bd805d3facc\System.Data.ni.dll
MOD - [2014/10/18 07:47:06 | 007,995,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/10/08 08:39:10 | 001,111,936 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
MOD - [2014/09/29 17:45:58 | 018,048,992 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
MOD - [2014/09/25 18:27:56 | 000,812,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2014/09/25 17:46:39 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2014/09/25 17:46:38 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2014/09/25 17:43:38 | 011,807,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2014/09/22 08:14:24 | 001,938,944 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\InternetExplorer\mozjs185-1.0.dll
MOD - [2014/09/22 08:14:24 | 001,190,768 | ---- | M] (Compete, Inc.) -- C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-host.exe
MOD - [2014/09/22 08:14:24 | 000,781,168 | ---- | M] (Compete, Inc.) -- C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll
MOD - [2014/09/22 08:14:24 | 000,771,952 | ---- | M] (Compete, Inc.) -- C:\Program Files (x86)\Consumer Input\InternetExplorer\cpturlpassthru.dll
MOD - [2014/09/22 08:14:24 | 000,151,408 | ---- | M] (Compete, Inc.) -- C:\Program Files (x86)\Consumer Input\InternetExplorer\logger.dll
MOD - [2014/09/18 20:44:05 | 017,484,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2014/09/18 20:25:12 | 004,201,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2014/09/18 20:02:07 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2014/09/18 19:55:50 | 002,187,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2014/09/18 18:59:11 | 001,810,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2014/09/18 18:56:20 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2014/09/18 18:53:45 | 001,190,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2014/09/18 18:52:24 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2014/09/13 00:30:17 | 003,117,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2014/09/10 15:28:44 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2014/09/04 12:22:22 | 000,149,072 | ---- | M] (Term Tutor) -- C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll
MOD - [2014/09/03 18:49:39 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MrmCoreR.dll
MOD - [2014/08/26 10:26:36 | 003,449,424 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Driver Pro\DriverPro.exe
MOD - [2014/08/26 10:26:36 | 000,947,280 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Driver Pro\DPTray.exe
MOD - [2014/08/22 23:31:32 | 001,038,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2014/08/18 06:15:43 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\a8a310b81c76f8e79a1a7fc309a098bf\Accessibility.ni.dll
MOD - [2014/08/18 06:14:29 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/08/15 22:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2014/08/15 22:16:37 | 001,205,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2014/08/15 22:03:51 | 001,467,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2014/08/15 20:31:16 | 000,838,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2014/08/15 20:03:15 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2014/08/15 19:43:25 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2014/08/13 12:59:56 | 016,720,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll
MOD - [2014/08/01 22:56:08 | 001,064,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2014/07/24 08:50:07 | 000,098,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2014/07/24 08:46:50 | 000,477,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll
MOD - [2014/07/24 08:36:22 | 000,707,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2014/07/24 08:36:20 | 002,145,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcore.dll
MOD - [2014/07/24 08:36:20 | 000,355,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfreadwrite.dll
MOD - [2014/07/24 04:10:16 | 000,540,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2014/07/24 03:49:34 | 001,361,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2014/07/24 03:30:04 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2014/07/24 03:15:36 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Networking.dll
MOD - [2014/07/24 03:10:57 | 000,889,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Media.dll
MOD - [2014/07/24 03:10:30 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2014/07/21 05:50:19 | 000,697,344 | ---- | M] (The Chromium Authors) -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exe
MOD - [2014/07/21 05:49:58 | 032,815,616 | ---- | M] (The Chromium Authors) -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome_child.dll
MOD - [2014/07/21 05:24:00 | 026,077,184 | ---- | M] (The Chromium Authors) -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll
MOD - [2014/07/21 04:38:42 | 000,393,728 | ---- | M] () -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\ppGoogleNaClPluginChrome.dll
MOD - [2014/07/21 04:38:37 | 000,788,480 | ---- | M] () -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\ffmpegsumo.dll
MOD - [2014/07/20 04:35:29 | 009,956,864 | ---- | M] (The ICU Project) -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\icudt.dll
MOD - [2014/07/15 03:03:50 | 002,344,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2014/07/04 05:00:32 | 001,351,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17227_none_dad9452e5bcb7986\GdiPlus.dll
MOD - [2014/07/03 03:07:37 | 005,945,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2014/06/19 18:52:15 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2014/06/14 00:46:03 | 002,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2014/06/12 19:10:45 | 000,406,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2014/06/07 05:20:41 | 000,189,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2014/05/28 23:36:40 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2014/05/26 23:39:21 | 000,032,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MOD - [2014/05/26 23:39:19 | 002,972,672 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/05/26 23:39:16 | 000,074,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2014/05/26 23:39:14 | 000,573,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2014/05/13 22:17:02 | 007,174,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\agcore.dll
MOD - [2014/05/13 22:17:02 | 001,213,584 | ---- | M] ( Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
MOD - [2014/05/11 09:29:28 | 011,387,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumdim32.dll
MOD - [2014/05/11 09:29:28 | 003,523,072 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdusc32.dll
MOD - [2014/05/11 09:29:26 | 013,153,792 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10iumd32.dll
MOD - [2014/05/10 03:46:45 | 000,335,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2014/05/09 22:22:15 | 001,312,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2014/05/02 23:47:03 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2014/05/02 23:37:16 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2014/05/02 23:36:32 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2014/04/29 22:47:50 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2014/04/29 22:46:18 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2014/04/29 22:45:54 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2014/04/18 04:14:19 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\apppatch\AcGenral.dll
MOD - [2014/04/14 03:08:44 | 001,797,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2014/04/14 03:01:02 | 000,285,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MFCaptureEngine.dll
MOD - [2014/04/11 03:25:54 | 000,419,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.appcore.dll
MOD - [2014/04/06 10:16:37 | 000,326,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2014/04/06 07:06:19 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2014/04/02 23:03:15 | 000,230,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2014/04/02 23:03:15 | 000,111,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2014/03/26 14:35:26 | 000,475,448 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
MOD - [2014/03/24 20:20:46 | 000,127,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll
MOD - [2014/03/24 20:20:45 | 000,128,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2014/03/19 18:55:24 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2014/03/08 06:34:53 | 001,095,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2014/03/08 02:47:39 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2014/03/08 01:31:32 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dcomp.dll
MOD - [2014/03/08 01:25:42 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2014/03/06 06:19:51 | 000,094,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2014/03/06 06:13:13 | 001,779,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2014/03/06 05:46:28 | 001,679,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2014/03/06 01:23:34 | 002,270,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2014/03/06 01:04:58 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
MOD - [2014/03/04 01:42:41 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2014/03/04 00:52:07 | 000,605,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2014/02/24 02:38:52 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\Microsoft.PerfTrack.dll
MOD - [2014/02/24 00:37:06 | 000,836,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x86__8wekyb3d8bbwe\msvcr120_app.dll
MOD - [2014/02/24 00:37:06 | 000,461,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x86__8wekyb3d8bbwe\msvcp120_app.dll
MOD - [2014/02/24 00:37:06 | 000,248,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x86__8wekyb3d8bbwe\vccorlib120_app.dll
MOD - [2014/02/22 18:54:58 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2014/02/22 09:52:02 | 001,767,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2014/02/22 09:52:01 | 000,251,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2014/02/22 09:42:12 | 001,017,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2014/02/22 09:42:12 | 000,369,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Faultrep.dll
MOD - [2014/02/22 09:38:20 | 000,089,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncryptsslp.dll
MOD - [2014/02/22 09:38:06 | 001,374,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll
MOD - [2014/02/22 09:38:06 | 000,506,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinTypes.dll
MOD - [2014/02/22 09:11:24 | 000,490,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2014/02/22 09:08:52 | 000,079,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcd.dll
MOD - [2014/02/22 09:04:47 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2014/02/22 06:28:51 | 002,428,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2014/02/22 06:23:24 | 001,975,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7\comctl32.dll
MOD - [2014/02/22 06:16:24 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2014/02/22 06:15:39 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2014/02/22 05:38:04 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\easwrt.dll
MOD - [2014/02/22 04:30:13 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2014/02/22 04:29:39 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2014/02/22 04:28:36 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2014/02/22 04:27:54 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\GlobCollationHost.dll
MOD - [2014/02/22 04:26:33 | 000,792,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Globalization.dll
MOD - [2014/02/22 04:19:06 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
MOD - [2014/02/22 04:16:07 | 011,776,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2014/02/22 04:00:32 | 001,341,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2014/02/22 04:00:30 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2014/02/22 03:59:14 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
MOD - [2014/02/22 03:53:43 | 000,876,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2014/02/22 03:48:25 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2014/02/22 03:43:45 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2014/02/22 03:43:03 | 000,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2014/02/22 03:39:28 | 000,556,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.dll
MOD - [2014/02/22 03:00:27 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
MOD - [2014/01/31 04:04:30 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
MOD - [2014/01/29 02:44:15 | 001,369,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2014/01/27 06:52:40 | 000,515,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2014/01/22 00:50:16 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\deviceaccess.dll
MOD - [2014/01/17 12:04:11 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ninput.dll
MOD - [2014/01/07 19:33:53 | 000,552,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2013/12/03 21:48:03 | 013,586,896 | ---- | M] () -- C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\PepperFlash\pepflashplayer.dll
MOD - [2013/11/27 03:56:33 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Graphics.dll
MOD - [2013/11/21 00:44:50 | 003,936,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/10/19 02:14:14 | 000,070,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2013/10/16 08:54:17 | 001,581,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2013/10/05 03:21:38 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2013/09/05 23:24:49 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
MOD - [2013/09/05 23:24:47 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
MOD - [2013/09/05 23:24:46 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
MOD - [2013/09/03 17:31:42 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CryptoWinRT.dll
MOD - [2013/09/03 17:31:42 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2013/08/26 09:54:32 | 000,520,234 | ---- | M] () -- C:\Program Files (x86)\Driver Pro\sqlite3.dll
MOD - [2013/08/23 05:29:26 | 000,364,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2013/08/22 08:25:36 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2013/08/22 08:25:36 | 000,019,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2013/08/22 00:31:44 | 000,151,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
MOD - [2013/08/22 00:31:41 | 000,123,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2013/08/22 00:31:40 | 000,237,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2013/08/22 00:31:40 | 000,029,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll
MOD - [2013/08/22 00:31:40 | 000,016,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2013/08/22 00:30:48 | 000,308,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2013/08/22 00:30:36 | 000,082,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2013/08/22 00:29:34 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2013/08/22 00:29:31 | 000,108,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2013/08/22 00:29:30 | 000,171,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll
MOD - [2013/08/22 00:29:29 | 000,147,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2013/08/22 00:29:29 | 000,113,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2013/08/22 00:29:29 | 000,066,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2013/08/22 00:29:29 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2013/08/22 00:29:29 | 000,036,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2013/08/22 00:29:26 | 000,095,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2013/08/22 00:29:25 | 000,020,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2013/08/22 00:28:06 | 000,175,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2013/08/22 00:25:38 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2013/08/22 00:25:37 | 000,263,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2013/08/22 00:25:01 | 000,162,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
MOD - [2013/08/22 00:24:59 | 000,030,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2013/08/22 00:24:57 | 000,103,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2013/08/22 00:21:42 | 000,508,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2013/08/22 00:21:03 | 000,780,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2013/08/22 00:20:03 | 000,265,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2013/08/22 00:20:02 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2013/08/22 00:19:23 | 000,096,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RTWorkQ.dll
MOD - [2013/08/22 00:19:22 | 000,086,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2013/08/22 00:19:22 | 000,039,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2013/08/22 00:19:12 | 000,074,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2013/08/22 00:19:12 | 000,018,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2013/08/22 00:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2013/08/22 00:17:54 | 000,252,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2013/08/22 00:17:54 | 000,030,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2013/08/22 00:17:53 | 000,118,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2013/08/22 00:17:53 | 000,051,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2013/08/21 23:14:49 | 009,374,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2013/08/21 23:14:43 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2013/08/21 23:12:40 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2013/08/21 23:07:58 | 000,535,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_7c55c866aa0c3ff0\comctl32.dll
MOD - [2013/08/21 23:07:54 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WwaApi.dll
MOD - [2013/08/21 23:07:29 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/08/21 23:07:03 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2013/08/21 23:06:58 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2013/08/21 23:06:42 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2013/08/21 23:06:04 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2013/08/21 23:05:53 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2013/08/21 23:05:51 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2013/08/21 23:03:52 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2013/08/21 23:03:46 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2013/08/21 23:03:31 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pcacli.dll
MOD - [2013/08/21 23:02:27 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2013/08/21 23:01:50 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2013/08/21 23:01:32 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2013/08/21 23:00:49 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2013/08/21 22:59:21 | 015,794,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DDORes.dll
MOD - [2013/08/21 22:56:52 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSWB7.dll
MOD - [2013/08/21 22:54:47 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2013/08/21 22:54:38 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2013/08/21 22:54:34 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2013/08/21 22:54:15 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2013/08/21 22:53:54 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2013/08/21 22:50:39 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2013/08/21 22:50:04 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qcap.dll
MOD - [2013/08/21 22:49:02 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2013/08/21 22:47:14 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2013/08/21 22:46:39 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2013/08/21 22:42:13 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2013/08/21 22:40:54 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2013/08/21 22:40:02 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DefaultDeviceManager.dll
MOD - [2013/08/21 22:39:53 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2013/08/21 22:26:03 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll
MOD - [2013/08/21 22:18:28 | 001,352,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2013/08/21 22:17:37 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2013/08/21 22:11:35 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2013/08/21 21:55:53 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2013/08/21 21:55:43 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll
MOD - [2013/08/21 21:55:25 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2013/08/21 21:55:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2013/08/21 21:54:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2013/08/21 21:54:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2013/08/21 21:54:38 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2013/08/21 21:54:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2013/08/21 21:54:27 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2013/08/21 21:54:17 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2013/08/21 21:54:12 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.ApplicationModel.Background.TimeBroker.dll
MOD - [2013/08/21 21:53:50 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\TimeBrokerClient.dll
MOD - [2013/08/21 21:53:48 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MOD - [2013/08/21 21:53:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2013/08/21 21:53:30 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SystemEventsBrokerClient.dll
MOD - [2013/08/21 21:52:25 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2013/08/21 21:52:11 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2013/08/21 21:52:09 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\BCP47Langs.dll
MOD - [2013/08/21 21:52:04 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2013/08/21 21:51:49 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2013/08/21 21:50:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DevDispItemProvider.dll
MOD - [2013/08/21 21:49:56 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winbio.dll
MOD - [2013/08/21 21:49:40 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2013/08/21 21:48:53 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2013/08/21 21:48:14 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Devices.Enumeration.ps.dll
MOD - [2013/08/21 21:47:24 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\threadpoolwinrt.dll
MOD - [2013/08/21 21:47:20 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Networking.HostName.dll
MOD - [2013/08/21 21:46:41 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2013/08/21 21:46:37 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2013/08/21 21:46:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vaultcli.dll
MOD - [2013/08/21 21:45:56 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\biwinrt.dll
MOD - [2013/08/21 21:45:46 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpnapps.dll
MOD - [2013/08/21 21:45:37 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2013/08/21 21:45:19 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profext.dll
MOD - [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2013/08/21 21:45:05 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Media.Devices.dll
MOD - [2013/08/21 21:44:53 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2013/08/21 21:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2013/08/21 21:43:33 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2013/08/21 21:43:30 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2013/08/21 21:43:21 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
MOD - [2013/08/21 21:42:35 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2013/08/21 21:42:31 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2013/08/21 21:41:38 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
MOD - [2013/08/21 21:39:44 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PhotoMetadataHandler.dll
MOD - [2013/08/21 21:39:08 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2013/08/21 21:38:00 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2013/08/21 21:33:31 | 000,527,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2013/08/21 21:30:52 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.UI.dll
MOD - [2013/08/21 21:29:37 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2013/08/21 21:27:50 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
MOD - [2013/08/21 21:25:20 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2013/08/21 21:23:06 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.ApplicationModel.dll
MOD - [2013/08/21 21:18:25 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.System.Profile.HardwareId.dll
MOD - [2013/08/16 19:06:29 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
MOD - [2013/08/16 19:06:29 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll
MOD - [2013/08/09 19:39:23 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rometadata.dll
MOD - [2013/08/05 17:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/05 02:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/08/05 02:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
MOD - [2013/08/01 07:34:53 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
MOD - [2013/08/01 07:34:38 | 000,340,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\subsys\PyFaceLogin\CLWFL.dll
MOD - [2013/07/09 00:02:44 | 000,114,920 | ---- | M] () -- C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
MOD - [2013/07/09 00:02:42 | 000,348,384 | ---- | M] () -- C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
MOD - [2013/06/07 15:56:48 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
MOD - [2013/05/09 05:09:55 | 000,018,496 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\CyberLink\YouCam\Custom\Lang\ENU\IM.dll
MOD - [2012/11/05 16:20:52 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\MSVCR110.dll
MOD - [2012/11/05 16:20:52 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\MSVCP110.dll
MOD - [2012/09/06 20:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
MOD - [2012/09/06 20:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
MOD - [2012/09/06 20:02:42 | 000,155,648 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
MOD - [2012/07/17 12:36:42 | 000,090,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
MOD - [2012/07/06 12:33:54 | 017,694,720 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
MOD - [2012/07/06 12:33:52 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
MOD - [2012/06/06 14:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
MOD - [2012/01/11 13:39:44 | 000,626,688 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
MOD - [2011/08/31 01:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011/06/11 03:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011/03/24 21:06:29 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go8\msvcp71.dll
MOD - [2011/03/24 21:06:29 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go8\msvcr71.dll
MOD - [2011/02/28 10:32:20 | 000,208,896 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
MOD - [2010/03/09 00:50:26 | 002,966,816 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\MaxRes.dll
MOD - [2010/03/09 00:50:16 | 000,124,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\BindRes.dll
MOD - [2010/03/09 00:45:46 | 000,058,656 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\XMaxUtil.dll
MOD - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
MOD - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
MOD - [2009/05/05 16:06:12 | 000,029,984 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\_ispmres.dll
MOD - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
MOD - [2009/05/05 16:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2005/09/07 14:03:34 | 000,036,864 | ---- | M] (Black Ice Software, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\BliceCtr.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/15 12:37:16 | 000,707,888 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2014/09/25 02:10:24 | 002,436,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/09/10 15:28:36 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/04 03:09:02 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2014/08/20 07:16:12 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 02:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/20 09:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/20 09:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/04/25 17:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/04/06 06:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/23 21:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 21:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 01:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 00:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 02:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 10:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 04:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 04:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 04:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 04:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 02:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/10/14 10:29:40 | 000,087,552 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe -- (omniserv)
SRV:64bit: - [2013/10/14 10:23:20 | 000,109,568 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe -- (Cachedrv server)
SRV:64bit: - [2013/08/26 01:13:24 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/08/22 13:08:56 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McOobeSv2)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/24 20:21:46 | 000,334,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2013/07/23 13:28:56 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2013/06/18 22:18:38 | 000,246,488 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2013/05/11 19:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/11 19:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/11/03 06:42:34 | 000,523,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Krab Web\bin\utilKrabWeb.exe -- (Util Krab Web)
SRV - [2014/11/03 06:39:25 | 000,523,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Krab Web\updateKrabWeb.exe -- (Update Krab Web)
SRV - [2014/11/02 08:06:44 | 000,492,496 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/ORBTR/orbiter.dll -- (Orbiter)
SRV - [2014/11/02 06:57:00 | 002,726,256 | ---- | M] (Small Island Development) [Auto | Running] -- C:\ProgramData\VCRZNU\OATkuId.exe -- (OATkuId)
SRV - [2014/11/01 09:23:41 | 000,111,208 | ---- | M] (RaMMicHaeL) [Auto | Running] -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe -- (Unchecky)
SRV - [2014/11/01 09:13:09 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/11/01 09:13:09 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/11/01 09:11:09 | 000,106,296 | ---- | M] (ConsumerInput) [On_Demand | Stopped] -- C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe -- (consumerinput_updatem)
SRV - [2014/11/01 09:11:09 | 000,106,296 | ---- | M] (ConsumerInput) [Auto | Stopped] -- C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe -- (consumerinput_update)
SRV - [2014/11/01 09:09:29 | 000,089,600 | ---- | M] () [Auto | Running] -- C:\Users\Owner\AppData\Roaming\VOPackage\VOsrv.exe -- (servervo)
SRV - [2014/11/01 02:52:16 | 004,959,744 | ---- | M] () [Auto | Running] -- C:\Windows\rcore.exe -- (rcores)
SRV - [2014/10/30 06:47:34 | 000,036,936 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/10/28 18:00:54 | 000,034,336 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\LPT\srpts.exe -- (LPTSystemUpdater)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/11 09:29:31 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/26 14:35:26 | 000,469,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2014/03/14 01:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/04 17:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/08/26 01:13:24 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/08/26 01:13:24 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/08/26 01:13:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/09 07:25:18 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/08/09 07:25:16 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/08/09 07:25:12 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/11/01 09:10:18 | 000,058,040 | ---- | M] (Corsica) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\webinstrNew.sys -- (webinstrNew)
DRV:64bit: - [2014/08/20 07:06:14 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/08/20 07:05:28 | 000,445,512 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 10:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 10:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 06:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/07/10 13:09:30 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2014/06/20 09:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/06/20 09:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/20 09:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/20 09:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/06/20 09:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/20 09:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/06/20 09:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/05/11 09:29:28 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/01 08:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/27 09:38:59 | 003,068,120 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2014/03/23 21:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 21:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 21:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 22:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 07:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 15:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 11:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 10:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 10:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 10:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 10:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 07:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/11/10 21:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 06:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/25 20:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 10:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/23 12:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/03 17:31:36 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 17:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/22 17:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 14:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 14:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 05:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/20 10:25:02 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/08/17 04:22:16 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/15 17:28:42 | 000,830,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/09 07:25:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 16:10:50 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/07/26 16:10:50 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/07/26 16:10:50 | 000,030,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 13:28:56 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2013/07/23 13:28:56 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2013/07/22 18:45:58 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2013/06/24 13:36:52 | 000,418,008 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/03/05 14:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/03/05 01:22:20 | 000,041,408 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV - [2013/08/21 14:42:32 | 002,944,216 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtwlane.sys -- (RTWlanE)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://astromenda.co...r=106507692&ir=
IE:64bit: - HKLM\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://astromenda.co...=1682188327&ir=
IE:64bit: - HKLM\..\SearchScopes\{82490D63-CD3D-492D-A8FB-1A26C085BC42}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-77919763-808462472-1795383770-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Program Files (x86)\Krab Web\bin\Pac9064.js
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/11/02 07:57:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi [2014/09/23 08:12:30 | 000,510,118 | ---- | M] ()
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn\2.2.3_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.7_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbonldcgbaeiljcefjhaofjcpdnmhoc\1.0.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae\0.3.6_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/11/03 08:54:25 | 000,001,993 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
O1 - Hosts: 0.0.0.0 media.opencandy.com
O1 - Hosts: 0.0.0.0 cdn.opencandy.com
O1 - Hosts: 0.0.0.0 tracking.opencandy.com
O1 - Hosts: 0.0.0.0 api.opencandy.com
O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
O1 - Hosts: 0.0.0.0 installer.filebulldog.com
O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
O1 - Hosts: 0.0.0.0 inno.bisrv.com
O1 - Hosts: 0.0.0.0 nsis.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
O1 - Hosts: 0.0.0.0 cdn.montiera.com
O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
O1 - Hosts: 0.0.0.0 cdn.ppdownload.com
O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us
O1 - Hosts: 0.0.0.0 cdn.shyapotato.us
O1 - Hosts: 0.0.0.0 cdn.solimba.com
O1 - Hosts: 10 more lines...
O2:64bit: - BHO: (Browsers+Apps+1.1) - {11111111-1111-1111-1111-110611501155} - C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-bho64.dll (app)
O2:64bit: - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O2:64bit: - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Browsers+Apps+1.1) - {11111111-1111-1111-1111-110611501155} - C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-bho.dll (app)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (TermTutor) - {6CB99040-7828-4C37-AC01-F15758F43E4D} - C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
O2 - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O2 - BHO: (Consumer Input DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O3:64bit: - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O3 - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OPBHOBroker] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [OPBHOBrokerDesktop] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe (Hewlett-Packard)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ConvertAd] C:\Users\Owner\AppData\Local\ConvertAd\ConvertAd.exe File not found
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-77919763-808462472-1795383770-1001..\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-77919763-808462472-1795383770-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKLM..\RunOnce: [upospd_us_349.exe] C:\Users\Owner\AppData\Local\ospd_us_349\upospd_us_349.exe ()
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk = C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk = C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-21-77919763-808462472-1795383770-1001\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Owner\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: SafeKey - file://C:\Users\Owner\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Owner\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8 - Extra context menu item: SafeKey - file://C:\Users\Owner\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O9 - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.172.3.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CAEB4E9-EBBC-4168-824D-7A0835A6647E}: DhcpNameServer = 207.172.3.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{640F3450-DDBD-46ED-BD82-84AC7AFD4491}: DhcpNameServer = 192.168.15.1
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll) - C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll ()
O20 - AppInit_DLLs: (c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll) - c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/03 10:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/11/02 11:57:35 | 000,000,000 | ---D | C] -- C:\TVWizard
[2014/11/02 08:07:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\SearchProtect
[2014/11/02 08:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/11/02 08:06:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ORBTR
[2014/11/02 06:57:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\TVWizard
[2014/11/02 06:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\VCRZNU
[2014/11/02 06:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\TVWizard
[2014/11/01 20:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\e435d908-8e15-4e0c-ae35-3dc1cb10ee1e
[2014/11/01 19:43:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r
[2014/11/01 18:15:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Krab Web
[2014/11/01 09:18:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\WSE_Astromenda
[2014/11/01 09:18:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Systweak
[2014/11/01 09:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\TermTutor
[2014/11/01 09:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Unchecky
[2014/11/01 09:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
[2014/11/01 09:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unchecky
[2014/11/01 09:17:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TermTutor
[2014/11/01 09:15:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Compete
[2014/11/01 09:14:29 | 001,498,016 | ---- | C] (app) -- C:\Users\Owner\AppData\Roaming\QTYSGV.exe
[2014/11/01 09:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LPT
[2014/11/01 09:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/11/01 09:13:39 | 001,974,688 | ---- | C] (app) -- C:\Users\Owner\AppData\Roaming\YLEIWO.exe
[2014/11/01 09:13:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\globalUpdate
[2014/11/01 09:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/11/01 09:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers+Apps+1.1
[2014/11/01 09:12:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\LPT
[2014/11/01 09:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup Support for Consumer Input
[2014/11/01 09:12:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Smartbar
[2014/11/01 09:11:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Optimizer Pro
[2014/11/01 09:11:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Consumer Input
[2014/11/01 09:10:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Consumer Input
[2014/11/01 09:10:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/11/01 09:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/11/01 09:10:22 | 000,058,040 | ---- | C] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNew.sys
[2014/11/01 09:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ver3NewPlayer
[2014/11/01 09:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY
[2014/11/01 09:09:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ospd_us_349
[2014/11/01 09:09:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ospd_us_349
[2014/11/01 09:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[2014/11/01 09:09:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\VOPackage
[2014/11/01 09:09:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014/10/19 19:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2014/10/19 19:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/10/15 14:47:19 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/10/15 14:47:19 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/10/15 14:47:18 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/10/15 14:46:54 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/10/15 14:46:54 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/10/15 14:46:54 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/10/15 14:46:54 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/10/15 14:46:54 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/10/15 14:46:54 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/10/15 14:46:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/10/15 14:46:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/10/15 14:46:54 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/10/15 14:46:54 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/10/15 14:46:54 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/10/15 14:46:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/10/15 14:46:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/10/15 14:46:38 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/10/15 14:46:34 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/10/15 14:46:34 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/10/15 14:46:34 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/10/15 14:46:33 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/10/15 14:46:33 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/10/15 14:46:32 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/10/15 14:46:32 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/10/15 14:46:32 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/10/15 14:46:32 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/10/15 14:46:32 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/10/15 14:46:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/10/15 14:46:32 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/10/15 14:46:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/10/15 14:44:54 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/15 14:44:54 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/15 14:44:54 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/15 14:44:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/15 14:44:40 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/10/15 14:44:35 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/15 14:44:34 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/15 14:44:34 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/10/15 14:44:33 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/10/15 14:44:33 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/10/15 14:44:33 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/10/15 14:44:33 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/10/15 14:44:32 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/10/15 14:44:32 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/10/15 14:44:31 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2014/10/15 14:44:31 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2014/10/15 14:44:30 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/10/15 14:44:30 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/10/15 14:44:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/10/15 14:44:30 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/10/15 14:44:30 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/10/15 14:44:30 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcsvDevice.dll
[2014/10/15 14:44:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2014/10/15 14:44:30 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2014/10/15 14:44:29 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2014/10/15 14:44:29 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/10/15 14:44:29 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/15 14:44:29 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/15 14:44:29 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2014/10/15 14:42:56 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/15 14:42:56 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/10/15 14:42:56 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/15 14:42:55 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/15 14:42:55 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/10/15 14:42:55 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/10/07 20:41:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
[2014/10/04 21:28:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\ControlCenter4
[2014/10/04 21:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2014/10/04 21:20:34 | 000,000,000 | ---D | C] -- C:\Brother
[2014/10/04 21:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2014/10/04 21:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2014/10/04 21:20:14 | 000,316,928 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2014/10/04 21:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
[2014/10/04 21:20:13 | 000,084,480 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2014/10/04 21:20:13 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2014/10/04 21:20:13 | 000,051,712 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2014/10/04 21:19:58 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BROSNMP.DLL
[2014/10/04 21:19:53 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2014/10/04 21:19:52 | 000,245,760 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2014/10/04 21:19:52 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2014/10/04 21:19:52 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2014/10/04 21:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2014/10/04 21:12:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2014/10/04 20:48:36 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Brother
[2014/04/06 10:06:20 | 027,045,552 | ---- | C] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/03 10:40:00 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\CIMT_S-1-5-21-77919763-808462472-1795383770-1001.job
[2014/11/03 10:18:08 | 000,004,510 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job
[2014/11/03 10:18:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/11/03 10:18:00 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\WSE_Astromenda.job
[2014/11/03 10:16:04 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/11/03 10:16:01 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/11/03 10:15:08 | 000,002,462 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job
[2014/11/03 10:15:08 | 000,002,462 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job
[2014/11/03 10:14:04 | 000,001,362 | ---- | M] () -- C:\Windows\tasks\QTYSGV.job
[2014/11/03 10:14:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610.job
[2014/11/03 10:14:03 | 000,004,174 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job
[2014/11/03 10:14:01 | 000,003,474 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job
[2014/11/03 10:14:01 | 000,002,126 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job
[2014/11/03 10:13:03 | 000,005,200 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job
[2014/11/03 10:13:03 | 000,001,362 | ---- | M] () -- C:\Windows\tasks\YLEIWO.job
[2014/11/03 10:13:01 | 000,003,830 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job
[2014/11/03 10:13:00 | 000,004,174 | ---- | M] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job
[2014/11/03 10:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\NewPlayer Update.job
[2014/11/03 09:19:15 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
[2014/11/03 09:14:51 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/03 09:01:31 | 000,958,356 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/03 09:01:31 | 000,797,164 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/03 09:01:31 | 000,161,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/03 08:55:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/03 08:54:50 | 000,002,336 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/11/03 08:53:55 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/03 08:53:46 | 788,168,703 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/03 07:18:49 | 000,000,001 | ---- | M] () -- C:\Users\Owner\AppData\Local\DSI.DAT
[2014/11/03 07:18:20 | 000,022,528 | ---- | M] () -- C:\Users\Owner\AppData\Local\84021875dsisetup840276712.exe
[2014/11/03 07:18:10 | 000,000,127 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\WB.CFG
[2014/11/01 09:38:59 | 000,001,140 | ---- | M] () -- C:\Users\Owner\Desktop\Continue Live Installation.lnk
[2014/11/01 09:38:49 | 000,001,929 | ---- | M] () -- C:\Windows\patsearch.bin
[2014/11/01 09:18:33 | 000,000,268 | ---- | M] () -- C:\Users\Owner\Desktop\Cut the Rope.url
[2014/11/01 09:17:29 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\Unchecky.lnk
[2014/11/01 09:14:36 | 000,001,149 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2014/11/01 09:14:36 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/11/01 09:14:29 | 001,498,016 | ---- | M] (app) -- C:\Users\Owner\AppData\Roaming\QTYSGV.exe
[2014/11/01 09:13:39 | 001,974,688 | ---- | M] (app) -- C:\Users\Owner\AppData\Roaming\YLEIWO.exe
[2014/11/01 09:13:03 | 000,000,004 | ---- | M] () -- C:\end
[2014/11/01 09:11:04 | 000,001,984 | ---- | M] () -- C:\Users\Owner\Desktop\Sync Folder.lnk
[2014/11/01 09:10:48 | 000,001,112 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/11/01 09:10:48 | 000,001,102 | ---- | M] () -- C:\Users\Owner\Desktop\MyPC Backup.lnk
[2014/11/01 09:10:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014/11/01 09:10:18 | 000,058,040 | ---- | M] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNew.sys
[2014/11/01 02:52:16 | 004,959,744 | ---- | M] () -- C:\Windows\rcore.exe
[2014/10/31 08:40:06 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2014/10/29 17:16:27 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\google chrome.lnk
[2014/10/18 07:29:08 | 000,384,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/09 17:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/08 17:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/06 15:36:26 | 000,020,296 | ---- | M] () -- C:\Windows\SysNative\roboot64.exe
[2014/10/04 21:23:03 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Brother Utilities.lnk
 
========== Files Created - No Company Name ==========
 
[2014/11/03 07:18:49 | 000,000,001 | ---- | C] () -- C:\Users\Owner\AppData\Local\DSI.DAT
[2014/11/03 07:18:20 | 000,022,528 | ---- | C] () -- C:\Users\Owner\AppData\Local\84021875dsisetup840276712.exe
[2014/11/01 10:18:02 | 000,000,127 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\WB.CFG
[2014/11/01 09:18:46 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\WSE_Astromenda.job
[2014/11/01 09:18:33 | 000,000,268 | ---- | C] () -- C:\Users\Owner\Desktop\Cut the Rope.url
[2014/11/01 09:18:22 | 000,020,296 | ---- | C] () -- C:\Windows\SysNative\roboot64.exe
[2014/11/01 09:17:29 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\Unchecky.lnk
[2014/11/01 09:16:38 | 000,001,140 | ---- | C] () -- C:\Users\Owner\Desktop\Continue Live Installation.lnk
[2014/11/01 09:15:15 | 000,002,462 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job
[2014/11/01 09:15:13 | 000,002,462 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job
[2014/11/01 09:14:51 | 000,002,126 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job
[2014/11/01 09:14:36 | 000,001,149 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2014/11/01 09:14:36 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/11/01 09:14:33 | 000,003,474 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job
[2014/11/01 09:14:30 | 000,001,362 | ---- | C] () -- C:\Windows\tasks\QTYSGV.job
[2014/11/01 09:14:24 | 000,004,174 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job
[2014/11/01 09:13:53 | 000,004,174 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job
[2014/11/01 09:13:48 | 000,003,830 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job
[2014/11/01 09:13:42 | 000,005,200 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job
[2014/11/01 09:13:40 | 000,001,362 | ---- | C] () -- C:\Windows\tasks\YLEIWO.job
[2014/11/01 09:13:14 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/11/01 09:13:13 | 000,004,510 | ---- | C] () -- C:\Windows\tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job
[2014/11/01 09:11:55 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\CIMT_S-1-5-21-77919763-808462472-1795383770-1001.job
[2014/11/01 09:11:13 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/11/01 09:11:12 | 000,000,988 | ---- | C] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/11/01 09:11:04 | 000,001,984 | ---- | C] () -- C:\Users\Owner\Desktop\Sync Folder.lnk
[2014/11/01 09:10:48 | 000,001,112 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/11/01 09:10:47 | 000,001,102 | ---- | C] () -- C:\Users\Owner\Desktop\MyPC Backup.lnk
[2014/11/01 09:10:25 | 000,001,929 | ---- | C] () -- C:\Windows\patsearch.bin
[2014/11/01 09:10:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014/11/01 09:10:22 | 000,000,430 | ---- | C] () -- C:\Windows\tasks\NewPlayer Update.job
[2014/11/01 09:10:04 | 004,959,744 | ---- | C] () -- C:\Windows\rcore.exe
[2014/11/01 09:08:47 | 000,000,004 | ---- | C] () -- C:\end
[2014/10/15 14:44:29 | 000,388,729 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/10/04 21:23:03 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Brother Utilities.lnk
[2014/10/04 21:20:13 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2014/09/01 03:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\QTYSGV
[2014/09/01 03:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\YLEIWO
[2014/08/30 14:29:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/11 09:30:23 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/05/11 09:30:23 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/05/11 09:30:20 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/04/13 06:29:31 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 06:47:46 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/02/25 18:29:10 | 000,440,608 | ---- | C] () -- C:\Windows\SysWow64\hpcc3155.DLL
[2013/11/21 00:32:12 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2013/11/21 00:32:08 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2013/09/05 23:15:05 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/08/26 01:13:37 | 000,974,698 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/11 19:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013/09/05 22:30:59 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/15 23:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/15 22:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Owner\SkyDrive:ms-properties
 
< End of report >
 

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 
I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

I do see some things that need cleaned up however since the machine is Windows 8/8.1 we will need to run a different tool. Please follow the instructions below and submit the two logs. Thank you.

 

Step#1 - FRST Scan
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

 


  • 0

#3
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Hi Brian

 

Thanks so much for getting back to me so quickly. 

 

I'll post the log you request ASAP. 


  • 0

#4
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
 
 
 
Here they are Brian
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Owner at 2014-11-07 14:37:46
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.26 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browsers+Apps+1.1 (HKLM-x32\...\Browsers+Apps+1.1) (Version: 1.35.9.29 - app)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Pro version 3.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2 - ) <==== ATTENTION
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HQuality-v3V06.11 (HKLM-x32\...\HQuality-v3V06.11) (Version: 1.35.9.29 - HQuality3V06.11)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.6 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PCBooster (HKLM-x32\...\{A92D9A4B-DA38-49DF-83C3-6742E0E5C2DE}) (Version: 1.0.0.0 - Portable Booster) <==== ATTENTION
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.26.7 - Client Connect LTD) <==== ATTENTION
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
Snap.Do (HKLM-x32\...\{8956ABAC-F1A3-4AED-9D71-10C9084C081D}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{6de696d5-8ec9-4cf5-9b3e-d049b8f46931}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-77919763-808462472-1795383770-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
28-10-2014 23:29:36 Scheduled Checkpoint
03-11-2014 16:46:23 Removed Realtek Card Reader
07-11-2014 01:27:47 Installed Java 7 Update 51
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2014-11-03 11:42 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0052B76E-E7AC-45C1-97D2-DC7C2D2B0146} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {008F1528-2535-40E8-A724-081B3DB433B9} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B235C81-D72B-4706-8E36-5467267D7815} - System32\Tasks\GQRWQQA => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {161A61AF-2517-4C61-8993-BAAFD5419017} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {1A2A3C01-85DA-4AF3-B901-74986F37F626} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {1C9A5C3E-A533-47C5-B79D-7B2F8C84D74E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {230864E9-9C8B-465E-A955-4A5E64251067} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {263343B5-D9A1-4487-8341-2B79AA5E742F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30565CD3-1B8B-4683-B962-BA6E3F4ED452} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-10-30] (MyPC Backup) <==== ATTENTION
Task: {33DF7CF5-E444-4630-BFDC-69C0DC1A0FA4} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\\WarningPopUp.exe [2014-09-23] (Microsoft)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {371057A4-4DAD-4189-8F57-F549A1C8DEB7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe [2014-11-01] (app)
Task: {38AE0A86-C497-438C-945E-A5E25908E06C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D569F1C-8F19-43BB-8E74-B866E00C589A} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe [2014-08-26] (PC Utilities Software Limited) <==== ATTENTION
Task: {43C46187-4D4F-4570-8134-5AE9496AA16C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {56E9A489-E4D9-4026-A0A9-6CC2EC7C76C6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe [2014-11-01] (app)
Task: {5A500579-64B5-408D-A92F-2D7F859F28F1} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe [2014-11-01] (app)
Task: {60E8AF3C-C697-4CA9-9D4E-E768E42C3C99} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {65B83C55-B8E8-4B2E-BDD5-590E73411B0A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {65D5802A-F244-4662-BD4A-E9EB841418D1} - System32\Tasks\CJVEYMH => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {687010BC-5B05-4D51-87E5-04FEA3202FA6} - System32\Tasks\WSE_Astromenda => C:\Users\Owner\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-11-03] ()
Task: {68B8E1EA-333D-49EA-AAFA-D1D437377EF6} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {68BDC6D4-BB1E-4446-8831-04C4455E8ADC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B1A2F52-8AA7-4C26-88CF-539AFB9FA2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6FAC7F05-BAE2-4810-8EED-B8EAFB80BC4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A3FD76A-5AAA-4BF4-8B46-70FF62B2EBB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89615320-542F-4388-BC42-80B36E5D5BDB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HPPAVILLION-Owner HpPavillion => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {8ABE6366-0E30-425E-B9C4-75A6F52BB490} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe [2014-11-01] (app)
Task: {8B931B31-8C61-41DA-AE11-91B43B9ED371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8C5ED063-EEBE-45FD-90C2-85520F0FB153} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1 => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F002EA7-E3D5-470B-98CE-D279791724FD} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8FA1B698-FD2C-4A79-9C59-C6BA26C34699} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {900E3E13-61F6-4AC7-AD53-39F7A320E5BB} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe [2014-11-01] (app)
Task: {90A39AB9-1F55-4720-BCA6-39B876D650BF} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {938BCB7F-5297-49E4-B4E6-7A16BCE07133} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A139DD2-E254-4E8D-9EC9-4119DE25B790} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A743A151-813F-4D56-A612-3EC1DD0F2070} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-09-23] (Portable Booster)
Task: {AEAAA720-5384-4023-A6D9-EA5E1D297CAA} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {B4BE5F03-91FD-4819-BE72-B2A38123B87F} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe [2014-11-01] (app)
Task: {BB6A1B03-30E9-4AD8-B9DD-930F29834D7B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BF061D0D-4BF0-4AB9-811B-8FFBFEC06668} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {C8583FB3-0176-4306-ADE2-44E0360933D1} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-09-23] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D12AD5D2-0819-45AC-9E8F-996A09B9A72D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {D658A849-3508-4367-BAAC-75C0998012C7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {D85C431B-0273-40A5-80AD-7EC4177B828B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1303E4E-4489-4037-81E7-6374D4E3BDD6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1 => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe [2014-11-01] (app)
Task: {E64193EF-23E8-42FD-A186-33AEF171B139} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EE905DC5-7EBF-4653-B612-41D97E16DAB0} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {F124C809-5676-4E10-BE70-41CF6A4D2A31} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {F61DA9E1-53F1-47AD-9F67-65817E502381} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {F7B46900-6F92-45F2-B3AC-112F077C9B25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {FD953208-83F1-49FD-AFE7-A8BA27D599A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe
Task: C:\Windows\Tasks\CJVEYMH.job => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GQRWQQA.job => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe <==== ATTENTION
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Owner\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-14 10:23 - 2013-10-14 10:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 10:24 - 2013-10-14 10:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 10:25 - 2013-10-14 10:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-30 06:30 - 2014-10-30 06:30 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-04-26 11:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-05 06:12 - 2014-11-02 15:57 - 00268600 _____ () C:\Windows\SysWOW64\dsrvprn.exe
2014-10-15 12:37 - 2014-10-15 12:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:04 - 2014-10-15 13:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-11-01 09:10 - 2014-11-01 02:52 - 04959744 _____ () C:\Windows\rcore.exe
2014-10-04 21:20 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-10-14 10:30 - 2013-10-14 10:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-10-30 06:38 - 2014-10-30 06:38 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00348384 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00076000 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
2014-09-26 05:29 - 2014-09-26 05:29 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2014-10-20 17:26 - 2014-11-06 20:27 - 00732128 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-09-25 06:38 - 2014-09-25 06:38 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2014-09-10 15:23 - 2014-09-10 15:23 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00379440 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00114920 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 23:30 - 2013-08-05 02:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-04 21:19 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 23:10 - 2013-08-09 07:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-11-06 09:56 - 2014-11-06 09:56 - 00141232 _____ () C:\Program Files (x86)\HQuality-v3V06.11\735bc018-0819-481a-b9a5-a4ce04286e14.dll
2014-11-01 09:14 - 2014-11-01 09:14 - 00137632 _____ () C:\Program Files (x86)\Browsers+Apps+1.1\78afd125-787b-4118-b897-5aaed76bee90.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00393728 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00788480 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ffmpegsumo.dll
2014-11-01 19:46 - 2013-12-03 21:48 - 13586896 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\pepflashplayer.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00092720 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00069168 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll
2014-10-24 08:50 - 2014-10-24 08:50 - 00035328 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00056880 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00119856 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00121904 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00100912 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll
2014-10-29 17:16 - 2014-10-21 23:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Owner\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-77919763-808462472-1795383770-500 - Administrator - Disabled)
Guest (S-1-5-21-77919763-808462472-1795383770-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-77919763-808462472-1795383770-1003 - Limited - Enabled)
Owner (S-1-5-21-77919763-808462472-1795383770-1001 - Administrator - Enabled) => C:\Users\Owner
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/07/2014 02:25:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (11/06/2014 07:55:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 38.0.2125.111, time stamp: 0x544712a1
Faulting module name: delegate_execute.exe, version: 38.0.2125.111, time stamp: 0x544712a1
Exception code: 0xc0000005
Fault offset: 0x00036d1b
Faulting process id: 0x3ee0
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report Id: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5
 
Error: (11/06/2014 09:55:59 AM) (Source: MsiInstaller) (EventID: 11309) (User: HPPAVILLION)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 
Error: (11/06/2014 09:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x5184
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/06/2014 06:06:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x528
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (11/06/2014 05:46:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1320
 
Start Time: 01cff9442f8ca3ae
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 31f99e4a-65a2-11e4-828b-a01d48dac7da
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (11/05/2014 09:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 38.0.2125.111, time stamp: 0x5447163b
Faulting module name: chrome.dll, version: 38.0.2125.111, time stamp: 0x54471342
Exception code: 0x80000003
Fault offset: 0x0084fc3e
Faulting process id: 0x24c0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/05/2014 07:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: igd10iumd32.dll, version: 10.18.10.3308, time stamp: 0x52379e8f
Exception code: 0xc0000005
Fault offset: 0x00079ff7
Faulting process id: 0x2010
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (11/05/2014 05:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AJvUhH.exe, version: 1.0.0.0, time stamp: 0x5449cb30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xc06d007e
Fault offset: 0x00012f71
Faulting process id: 0x1d1c
Faulting application start time: 0xAJvUhH.exe0
Faulting application path: AJvUhH.exe1
Faulting module path: AJvUhH.exe2
Report Id: AJvUhH.exe3
Faulting package full name: AJvUhH.exe4
Faulting package-relative application ID: AJvUhH.exe5
 
Error: (11/05/2014 05:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AJvUhH.exe, version: 1.0.0.0, time stamp: 0x5449cb30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xc06d007e
Fault offset: 0x00012f71
Faulting process id: 0x16e4
Faulting application start time: 0xAJvUhH.exe0
Faulting application path: AJvUhH.exe1
Faulting module path: AJvUhH.exe2
Report Id: AJvUhH.exe3
Faulting package full name: AJvUhH.exe4
Faulting package-relative application ID: AJvUhH.exe5
 
 
System errors:
=============
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4116) (User: HPPAVILLION)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4120) (User: HPPAVILLION)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (11/06/2014 08:17:47 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (11/05/2014 05:38:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The OATkuId service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/05/2014 04:56:47 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (11/05/2014 04:56:40 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:40 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:35 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:35 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:31 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
 
Microsoft Office Sessions:
=========================
Error: (11/07/2014 02:25:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (11/06/2014 07:55:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c000000500036d1b3ee001cffa257eb67a55C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exebd85580e-6618-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 09:55:59 AM) (Source: MsiInstaller) (EventID: 11309) (User: HPPAVILLION)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/06/2014 09:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a8000000300021880518401cff9cd760e13f8C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll7ef736fc-65c1-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 06:06:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17344541b6f63ntdll.dll6.3.9600.1727853eeb4a3c0000374000debd852801cff95afe55e08dC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dll0312d79b-65a5-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 05:46:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605132001cff9442f8ca3ae4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe31f99e4a-65a2-11e4-828b-a01d48dac7damicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (11/05/2014 09:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bchrome.dll38.0.2125.11154471342800000030084fc3e24c001cff94986fa25a6C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome.dll2b440ed0-655a-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 07:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17344541b6f63igd10iumd32.dll10.18.10.330852379e8fc000000500079ff7201001cff95a42ecf1a2C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\igd10iumd32.dll356444eb-654e-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 05:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AJvUhH.exe1.0.0.05449cb30KERNELBASE.dll6.3.9600.1727853eeb460c06d007e00012f711d1c01cff9492294ca4dC:\ProgramData\VCRZNU\dat\AJvUhH.exeC:\Windows\SYSTEM32\KERNELBASE.dll60487d50-653c-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 05:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AJvUhH.exe1.0.0.05449cb30KERNELBASE.dll6.3.9600.1727853eeb460c06d007e00012f7116e401cff948f0e22f9eC:\ProgramData\VCRZNU\dat\AJvUhH.exeC:\Windows\SYSTEM32\KERNELBASE.dll2e973061-653c-11e4-828b-a01d48dac7da
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-25 03:45:17.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:17.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.893
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.762
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4000M CPU @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 6059.57 MB
Available physical RAM: 2429.41 MB
Total Pagefile: 8861.27 MB
Available Pagefile: 4225.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:676.79 GB) (Free:571.17 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.07 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 24E7A700)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Owner at 2014-11-07 14:37:46
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.26 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browsers+Apps+1.1 (HKLM-x32\...\Browsers+Apps+1.1) (Version: 1.35.9.29 - app)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Pro version 3.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2 - ) <==== ATTENTION
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HQuality-v3V06.11 (HKLM-x32\...\HQuality-v3V06.11) (Version: 1.35.9.29 - HQuality3V06.11)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.6 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PCBooster (HKLM-x32\...\{A92D9A4B-DA38-49DF-83C3-6742E0E5C2DE}) (Version: 1.0.0.0 - Portable Booster) <==== ATTENTION
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.26.7 - Client Connect LTD) <==== ATTENTION
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
Snap.Do (HKLM-x32\...\{8956ABAC-F1A3-4AED-9D71-10C9084C081D}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{6de696d5-8ec9-4cf5-9b3e-d049b8f46931}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-77919763-808462472-1795383770-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
28-10-2014 23:29:36 Scheduled Checkpoint
03-11-2014 16:46:23 Removed Realtek Card Reader
07-11-2014 01:27:47 Installed Java 7 Update 51
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2014-11-03 11:42 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0052B76E-E7AC-45C1-97D2-DC7C2D2B0146} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {008F1528-2535-40E8-A724-081B3DB433B9} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B235C81-D72B-4706-8E36-5467267D7815} - System32\Tasks\GQRWQQA => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {161A61AF-2517-4C61-8993-BAAFD5419017} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {1A2A3C01-85DA-4AF3-B901-74986F37F626} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {1C9A5C3E-A533-47C5-B79D-7B2F8C84D74E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {230864E9-9C8B-465E-A955-4A5E64251067} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {263343B5-D9A1-4487-8341-2B79AA5E742F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30565CD3-1B8B-4683-B962-BA6E3F4ED452} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-10-30] (MyPC Backup) <==== ATTENTION
Task: {33DF7CF5-E444-4630-BFDC-69C0DC1A0FA4} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\\WarningPopUp.exe [2014-09-23] (Microsoft)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {371057A4-4DAD-4189-8F57-F549A1C8DEB7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe [2014-11-01] (app)
Task: {38AE0A86-C497-438C-945E-A5E25908E06C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D569F1C-8F19-43BB-8E74-B866E00C589A} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe [2014-08-26] (PC Utilities Software Limited) <==== ATTENTION
Task: {43C46187-4D4F-4570-8134-5AE9496AA16C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {56E9A489-E4D9-4026-A0A9-6CC2EC7C76C6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe [2014-11-01] (app)
Task: {5A500579-64B5-408D-A92F-2D7F859F28F1} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe [2014-11-01] (app)
Task: {60E8AF3C-C697-4CA9-9D4E-E768E42C3C99} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {65B83C55-B8E8-4B2E-BDD5-590E73411B0A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {65D5802A-F244-4662-BD4A-E9EB841418D1} - System32\Tasks\CJVEYMH => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {687010BC-5B05-4D51-87E5-04FEA3202FA6} - System32\Tasks\WSE_Astromenda => C:\Users\Owner\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-11-03] ()
Task: {68B8E1EA-333D-49EA-AAFA-D1D437377EF6} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {68BDC6D4-BB1E-4446-8831-04C4455E8ADC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B1A2F52-8AA7-4C26-88CF-539AFB9FA2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6FAC7F05-BAE2-4810-8EED-B8EAFB80BC4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A3FD76A-5AAA-4BF4-8B46-70FF62B2EBB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89615320-542F-4388-BC42-80B36E5D5BDB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HPPAVILLION-Owner HpPavillion => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {8ABE6366-0E30-425E-B9C4-75A6F52BB490} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe [2014-11-01] (app)
Task: {8B931B31-8C61-41DA-AE11-91B43B9ED371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8C5ED063-EEBE-45FD-90C2-85520F0FB153} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1 => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F002EA7-E3D5-470B-98CE-D279791724FD} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8FA1B698-FD2C-4A79-9C59-C6BA26C34699} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {900E3E13-61F6-4AC7-AD53-39F7A320E5BB} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe [2014-11-01] (app)
Task: {90A39AB9-1F55-4720-BCA6-39B876D650BF} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {938BCB7F-5297-49E4-B4E6-7A16BCE07133} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A139DD2-E254-4E8D-9EC9-4119DE25B790} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A743A151-813F-4D56-A612-3EC1DD0F2070} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-09-23] (Portable Booster)
Task: {AEAAA720-5384-4023-A6D9-EA5E1D297CAA} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {B4BE5F03-91FD-4819-BE72-B2A38123B87F} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe [2014-11-01] (app)
Task: {BB6A1B03-30E9-4AD8-B9DD-930F29834D7B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BF061D0D-4BF0-4AB9-811B-8FFBFEC06668} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {C8583FB3-0176-4306-ADE2-44E0360933D1} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-09-23] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D12AD5D2-0819-45AC-9E8F-996A09B9A72D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {D658A849-3508-4367-BAAC-75C0998012C7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {D85C431B-0273-40A5-80AD-7EC4177B828B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1303E4E-4489-4037-81E7-6374D4E3BDD6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1 => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe [2014-11-01] (app)
Task: {E64193EF-23E8-42FD-A186-33AEF171B139} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EE905DC5-7EBF-4653-B612-41D97E16DAB0} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {F124C809-5676-4E10-BE70-41CF6A4D2A31} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {F61DA9E1-53F1-47AD-9F67-65817E502381} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {F7B46900-6F92-45F2-B3AC-112F077C9B25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {FD953208-83F1-49FD-AFE7-A8BA27D599A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe
Task: C:\Windows\Tasks\CJVEYMH.job => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GQRWQQA.job => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe <==== ATTENTION
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Owner\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-14 10:23 - 2013-10-14 10:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 10:24 - 2013-10-14 10:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 10:25 - 2013-10-14 10:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-30 06:30 - 2014-10-30 06:30 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-04-26 11:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-05 06:12 - 2014-11-02 15:57 - 00268600 _____ () C:\Windows\SysWOW64\dsrvprn.exe
2014-10-15 12:37 - 2014-10-15 12:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:04 - 2014-10-15 13:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-11-01 09:10 - 2014-11-01 02:52 - 04959744 _____ () C:\Windows\rcore.exe
2014-10-04 21:20 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-10-14 10:30 - 2013-10-14 10:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-10-30 06:38 - 2014-10-30 06:38 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00348384 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00076000 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
2014-09-26 05:29 - 2014-09-26 05:29 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2014-10-20 17:26 - 2014-11-06 20:27 - 00732128 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-09-25 06:38 - 2014-09-25 06:38 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2014-09-10 15:23 - 2014-09-10 15:23 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00379440 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00114920 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 23:30 - 2013-08-05 02:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-04 21:19 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 23:10 - 2013-08-09 07:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-11-06 09:56 - 2014-11-06 09:56 - 00141232 _____ () C:\Program Files (x86)\HQuality-v3V06.11\735bc018-0819-481a-b9a5-a4ce04286e14.dll
2014-11-01 09:14 - 2014-11-01 09:14 - 00137632 _____ () C:\Program Files (x86)\Browsers+Apps+1.1\78afd125-787b-4118-b897-5aaed76bee90.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 17:16 - 2014-10-21 23:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00393728 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00788480 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ffmpegsumo.dll
2014-11-01 19:46 - 2013-12-03 21:48 - 13586896 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\pepflashplayer.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00092720 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00069168 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll
2014-10-24 08:50 - 2014-10-24 08:50 - 00035328 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00056880 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00119856 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00121904 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00100912 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll
2014-10-29 17:16 - 2014-10-21 23:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Owner\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-77919763-808462472-1795383770-500 - Administrator - Disabled)
Guest (S-1-5-21-77919763-808462472-1795383770-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-77919763-808462472-1795383770-1003 - Limited - Enabled)
Owner (S-1-5-21-77919763-808462472-1795383770-1001 - Administrator - Enabled) => C:\Users\Owner
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/07/2014 02:25:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (11/06/2014 07:55:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 38.0.2125.111, time stamp: 0x544712a1
Faulting module name: delegate_execute.exe, version: 38.0.2125.111, time stamp: 0x544712a1
Exception code: 0xc0000005
Fault offset: 0x00036d1b
Faulting process id: 0x3ee0
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report Id: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5
 
Error: (11/06/2014 09:55:59 AM) (Source: MsiInstaller) (EventID: 11309) (User: HPPAVILLION)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 
Error: (11/06/2014 09:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x5184
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/06/2014 06:06:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x528
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (11/06/2014 05:46:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1320
 
Start Time: 01cff9442f8ca3ae
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 31f99e4a-65a2-11e4-828b-a01d48dac7da
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (11/05/2014 09:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 38.0.2125.111, time stamp: 0x5447163b
Faulting module name: chrome.dll, version: 38.0.2125.111, time stamp: 0x54471342
Exception code: 0x80000003
Fault offset: 0x0084fc3e
Faulting process id: 0x24c0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/05/2014 07:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: igd10iumd32.dll, version: 10.18.10.3308, time stamp: 0x52379e8f
Exception code: 0xc0000005
Fault offset: 0x00079ff7
Faulting process id: 0x2010
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (11/05/2014 05:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AJvUhH.exe, version: 1.0.0.0, time stamp: 0x5449cb30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xc06d007e
Fault offset: 0x00012f71
Faulting process id: 0x1d1c
Faulting application start time: 0xAJvUhH.exe0
Faulting application path: AJvUhH.exe1
Faulting module path: AJvUhH.exe2
Report Id: AJvUhH.exe3
Faulting package full name: AJvUhH.exe4
Faulting package-relative application ID: AJvUhH.exe5
 
Error: (11/05/2014 05:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AJvUhH.exe, version: 1.0.0.0, time stamp: 0x5449cb30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xc06d007e
Fault offset: 0x00012f71
Faulting process id: 0x16e4
Faulting application start time: 0xAJvUhH.exe0
Faulting application path: AJvUhH.exe1
Faulting module path: AJvUhH.exe2
Report Id: AJvUhH.exe3
Faulting package full name: AJvUhH.exe4
Faulting package-relative application ID: AJvUhH.exe5
 
 
System errors:
=============
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4116) (User: HPPAVILLION)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4120) (User: HPPAVILLION)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (11/06/2014 08:17:47 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (11/05/2014 05:38:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The OATkuId service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/05/2014 04:56:47 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (11/05/2014 04:56:40 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:40 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:35 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:35 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/05/2014 04:56:31 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
 
Microsoft Office Sessions:
=========================
Error: (11/07/2014 02:25:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (11/06/2014 07:55:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c000000500036d1b3ee001cffa257eb67a55C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exebd85580e-6618-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 09:55:59 AM) (Source: MsiInstaller) (EventID: 11309) (User: HPPAVILLION)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/06/2014 09:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a8000000300021880518401cff9cd760e13f8C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll7ef736fc-65c1-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 06:06:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17344541b6f63ntdll.dll6.3.9600.1727853eeb4a3c0000374000debd852801cff95afe55e08dC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dll0312d79b-65a5-11e4-828b-a01d48dac7da
 
Error: (11/06/2014 05:46:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605132001cff9442f8ca3ae4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe31f99e4a-65a2-11e4-828b-a01d48dac7damicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (11/05/2014 09:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bchrome.dll38.0.2125.11154471342800000030084fc3e24c001cff94986fa25a6C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome.dll2b440ed0-655a-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 07:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17344541b6f63igd10iumd32.dll10.18.10.330852379e8fc000000500079ff7201001cff95a42ecf1a2C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\igd10iumd32.dll356444eb-654e-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 05:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AJvUhH.exe1.0.0.05449cb30KERNELBASE.dll6.3.9600.1727853eeb460c06d007e00012f711d1c01cff9492294ca4dC:\ProgramData\VCRZNU\dat\AJvUhH.exeC:\Windows\SYSTEM32\KERNELBASE.dll60487d50-653c-11e4-828b-a01d48dac7da
 
Error: (11/05/2014 05:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AJvUhH.exe1.0.0.05449cb30KERNELBASE.dll6.3.9600.1727853eeb460c06d007e00012f7116e401cff948f0e22f9eC:\ProgramData\VCRZNU\dat\AJvUhH.exeC:\Windows\SYSTEM32\KERNELBASE.dll2e973061-653c-11e4-828b-a01d48dac7da
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-25 03:45:17.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:17.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.893
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.762
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4000M CPU @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 6059.57 MB
Available physical RAM: 2429.41 MB
Total Pagefile: 8861.27 MB
Available Pagefile: 4225.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:676.79 GB) (Free:571.17 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.07 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 24E7A700)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#5
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Oops, it looks like you posted the Addition scan twice. Can you open up the FRST.txt file in your downloads folder and post the contents please?

 

Thanks.


  • 0

#6
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

My apologies Brian. I'm attempting to get my co-worker to forward the file. 


  • 0

#7
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Do you personally have physical access to the machine?


  • 0

#8
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

 I do now Brian.  My friend mistakenly gave me duplicates of the original scan. Here are two from today.

 

 

 

 

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Owner (administrator) on HPPAVILLION on 10-11-2014 09:49:00
Running from C:\Users\Owner\Downloads
Loaded Profile: Owner (Available profiles: Owner)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\dsrvprn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
() C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Weather Notifications, LLC) C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Driver Pro\DPTray.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
(Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ospd_us_349] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-21] (Google Inc.)
HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\Run: [pcboost] => C:\Program Files (x86)\Portable Booster\JHSoft_PC_BoosterAuto.exe [1446152 2014-09-23] (Software)
AppInit_DLLs: C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [77856 2014-11-01] ()
AppInit_DLLs-x32: c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll => c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll [67104 2014-11-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
BootExecute: autocheck autochk * bddel.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.co...r=106507692&ir=
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {82490D63-CD3D-492D-A8FB-1A26C085BC42} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=456815432&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=456815432&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
Toolbar: HKLM-x32 - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 207.172.3.8
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{BF883488-0379-470e-8BF2-C5D1F3828428}] - C:\Program Files\Shop For Rewards\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BF883488-0379-470e-8BF2-C5D1F3828428}] - C:\Program Files\Shop For Rewards\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-09-05]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330394&octid=EB_ORIGINAL_CTID&ISID=ME102B91A-A79C-4FCF-B3C0-DD4C6A5AB8C9&SearchSource=55&CUI=&UM=6&UP=SPAC1F7BEC-782D-463C-81D2-E4E44DF1F3D9&SSPV=", "hxxp://search.conduit.com/?ctid=CT3317822&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2520F31A-7AA7-4B22-BDE3-CE7CC94F140F&SSPV=", "hxxp://mysearch.avg.com/?cid={EAA7AA15-D81A-43A5-B32E-9F6E7CF4F37F}&mid=8663c7dcad4e47d2a1376939b21ce5e1-3e07e213711093ba2a513882b8c4339a3739fffa&lang=en&ds=ub011&coid=avgtbdisub&cmpid=&pr=sa&d=2014-02-06%2021:07:48&v=17.3.1.204&pid=safeguard&sg=&sap=hp", "hxxp://astromenda.com/?f=7&a=ast_cmi_14_45_ch&cd=2XzuyEtN2Y1L1Qzu0AtDtC0DyEzz0D0A0CyB0D0AtBzz0E0AtN0D0Tzu0StCtDtAzztN1L2XzutAtFyCtFtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0A0BtCyD0FzzzytGtD0EtCtAtGtC0FyC0CtG0A0Czy0DtGtAyCtBtBzz0CtAyBtDtCyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0FyB0CyEzz0C0CtGyEzytCtCtGyE0D0D0FtG0Bzy0DyBtGzz0DyEzytCyCyB0Czy0FtD0F2Q&cr=456815432&ir=", "hxxp://www.v9.com/?type=hp&ts=1415323537&from=pjr&uid=TOSHIBAXMQ01ABD075_Z3GCS98OSXXZ3GCS98OS&i=psd&t=34b993bae"
CHR DefaultSearchKeyword: Default -> v9
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee SafeKey) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2014-04-06]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-03]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (Browsers+Apps+1.1) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago [2014-11-01]
CHR Extension: (Value apps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR Extension: (Astromenda New Tab) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-11-01]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2014-04-06]
CHR StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0169201415271479mcinstcleanup; C:\Windows\TEMP\016920~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-10-30] (Just Develop It) <==== ATTENTION
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
R2 dsrvprn; C:\Windows\SysWOW64\dsrvprn.exe [268600 2014-11-02] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-06] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S4 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-10-28] () [File not signed] <==== ATTENTION
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [492496 2014-11-02] (Client Connect LTD)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows ® Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S1 HMD; C:\Windows\system32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-04-27] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 RTSPER; \SystemRoot\system32\DRIVERS\RtsPer.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-10 09:47 - 2014-11-10 09:47 - 02116096 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2014-11-08 20:55 - 2014-11-08 20:55 - 00812104 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 919136.crdownload
2014-11-08 17:58 - 2014-11-08 17:58 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 12035.crdownload
2014-11-08 17:57 - 2014-11-08 17:57 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 73211.crdownload
2014-11-08 17:56 - 2014-11-08 17:56 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 698877.crdownload
2014-11-08 17:56 - 2014-11-08 17:56 - 00754416 _____ () C:\Users\Owner\Downloads\Unconfirmed 585152.crdownload
2014-11-08 17:23 - 2014-11-08 17:23 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 232461.crdownload
2014-11-08 17:22 - 2014-11-08 17:23 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 79525.crdownload
2014-11-08 17:22 - 2014-11-08 17:22 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 407466.crdownload
2014-11-08 17:21 - 2014-11-08 17:21 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 847306.crdownload
2014-11-08 17:21 - 2014-11-08 17:21 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 17111.crdownload
2014-11-08 17:20 - 2014-11-08 17:20 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 90195.crdownload
2014-11-08 17:20 - 2014-11-08 17:20 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 791496.crdownload
2014-11-08 17:19 - 2014-11-08 17:19 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 841863.crdownload
2014-11-08 17:19 - 2014-11-08 17:19 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 377219.crdownload
2014-11-08 17:18 - 2014-11-08 17:18 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 522373.crdownload
2014-11-08 17:18 - 2014-11-08 17:18 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 143598.crdownload
2014-11-08 17:17 - 2014-11-08 17:17 - 00834864 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 858262.crdownload
2014-11-07 20:07 - 2014-11-07 20:13 - 01056608 _____ (Installer Setup ) C:\Users\Owner\Downloads\Unconfirmed 116867.crdownload
2014-11-07 20:00 - 2014-11-07 20:00 - 00843088 _____ () C:\Users\Owner\Downloads\Unconfirmed 371556.crdownload
2014-11-07 19:59 - 2014-11-07 20:00 - 00812104 _____ () C:\Users\Owner\Downloads\Unconfirmed 806457.crdownload
2014-11-07 19:03 - 2014-11-07 19:05 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-11-07 19:03 - 2014-11-07 19:05 - 00010234 _____ () C:\Windows\system32\bddel.dat
2014-11-07 18:51 - 2014-11-07 18:51 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 769484.crdownload
2014-11-07 18:51 - 2014-11-07 18:51 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 13092.crdownload
2014-11-07 18:50 - 2014-11-07 18:50 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 166622.crdownload
2014-11-07 18:50 - 2014-11-07 18:50 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 150246.crdownload
2014-11-07 18:49 - 2014-11-07 18:49 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 960475.crdownload
2014-11-07 18:49 - 2014-11-07 18:49 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 815546.crdownload
2014-11-07 18:49 - 2014-11-07 18:49 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 804914.crdownload
2014-11-07 18:48 - 2014-11-07 18:48 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 556920.crdownload
2014-11-07 18:48 - 2014-11-07 18:48 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 40971.crdownload
2014-11-07 18:47 - 2014-11-07 18:47 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 972208.crdownload
2014-11-07 18:47 - 2014-11-07 18:47 - 00810304 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 595337.crdownload
2014-11-07 14:43 - 2014-11-07 14:43 - 00060099 _____ () C:\Users\Owner\Desktop\Etsuko scan 11-7 2.txt
2014-11-07 14:41 - 2014-11-07 14:41 - 00060274 _____ () C:\Users\Owner\Desktop\Etsuko scan 11-7.txt
2014-11-07 14:37 - 2014-11-07 14:44 - 00060537 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-11-07 14:35 - 2014-11-10 09:55 - 00041896 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-11-07 14:34 - 2014-11-10 09:50 - 00000000 ____D () C:\FRST
2014-11-07 14:34 - 2014-11-07 14:34 - 02114560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-11-06 20:30 - 2014-11-06 20:30 - 00002036 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-11-06 20:30 - 2014-11-06 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-11-06 20:30 - 2014-11-06 20:30 - 00000000 ____D () C:\ProgramData\COMODO
2014-11-06 20:30 - 2014-11-06 20:30 - 00000000 ____D () C:\Program Files\COMODO
2014-11-06 20:29 - 2014-11-06 20:29 - 00000000 ____D () C:\ProgramData\Sun
2014-11-06 20:29 - 2014-11-06 20:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-06 20:29 - 2014-11-06 20:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-06 20:28 - 2014-11-06 20:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-06 20:28 - 2014-11-06 20:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-06 20:28 - 2014-11-06 20:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-06 20:28 - 2014-11-06 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-06 20:28 - 2014-11-06 20:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-06 20:27 - 2014-11-07 19:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-06 20:26 - 2014-11-07 19:03 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-11-06 20:26 - 2014-11-06 20:26 - 00003742 _____ () C:\Windows\System32\Tasks\boosterpop
2014-11-06 20:26 - 2014-11-06 20:26 - 00003638 _____ () C:\Windows\System32\Tasks\IEError
2014-11-06 20:26 - 2014-11-06 20:26 - 00003484 _____ () C:\Windows\System32\Tasks\AI_Updater
2014-11-06 20:25 - 2014-11-07 18:27 - 00000000 ____D () C:\Program Files (x86)\Portable Booster
2014-11-06 20:25 - 2014-11-06 20:25 - 00001037 _____ () C:\Users\Public\Desktop\PCBooster.lnk
2014-11-06 20:25 - 2014-11-06 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster
2014-11-06 20:24 - 2014-11-06 20:27 - 00000000 ____D () C:\Users\Owner\Documents\Java
2014-11-06 20:23 - 2014-11-06 20:23 - 00631656 _____ () C:\Users\Owner\Downloads\setup (6).exe
2014-11-06 15:57 - 2014-11-06 15:57 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 246107.crdownload
2014-11-06 15:57 - 2014-11-06 15:57 - 00214576 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 226039.crdownload
2014-11-06 15:57 - 2014-11-06 15:57 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 977101.crdownload
2014-11-06 15:57 - 2014-11-06 15:57 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 335304.crdownload
2014-11-06 15:56 - 2014-11-06 15:56 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 604709.crdownload
2014-11-06 15:56 - 2014-11-06 15:56 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 328303.crdownload
2014-11-06 15:56 - 2014-11-06 15:56 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 313744.crdownload
2014-11-06 15:56 - 2014-11-06 15:56 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 700388.crdownload
2014-11-06 15:56 - 2014-11-06 15:56 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 693414.crdownload
2014-11-06 15:55 - 2014-11-06 15:55 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 303912.crdownload
2014-11-06 15:55 - 2014-11-06 15:55 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 174953.crdownload
2014-11-06 15:55 - 2014-11-06 15:55 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 796697.crdownload
2014-11-06 15:54 - 2014-11-06 15:54 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 675908.crdownload
2014-11-06 15:54 - 2014-11-06 15:54 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 167865.crdownload
2014-11-06 15:54 - 2014-11-06 15:54 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 938750.crdownload
2014-11-06 15:54 - 2014-11-06 15:54 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 303461.crdownload
2014-11-06 15:54 - 2014-11-06 15:54 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 235645.crdownload
2014-11-06 15:53 - 2014-11-06 15:53 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 658083.crdownload
2014-11-06 15:53 - 2014-11-06 15:53 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 371779.crdownload
2014-11-06 15:53 - 2014-11-06 15:53 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 407811.crdownload
2014-11-06 15:52 - 2014-11-06 15:52 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 676162.crdownload
2014-11-06 15:52 - 2014-11-06 15:52 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 626769.crdownload
2014-11-06 15:52 - 2014-11-06 15:52 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 720238.crdownload
2014-11-06 15:52 - 2014-11-06 15:52 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 280317.crdownload
2014-11-06 15:51 - 2014-11-06 15:51 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 922744.crdownload
2014-11-06 15:51 - 2014-11-06 15:51 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 196273.crdownload
2014-11-06 15:51 - 2014-11-06 15:51 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 913032.crdownload
2014-11-06 15:50 - 2014-11-06 15:51 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 300172.crdownload
2014-11-06 15:50 - 2014-11-06 15:50 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 178973.crdownload
2014-11-06 15:50 - 2014-11-06 15:50 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 246948.crdownload
2014-11-06 15:50 - 2014-11-06 15:50 - 00081208 _____ (Fusion Install ) C:\Users\Owner\Downloads\Unconfirmed 193482.crdownload
2014-11-06 13:21 - 2014-11-06 13:21 - 00024833 _____ () C:\Users\Owner\Downloads\news-1.rss
2014-11-06 09:56 - 2014-11-07 18:56 - 00004174 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00004174 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00003830 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00003474 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00002462 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00002462 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00002126 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00001364 _____ () C:\Windows\Tasks\GQRWQQA.job
2014-11-06 09:56 - 2014-11-06 09:56 - 01535408 _____ (HQuality3V06.11) C:\Users\Owner\AppData\Roaming\GQRWQQA.exe
2014-11-06 09:56 - 2014-11-06 09:56 - 00007178 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6
2014-11-06 09:56 - 2014-11-06 09:56 - 00007178 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4
2014-11-06 09:56 - 2014-11-06 09:56 - 00006834 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7
2014-11-06 09:56 - 2014-11-06 09:56 - 00006478 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1
2014-11-06 09:56 - 2014-11-06 09:56 - 00005466 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5
2014-11-06 09:56 - 2014-11-06 09:56 - 00005130 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2
2014-11-06 09:56 - 2014-11-06 09:56 - 00004376 _____ () C:\Windows\System32\Tasks\GQRWQQA
2014-11-06 09:55 - 2014-11-07 19:03 - 00000000 ____D () C:\Program Files (x86)\HQuality-v3V06.11
2014-11-06 09:55 - 2014-11-07 18:11 - 00005200 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job
2014-11-06 09:55 - 2014-11-07 18:11 - 00004510 _____ () C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job
2014-11-06 09:55 - 2014-11-07 18:11 - 00001708 _____ () C:\Windows\Tasks\CJVEYMH.job
2014-11-06 09:55 - 2014-11-06 16:00 - 00000986 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-06 09:55 - 2014-11-06 09:55 - 02021296 _____ (HQuality3V06.11) C:\Users\Owner\AppData\Roaming\CJVEYMH.exe
2014-11-06 09:55 - 2014-11-06 09:55 - 00008204 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11
2014-11-06 09:55 - 2014-11-06 09:55 - 00007514 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3
2014-11-06 09:55 - 2014-11-06 09:55 - 00004718 _____ () C:\Windows\System32\Tasks\CJVEYMH
2014-11-06 09:55 - 2014-11-06 09:55 - 00003958 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-11-06 09:47 - 2014-11-06 09:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\VOPackage
2014-11-06 09:47 - 2014-11-06 09:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-11-06 09:30 - 2014-11-06 09:30 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 62274.crdownload
2014-11-06 05:48 - 2014-11-06 05:48 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL (2).com
2014-11-05 21:29 - 2014-11-05 21:29 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 71321.crdownload
2014-11-05 21:29 - 2014-11-05 21:29 - 00645696 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 449320.crdownload
2014-11-05 21:28 - 2014-11-05 21:28 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 605975.crdownload
2014-11-05 21:28 - 2014-11-05 21:28 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 245318.crdownload
2014-11-05 21:27 - 2014-11-05 21:27 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 717456.crdownload
2014-11-05 21:27 - 2014-11-05 21:27 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 461558.crdownload
2014-11-05 21:26 - 2014-11-05 21:26 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 556544.crdownload
2014-11-05 21:26 - 2014-11-05 21:26 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 294473.crdownload
2014-11-05 21:25 - 2014-11-05 21:26 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 129172.crdownload
2014-11-05 21:25 - 2014-11-05 21:25 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 221031.crdownload
2014-11-05 21:24 - 2014-11-05 21:24 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 467200.crdownload
2014-11-05 21:24 - 2014-11-05 21:24 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 425930.crdownload
2014-11-05 21:23 - 2014-11-05 21:24 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 333167.crdownload
2014-11-05 21:23 - 2014-11-05 21:23 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 433286.crdownload
2014-11-05 21:22 - 2014-11-05 21:22 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 900949.crdownload
2014-11-05 21:22 - 2014-11-05 21:22 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 828716.crdownload
2014-11-05 06:12 - 2014-11-05 17:27 - 00000000 ____D () C:\Program Files\Shop For Rewards
2014-11-05 06:12 - 2014-11-05 06:12 - 01482640 _____ () C:\ProgramData\Setup.exe
2014-11-05 06:12 - 2014-11-05 06:12 - 00000045 _____ () C:\user.js
2014-11-05 06:12 - 2014-11-02 15:57 - 00268600 _____ () C:\Windows\SysWOW64\dsrvprn.exe
2014-11-05 00:34 - 2014-11-05 00:34 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 743848.crdownload
2014-11-05 00:33 - 2014-11-05 00:33 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 786061.crdownload
2014-11-05 00:33 - 2014-11-05 00:33 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 559955.crdownload
2014-11-05 00:32 - 2014-11-05 00:32 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 910248.crdownload
2014-11-05 00:32 - 2014-11-05 00:32 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 149457.crdownload
2014-11-05 00:01 - 2014-11-05 00:01 - 00753000 _____ () C:\Users\Owner\Downloads\Unconfirmed 136364.crdownload
2014-11-04 23:32 - 2014-11-04 23:32 - 00898600 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 667318.crdownload
2014-11-04 22:30 - 2014-11-04 22:30 - 00944488 _____ (Download Assistant ) C:\Users\Owner\Downloads\Unconfirmed 167514.crdownload
2014-11-04 21:48 - 2014-11-05 06:12 - 00000000 ____D () C:\ProgramData\Browser
2014-11-03 11:53 - 2014-11-03 11:53 - 00003104 _____ () C:\Windows\System32\Tasks\{5AA26A89-6E5D-49A8-B570-B6A8ECE2D7A7}
2014-11-03 11:19 - 2014-11-03 11:19 - 00000000 ____D () C:\Program Files (x86)\predm
2014-11-03 11:10 - 2014-11-03 11:10 - 00715920 _____ ( ) C:\Users\Owner\Downloads\Unconfirmed 467294.crdownload
2014-11-03 11:09 - 2014-11-03 11:09 - 00281266 _____ () C:\Users\Owner\Desktop\Etsuko scan.txt
2014-11-03 11:02 - 2014-11-03 11:04 - 00102150 _____ () C:\Users\Owner\Downloads\62B4.tmp
2014-11-03 11:00 - 2014-11-03 11:00 - 00172936 _____ () C:\Users\Owner\Downloads\Unconfirmed 154758.crdownload
2014-11-03 10:58 - 2014-11-03 10:58 - 00079100 _____ () C:\Users\Owner\Downloads\Extras.Txt
2014-11-03 10:53 - 2014-11-06 06:41 - 00183376 _____ () C:\Users\Owner\Downloads\OTL.Txt
2014-11-03 10:18 - 2014-11-03 10:18 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL.com
2014-11-03 10:18 - 2014-11-03 10:18 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL (1).com
2014-11-03 10:12 - 2014-11-03 10:12 - 00000000 ____D () C:\ProgramData\374311380
2014-11-03 07:18 - 2014-11-03 07:18 - 00022528 _____ () C:\Users\Owner\AppData\Local\84021875dsisetup840276712.exe
2014-11-03 07:18 - 2014-11-03 07:18 - 00000001 _____ () C:\Users\Owner\AppData\Local\DSI.DAT
2014-11-02 20:39 - 2014-11-02 20:39 - 00944472 _____ (Download Assistant ) C:\Users\Owner\Downloads\Unconfirmed 523421.crdownload
2014-11-02 19:21 - 2014-11-02 19:23 - 03437344 _____ (tuneuppro.com ) C:\Users\Owner\Downloads\Unconfirmed 571232.crdownload
2014-11-02 19:13 - 2014-11-02 19:13 - 00088271 _____ () C:\Users\Owner\Downloads\Unconfirmed 107978.crdownload
2014-11-02 18:23 - 2014-11-02 18:23 - 00106351 _____ () C:\Users\Owner\Downloads\Unconfirmed 362760.crdownload
2014-11-02 16:31 - 2014-11-02 16:31 - 00349944 _____ () C:\Users\Owner\Downloads\Unconfirmed 173823.crdownload
2014-11-02 13:50 - 2014-11-02 13:51 - 00106351 _____ () C:\Users\Owner\Downloads\Unconfirmed 399409.crdownload
2014-11-02 12:54 - 2014-11-02 12:54 - 00843112 _____ () C:\Users\Owner\Downloads\Unconfirmed 735012.crdownload
2014-11-02 12:47 - 2014-11-02 12:48 - 00036571 _____ () C:\Users\Owner\Downloads\C5A4.tmp
2014-11-02 11:57 - 2014-11-02 11:57 - 00000000 ____D () C:\TVWizard
2014-11-02 08:07 - 2014-11-02 08:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\SearchProtect
2014-11-02 08:07 - 2014-11-02 08:07 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-02 08:06 - 2014-11-02 08:06 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2014-11-01 20:08 - 2014-11-02 12:08 - 00000000 ____D () C:\ProgramData\e435d908-8e15-4e0c-ae35-3dc1cb10ee1e
2014-11-01 19:43 - 2014-11-01 19:46 - 00000000 ____D () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r
2014-11-01 19:43 - 2014-11-01 19:43 - 00004604 _____ () C:\Windows\System32\Tasks\IC Runner Procedure
2014-11-01 19:08 - 2014-11-01 19:08 - 02404352 _____ (Ing Group Software) C:\Users\Owner\Downloads\Unconfirmed 171719.crdownload
2014-11-01 19:08 - 2014-11-01 19:08 - 00386664 _____ (TDSDM) C:\Users\Owner\Downloads\Setup (5).exe
2014-11-01 19:07 - 2014-11-01 19:07 - 02404352 _____ (Ing Group Software) C:\Users\Owner\Downloads\Unconfirmed 501155.crdownload
2014-11-01 19:06 - 2014-11-01 19:07 - 02404352 _____ (Ing Group Software) C:\Users\Owner\Downloads\Unconfirmed 758382.crdownload
2014-11-01 19:06 - 2014-11-01 19:06 - 02404352 _____ (Ing Group Software) C:\Users\Owner\Downloads\Unconfirmed 485787.crdownload
2014-11-01 10:18 - 2014-11-10 00:23 - 00000128 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
2014-11-01 09:18 - 2014-11-07 18:23 - 00000316 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-11-01 09:18 - 2014-11-03 11:54 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Systweak
2014-11-01 09:18 - 2014-11-03 11:23 - 00002654 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-11-01 09:18 - 2014-11-03 11:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WSE_Astromenda
2014-11-01 09:18 - 2014-11-01 09:18 - 00000268 _____ () C:\Users\Owner\Desktop\Cut the Rope.url
2014-11-01 09:18 - 2014-10-06 16:36 - 00020296 _____ () C:\Windows\system32\roboot64.exe
2014-11-01 09:17 - 2014-11-01 19:42 - 00000000 ____D () C:\ProgramData\Unchecky
2014-11-01 09:17 - 2014-11-01 09:17 - 00000000 ____D () C:\Program Files\TermTutor
2014-11-01 09:17 - 2014-11-01 09:17 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-11-01 09:15 - 2014-11-07 18:11 - 00002462 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job
2014-11-01 09:15 - 2014-11-07 18:11 - 00002462 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job
2014-11-01 09:15 - 2014-11-01 09:15 - 00005466 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5
2014-11-01 09:14 - 2014-11-07 18:11 - 00004174 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job
2014-11-01 09:14 - 2014-11-07 18:11 - 00003474 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job
2014-11-01 09:14 - 2014-11-07 18:11 - 00002126 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job
2014-11-01 09:14 - 2014-11-01 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-11-01 09:14 - 2014-11-01 09:14 - 01498016 _____ (app) C:\Users\Owner\AppData\Roaming\QTYSGV.exe
2014-11-01 09:14 - 2014-11-01 09:14 - 00007178 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4
2014-11-01 09:14 - 2014-11-01 09:14 - 00006478 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1
2014-11-01 09:14 - 2014-11-01 09:14 - 00005130 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2
2014-11-01 09:14 - 2014-11-01 09:14 - 00001125 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-11-01 09:14 - 2014-11-01 09:14 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-11-01 09:13 - 2014-11-07 18:16 - 00004510 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job
2014-11-01 09:13 - 2014-11-07 18:13 - 00004174 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job
2014-11-01 09:13 - 2014-11-07 18:11 - 00005200 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job
2014-11-01 09:13 - 2014-11-07 18:11 - 00003830 _____ () C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job
2014-11-01 09:13 - 2014-11-07 18:11 - 00000982 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-01 09:13 - 2014-11-06 20:58 - 00000000 ____D () C:\Program Files (x86)\Browsers+Apps+1.1
2014-11-01 09:13 - 2014-11-06 09:55 - 00003722 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-11-01 09:13 - 2014-11-01 09:13 - 01974688 _____ (app) C:\Users\Owner\AppData\Roaming\YLEIWO.exe
2014-11-01 09:13 - 2014-11-01 09:13 - 00008204 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11
2014-11-01 09:13 - 2014-11-01 09:13 - 00007514 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3
2014-11-01 09:13 - 2014-11-01 09:13 - 00007178 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6
2014-11-01 09:13 - 2014-11-01 09:13 - 00006834 _____ () C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7
2014-11-01 09:13 - 2014-11-01 09:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\globalUpdate
2014-11-01 09:13 - 2014-11-01 09:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-11-01 09:12 - 2014-11-06 10:46 - 00000000 ___HD () C:\Users\Public\Temp
2014-11-01 09:12 - 2014-11-01 09:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\LPT
2014-11-01 09:12 - 2014-11-01 09:12 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smartbar
2014-11-01 09:11 - 2014-11-01 09:11 - 00001984 _____ () C:\Users\Owner\Desktop\Sync Folder.lnk
2014-11-01 09:11 - 2014-11-01 09:11 - 00000000 ____D () C:\Users\Owner\Documents\Optimizer Pro
2014-11-01 09:10 - 2014-11-03 11:33 - 00000000 ____D () C:\Program Files (x86)\Consumer Input
2014-11-01 09:10 - 2014-11-03 08:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-01 09:10 - 2014-11-01 09:38 - 00001929 _____ () C:\Windows\patsearch.bin
2014-11-01 09:10 - 2014-11-01 09:10 - 00001102 _____ () C:\Users\Owner\Desktop\MyPC Backup.lnk
2014-11-01 09:10 - 2014-11-01 09:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-11-01 09:10 - 2014-11-01 09:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-11-01 09:09 - 2014-11-01 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-11-01 09:08 - 2014-11-06 09:57 - 00000004 _____ () C:\end
2014-10-25 20:47 - 2014-10-25 20:47 - 00073656 _____ () C:\Users\Owner\Downloads\FLVPlayer-Chrome.exe
2014-10-24 19:23 - 2014-10-24 19:23 - 00366056 _____ () C:\Users\Owner\Downloads\Player Setup.exe
2014-10-19 19:52 - 2014-10-19 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-19 19:50 - 2014-10-19 19:50 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-19 19:47 - 2014-10-19 19:47 - 01753736 _____ () C:\Users\Owner\Downloads\Adaware_Installer (1).exe
2014-10-15 14:47 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 14:47 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-15 14:47 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-15 14:47 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-15 14:46 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 14:46 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 14:46 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 14:46 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 14:46 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 14:46 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 14:46 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 14:46 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 14:46 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 14:46 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 14:46 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 14:46 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 14:46 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 14:46 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 14:46 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 14:46 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 14:46 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 14:46 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 14:46 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 14:46 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 14:46 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 14:46 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 14:46 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 14:46 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 14:46 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 14:46 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 14:46 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 14:46 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 14:46 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 14:46 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 14:46 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-15 14:46 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-15 14:46 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-15 14:46 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-15 14:46 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-15 14:46 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-15 14:46 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 14:46 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-15 14:46 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-15 14:46 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-15 14:46 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-15 14:46 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-15 14:46 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-15 14:46 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-15 14:44 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 14:44 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 14:44 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 14:44 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 14:44 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-15 14:44 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-15 14:44 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-15 14:44 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-15 14:44 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-15 14:44 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-15 14:44 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-15 14:44 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-15 14:44 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-15 14:44 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-15 14:44 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-15 14:44 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 14:44 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-15 14:44 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-15 14:44 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-15 14:44 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-15 14:44 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-15 14:44 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-15 14:44 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-15 14:44 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:44 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-15 14:44 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 14:44 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-15 14:44 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:44 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-15 14:44 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 14:44 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-15 14:44 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 14:44 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-15 14:44 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-15 14:44 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-15 14:44 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-15 14:44 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 14:44 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-15 14:44 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-15 14:42 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 14:42 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 14:42 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 14:42 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 14:42 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 14:42 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-15 14:42 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-15 14:42 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-10 09:46 - 2014-08-30 14:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\SevereWeatherAlerts
2014-11-10 09:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-11-10 08:57 - 2014-02-22 18:20 - 01476734 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 08:37 - 2014-08-30 14:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Driver Pro
2014-11-10 08:36 - 2014-08-30 14:33 - 00003228 _____ () C:\Windows\System32\Tasks\Driver Pro Schedule
2014-11-10 08:33 - 2014-02-22 18:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{50E71491-A125-42E1-8253-648F19D90BBC}
2014-11-09 17:34 - 2014-02-22 18:28 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-77919763-808462472-1795383770-1001
2014-11-09 17:29 - 2014-03-04 19:31 - 00001867 _____ () C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2014-11-09 17:29 - 2013-09-05 22:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-11-09 13:06 - 2014-04-20 09:01 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-09 13:06 - 2014-04-20 09:00 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-09 08:35 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-11-07 18:35 - 2014-07-10 18:31 - 00004984 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for HPPAVILLION-Owner HpPavillion
2014-11-07 18:15 - 2014-06-19 05:04 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610.job
2014-11-07 18:13 - 2014-02-22 18:45 - 00000000 ___DO () C:\Users\Owner\SkyDrive
2014-11-07 18:13 - 2014-02-22 18:24 - 00000000 ____D () C:\Users\Owner\Documents\Youcam
2014-11-07 18:11 - 2014-02-22 18:49 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-06 09:40 - 2014-04-28 20:59 - 00003170 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForOwner
2014-11-06 09:40 - 2014-04-28 20:59 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForOwner.job
2014-11-06 05:57 - 2013-09-05 23:31 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-11-05 17:02 - 2014-02-22 18:22 - 00000000 ____D () C:\Users\Owner
2014-11-05 17:01 - 2014-09-05 20:58 - 00002336 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-11-05 17:01 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-05 17:00 - 2013-08-26 01:01 - 00053112 _____ () C:\Windows\PFRO.log
2014-11-05 02:43 - 2014-08-30 14:20 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-11-03 11:46 - 2013-09-05 23:11 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-03 11:44 - 2013-09-05 22:34 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-03 11:44 - 2013-09-05 22:34 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-11-03 11:38 - 2013-08-26 01:09 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 11:32 - 2013-08-22 08:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-11-03 10:17 - 2013-09-05 22:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-03 08:54 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-11-03 08:50 - 2013-08-22 08:25 - 00000226 _____ () C:\Windows\win.ini
2014-11-02 07:17 - 2014-03-27 18:37 - 00154112 ___SH () C:\Users\Owner\Downloads\Thumbs.db
2014-11-02 07:16 - 2014-02-22 20:56 - 00000000 ____D () C:\Users\Owner\Downloads\Lee Harris
2014-11-01 09:14 - 2014-02-22 18:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-01 09:14 - 2014-02-22 18:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-11-01 09:11 - 2014-08-30 14:19 - 00004032 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-11-01 09:10 - 2013-08-22 09:46 - 00035471 _____ () C:\Windows\setupact.log
2014-10-29 17:16 - 2014-02-22 18:50 - 00002210 _____ () C:\Users\Public\Desktop\google chrome.lnk
2014-10-24 16:54 - 2014-02-22 18:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-19 08:09 - 2014-06-19 05:04 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610
2014-10-19 08:09 - 2014-02-22 18:49 - 00003666 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 08:05 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-10-18 07:29 - 2013-08-22 09:44 - 00384320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 07:24 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-18 07:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-18 07:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-18 07:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-18 07:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-17 05:59 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-17 05:58 - 2014-02-25 20:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 05:52 - 2014-02-25 20:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 05:50 - 2014-07-09 06:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
 
Files to move or delete:
====================
C:\ProgramData\Setup.exe
 
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\104630CE-A29A-07FE-EA56-0A24EAF73328.dll
C:\Users\Owner\AppData\Local\Temp\104630CE-A29A-07FE-EA56-0A24EAF73328.exe
C:\Users\Owner\AppData\Local\Temp\5b0254c3-a34d-4f29-83e5-6ad52d8266e3.exe
C:\Users\Owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Owner\AppData\Local\Temp\CloudBackup4493.exe
C:\Users\Owner\AppData\Local\Temp\COMAP.EXE
C:\Users\Owner\AppData\Local\Temp\Compete_setup.exe
C:\Users\Owner\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Owner\AppData\Local\Temp\drvprosetup.exe
C:\Users\Owner\AppData\Local\Temp\Extract.exe
C:\Users\Owner\AppData\Local\Temp\hbk.exe
C:\Users\Owner\AppData\Local\Temp\HDQuality_setup.exe
C:\Users\Owner\AppData\Local\Temp\HPConnectedMusicInstaller_100100112.exe
C:\Users\Owner\AppData\Local\Temp\HPConnectedMusicInstaller_100100126.exe
C:\Users\Owner\AppData\Local\Temp\insED66.tmp.exe
C:\Users\Owner\AppData\Local\Temp\nsb58A6.exe
C:\Users\Owner\AppData\Local\Temp\nsrDBD.exe
C:\Users\Owner\AppData\Local\Temp\nst1168.exe
C:\Users\Owner\AppData\Local\Temp\nsu5356.exe
C:\Users\Owner\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Owner\AppData\Local\Temp\setup_358.exe
C:\Users\Owner\AppData\Local\Temp\setup_399.exe
C:\Users\Owner\AppData\Local\Temp\SP63599.exe
C:\Users\Owner\AppData\Local\Temp\SP63878.exe
C:\Users\Owner\AppData\Local\Temp\sp64126.exe
C:\Users\Owner\AppData\Local\Temp\SP64339.exe
C:\Users\Owner\AppData\Local\Temp\SP64854.exe
C:\Users\Owner\AppData\Local\Temp\SP64881.exe
C:\Users\Owner\AppData\Local\Temp\SP65168.exe
C:\Users\Owner\AppData\Local\Temp\SP65782.exe
C:\Users\Owner\AppData\Local\Temp\SP65792.exe
C:\Users\Owner\AppData\Local\Temp\SP65793.exe
C:\Users\Owner\AppData\Local\Temp\SP65796.exe
C:\Users\Owner\AppData\Local\Temp\SP66078.exe
C:\Users\Owner\AppData\Local\Temp\SP66604.exe
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite10177.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite10783.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite15445.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite22272.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite22368.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite24194.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite24958.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite28592.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite30135.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite32049.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite32430.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite54630.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite54705.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite57132.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite58765.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite60097.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite60918.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite63842.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite64612.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite64750.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite70023.dll
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite90723.dll
C:\Users\Owner\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Owner\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Owner\AppData\Local\Temp\VOPackage.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-01 11:17
 
==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Owner at 2014-11-10 09:57:08
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.26 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browsers+Apps+1.1 (HKLM-x32\...\Browsers+Apps+1.1) (Version: 1.35.9.29 - app)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Pro version 3.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2 - ) <==== ATTENTION
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HQuality-v3V06.11 (HKLM-x32\...\HQuality-v3V06.11) (Version: 1.35.9.29 - HQuality3V06.11)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.6 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PCBooster (HKLM-x32\...\{A92D9A4B-DA38-49DF-83C3-6742E0E5C2DE}) (Version: 1.0.0.0 - Portable Booster) <==== ATTENTION
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.26.7 - Client Connect LTD) <==== ATTENTION
Severe Weather Alerts (HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
Snap.Do (HKLM-x32\...\{8956ABAC-F1A3-4AED-9D71-10C9084C081D}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\{6de696d5-8ec9-4cf5-9b3e-d049b8f46931}) (Version: 11.122.1.20284 - ReSoft Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-77919763-808462472-1795383770-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
03-11-2014 16:46:23 Removed Realtek Card Reader
07-11-2014 01:27:47 Installed Java 7 Update 51
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2014-11-03 11:42 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0052B76E-E7AC-45C1-97D2-DC7C2D2B0146} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {008F1528-2535-40E8-A724-081B3DB433B9} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {0B235C81-D72B-4706-8E36-5467267D7815} - System32\Tasks\GQRWQQA => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {161A61AF-2517-4C61-8993-BAAFD5419017} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {1A2A3C01-85DA-4AF3-B901-74986F37F626} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {230864E9-9C8B-465E-A955-4A5E64251067} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {263343B5-D9A1-4487-8341-2B79AA5E742F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {30565CD3-1B8B-4683-B962-BA6E3F4ED452} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-10-30] (MyPC Backup) <==== ATTENTION
Task: {33DF7CF5-E444-4630-BFDC-69C0DC1A0FA4} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\\WarningPopUp.exe [2014-09-23] (Microsoft)
Task: {371057A4-4DAD-4189-8F57-F549A1C8DEB7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe [2014-11-01] (app)
Task: {38AE0A86-C497-438C-945E-A5E25908E06C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {3D569F1C-8F19-43BB-8E74-B866E00C589A} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe [2014-08-26] (PC Utilities Software Limited) <==== ATTENTION
Task: {43C46187-4D4F-4570-8134-5AE9496AA16C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {56E9A489-E4D9-4026-A0A9-6CC2EC7C76C6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe [2014-11-01] (app)
Task: {5A500579-64B5-408D-A92F-2D7F859F28F1} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe [2014-11-01] (app)
Task: {60E8AF3C-C697-4CA9-9D4E-E768E42C3C99} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {65D5802A-F244-4662-BD4A-E9EB841418D1} - System32\Tasks\CJVEYMH => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {687010BC-5B05-4D51-87E5-04FEA3202FA6} - System32\Tasks\WSE_Astromenda => C:\Users\Owner\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-11-03] () <==== ATTENTION
Task: {68B8E1EA-333D-49EA-AAFA-D1D437377EF6} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {6B1A2F52-8AA7-4C26-88CF-539AFB9FA2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6FAC7F05-BAE2-4810-8EED-B8EAFB80BC4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7A3FD76A-5AAA-4BF4-8B46-70FF62B2EBB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {89615320-542F-4388-BC42-80B36E5D5BDB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HPPAVILLION-Owner HpPavillion => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {8ABE6366-0E30-425E-B9C4-75A6F52BB490} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe [2014-11-01] (app)
Task: {8B931B31-8C61-41DA-AE11-91B43B9ED371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8C5ED063-EEBE-45FD-90C2-85520F0FB153} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1 => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {8F002EA7-E3D5-470B-98CE-D279791724FD} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {900E3E13-61F6-4AC7-AD53-39F7A320E5BB} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe [2014-11-01] (app)
Task: {90A39AB9-1F55-4720-BCA6-39B876D650BF} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {938BCB7F-5297-49E4-B4E6-7A16BCE07133} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A139DD2-E254-4E8D-9EC9-4119DE25B790} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {A743A151-813F-4D56-A612-3EC1DD0F2070} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-09-23] (Portable Booster)
Task: {AEAAA720-5384-4023-A6D9-EA5E1D297CAA} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {B4BE5F03-91FD-4819-BE72-B2A38123B87F} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe [2014-11-01] (app)
Task: {BF061D0D-4BF0-4AB9-811B-8FFBFEC06668} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {C8583FB3-0176-4306-ADE2-44E0360933D1} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-09-23] ()
Task: {D12AD5D2-0819-45AC-9E8F-996A09B9A72D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {D658A849-3508-4367-BAAC-75C0998012C7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {E1303E4E-4489-4037-81E7-6374D4E3BDD6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1 => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe [2014-11-01] (app)
Task: {E64193EF-23E8-42FD-A186-33AEF171B139} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {EE905DC5-7EBF-4653-B612-41D97E16DAB0} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {F124C809-5676-4E10-BE70-41CF6A4D2A31} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {F61DA9E1-53F1-47AD-9F67-65817E502381} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: {F7B46900-6F92-45F2-B3AC-112F077C9B25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {FD953208-83F1-49FD-AFE7-A8BA27D599A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job => ?
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job => ?
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job => ?
Task: C:\Windows\Tasks\CJVEYMH.job => ?
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => ? <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => ? <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ba5ed37a610.job => ?
Task: C:\Windows\Tasks\GQRWQQA.job => ?
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => ?
Task: C:\Windows\Tasks\WSE_Astromenda.job => ?
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-14 10:23 - 2013-10-14 10:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 10:24 - 2013-10-14 10:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 10:25 - 2013-10-14 10:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 10:22 - 2013-10-14 10:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 10:35 - 2013-10-14 10:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-30 06:30 - 2014-10-30 06:30 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-04-26 11:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-05 06:12 - 2014-11-02 15:57 - 00268600 _____ () C:\Windows\SysWOW64\dsrvprn.exe
2014-10-15 12:37 - 2014-10-15 12:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:04 - 2014-10-15 13:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-10-04 21:20 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-10-20 17:26 - 2014-11-06 20:27 - 00732128 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2013-10-14 10:30 - 2013-10-14 10:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:03 - 2014-10-15 13:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:03 - 2014-10-15 13:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-10-30 06:38 - 2014-10-30 06:38 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00348384 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
2014-09-25 06:38 - 2014-09-25 06:38 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00076000 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-09-25 06:38 - 2014-09-25 06:38 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00379440 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00114920 _____ () C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-04 21:19 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 23:10 - 2013-08-09 07:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 23:30 - 2013-08-05 02:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00393728 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-11-01 19:46 - 2014-07-21 04:38 - 00788480 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ffmpegsumo.dll
2014-11-01 19:46 - 2013-12-03 21:48 - 13586896 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\pepflashplayer.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00092720 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00069168 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll
2014-10-24 08:50 - 2014-10-24 08:50 - 00035328 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00056880 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00119856 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll
2014-10-24 09:07 - 2014-10-24 09:07 - 00100912 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll
2014-10-24 09:08 - 2014-10-24 09:08 - 00121904 _____ () C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Owner\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-77919763-808462472-1795383770-500 - Administrator - Disabled)
Guest (S-1-5-21-77919763-808462472-1795383770-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-77919763-808462472-1795383770-1003 - Limited - Enabled)
Owner (S-1-5-21-77919763-808462472-1795383770-1001 - Administrator - Enabled) => C:\Users\Owner
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/10/2014 09:43:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DriverPro.exe version 3.1.0.819 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 29bc
 
Start Time: 01cffceaf1572a15
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Driver Pro\DriverPro.exe
 
Report Id: cc97dad6-68e7-11e4-828b-a01d48dac7da
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/10/2014 09:41:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x39d8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:40:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x1e04
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:40:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x28c0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:40:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x1158
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:39:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x2bd0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:39:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x248
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:38:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x3d48
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:38:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x1c34
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (11/10/2014 09:38:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: chrome.dll, version: 31.0.1650.63, time stamp: 0x53ccea0a
Exception code: 0x80000003
Fault offset: 0x00021880
Faulting process id: 0x53ec
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
 
System errors:
=============
Error: (11/10/2014 07:32:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinHttpAutoProxySvc service.
 
Error: (11/07/2014 07:05:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The rcores service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/07/2014 07:05:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IePlugin Services service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/07/2014 03:05:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {76DEF3AC-2910-4234-9EE2-C81B2D45833A}
 
Error: (11/07/2014 03:05:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {76DEF3AC-2910-4234-9EE2-C81B2D45833A}
 
Error: (11/07/2014 03:05:32 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/07/2014 03:05:32 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4116) (User: HPPAVILLION)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (11/07/2014 02:26:51 PM) (Source: Schannel) (EventID: 4120) (User: HPPAVILLION)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (11/06/2014 08:17:47 PM) (Source: DCOM) (EventID: 10010) (User: HPPAVILLION)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
 
Microsoft Office Sessions:
=========================
Error: (11/10/2014 09:43:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DriverPro.exe3.1.0.81929bc01cffceaf1572a154294967295C:\Program Files (x86)\Driver Pro\DriverPro.execc97dad6-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:41:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a800000030002188039d801cffcf45c2d2ad7C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll9e1dd1df-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:40:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a80000003000218801e0401cffcf450902a0dC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll906ece98-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:40:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a800000030002188028c001cffcf44a024b04C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll87fd6250-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:40:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a8000000300021880115801cffcf42b083e4dC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll792cb137-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:39:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a80000003000218802bd001cffcf420003e66C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll5fb0a203-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:39:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a800000030002188024801cffcf418206363C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll567906a3-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:38:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a80000003000218803d4801cffcf4106e2234C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll4e3a7fe4-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:38:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a80000003000218801c3401cffcf4063a3e87C:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll4555bae6-68e7-11e4-828b-a01d48dac7da
 
Error: (11/10/2014 09:38:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe31.0.1650.6353ccf06bchrome.dll31.0.1650.6353ccea0a800000030002188053ec01cffcf3fce8fa0aC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.exeC:\Users\Owner\AppData\Local\IDLECR~1.R\CHROME~1\chrome.dll3c2965e9-68e7-11e4-828b-a01d48dac7da
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-25 03:45:17.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:17.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.893
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.762
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-25 03:45:16.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4000M CPU @ 2.40GHz
Percentage of memory in use: 69%
Total physical RAM: 6059.57 MB
Available physical RAM: 1837.32 MB
Total Pagefile: 13193.54 MB
Available Pagefile: 4750.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:676.79 GB) (Free:564.44 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.07 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 24E7A700)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#9
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Step#1 - Warnings

 

You are running too many antivirus programs. This is not a good idea as this can cause problems such as slowness in computer speed, conflicts and cause more vulnerability to infection. It appears you are running McAfee and Ad-Aware AV. Also it looks as if you may have had bitdefender at one time? Is this the case?

 

We'll uninstall Ad-Aware shortly. If you wish to keep Ad-Aware for some reason and get rid of McAfee please let me know before continuing on.

 

 

Step#2 - Create a Restore Point
1. Press the Windows Flag key on your keyboard to bring up your Start Screen.
2. Type restore point and then click on Create a restore point that comes up in the search results.
RestorePoint.JPG
 
3. Click Create in the System Properties window.
Create.JPG
 
4. Type G2G for the name of the restore point and click Create.
5. You will receive a message that the restore point was successfully created. Just click Close and then close the system properties box.

 

 

Step#3 - Uninstalls
 
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot.

Ad-Aware Antivirus
Ad-Aware Security Toolbar
Browsers+Apps+1.1
Driver Pro version 3.2
HQuality-v3V06.11
Java 7 Update 51
LPT System Updater Service
MyPC Backup
PCBooster
Remote Desktop Access
Search Protect
Severe Weather Alerts
Snap.Do
Snap.Do Engine
Term Tutor     

 

 

Step#4 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   22.98KB   377 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Step#5 - JRT
 
Note: Please disable your Antivirus Software before doing Step#1. Info on how to do this is here but it's usually a matter of right-clicking your AV icon in your system tray by your time.
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3, The tool will open and start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. After your machine is rebooted, please re-enable your antivirus.
8. Post the contents of JRT.txt into your next message.

 

Step#6 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#7 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.
 
  

 
Items for your next post

1. Did you have bitdefender at one time

2. FRST Fix log

3. JRT log

4. AdwCleaner log
5. Updated FRST and Addition logs


  • 0

#10
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Brian thanks I'll get working on this ASAP. 

 

I've recommended my co-worker uninstall McAfee. It's a huge buggy program that I've never been fond of. 

Do you recommend Ad Aware?


  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

If that's what you decide to do then please don't follow the instructions yet. I need to adjust my fix accordingly. It was based on the assumption that you would stick with McAfee. If it's a paid version of McAfee you will obviously want to make sure your co-worker is OK with this.

 

Please confirm that you haven't continued yet and I'll adjust my fix.


  • 0

#12
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I'll confirm this with her shorty. 


  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I have listed a couple recommended free AV's below which are as good as any paid subscription AV, as long as you allow them to update themselves. I use the built-in Windows Defender on my machine but the choice is yours. 
 
Windows Defender
Avast! (If you decide on this one, please ensure you uncheck the Google Toolbar and Google Chrome that is offered on the first screen of the install...unless you want them for some reason). In addition if you choose Avast!, please ensure that Windows Defender is disabled. Instructions for doing so are here.

 

I would suggest that you keep McAfee and follow the instructions for these fixes (which includes uninstalling Ad-Aware) and then we can deal with the AV choice afterwards.

 

But obviously let me know if your co-worker has already uninstalled McAfee and/or followed any instructions before we continue on.


  • 0

#14
taureanblack

taureanblack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Hi Brian

 

This is the Fixlog. I had trouble getting the log initially. I think McAffee stopped my first attempt. My co worker said that it took her all afternoon to get the Fixlog. It simply ran and ran.

 

I'll be attempting step 5 this morning.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Owner at 2014-11-11 11:58:55 Run:2
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
KillProcesses:
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
() C:\Windows\SysWOW64\dsrvprn.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe
cmd: tskill chrome /A
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
() C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
(Weather Notifications, LLC) C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Driver Pro\DPTray.exe
() C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
() C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [ospd_us_349] => [X]
HKU\S-1-5-21-77919763-808462472-1795383770-1001\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-21] (Google Inc.)
AppInit_DLLs: C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [77856 2014-11-01] ()
AppInit_DLLs-x32: c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll => c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll [67104 2014-11-01] ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BootExecute: autocheck autochk * bddel.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.co...r=106507692&ir=
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=456815432&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=456815432&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF HKLM\...\Firefox\Extensions: [{BF883488-0379-470e-8BF2-C5D1F3828428}] - C:\Program Files\Shop For Rewards\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BF883488-0379-470e-8BF2-C5D1F3828428}] - C:\Program Files\Shop For Rewards\Firefox
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330394&octid=EB_ORIGINAL_CTID&ISID=ME102B91A-A79C-4FCF-B3C0-DD4C6A5AB8C9&SearchSource=55&CUI=&UM=6&UP=SPAC1F7BEC-782D-463C-81D2-E4E44DF1F3D9&SSPV=", "hxxp://search.conduit.com/?ctid=CT3317822&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2520F31A-7AA7-4B22-BDE3-CE7CC94F140F&SSPV=", "hxxp://mysearch.avg.com/?cid={EAA7AA15-D81A-43A5-B32E-9F6E7CF4F37F}&mid=8663c7dcad4e47d2a1376939b21ce5e1-3e07e213711093ba2a513882b8c4339a3739fffa&lang=en&ds=ub011&coid=avgtbdisub&cmpid=&pr=sa&d=2014-02-06%2021:07:48&v=17.3.1.204&pid=safeguard&sg=&sap=hp", "hxxp://astromenda.com/?f=7&a=ast_cmi_14_45_ch&cd=2XzuyEtN2Y1L1Qzu0AtDtC0DyEzz0D0A0CyB0D0AtBzz0E0AtN0D0Tzu0StCtDtAzztN1L2XzutAtFyCtFtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0A0BtCyD0FzzzytGtD0EtCtAtGtC0FyC0CtG0A0Czy0DtGtAyCtBtBzz0CtAyBtDtCyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0FyB0CyEzz0C0CtGyEzytCtCtGyE0D0D0FtG0Bzy0DyBtGzz0DyEzytCyCyB0Czy0FtD0F2Q&cr=456815432&ir=", "hxxp://www.v9.com/?type=hp&ts=1415323537&from=pjr&uid=TOSHIBAXMQ01ABD075_Z3GCS98OSXXZ3GCS98OS&i=psd&t=34b993bae"
CHR DefaultSearchKeyword: Default -> v9
CHR Extension: (Browsers+Apps+1.1) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago [2014-11-01]
CHR Extension: (Value apps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2014-02-22]
CHR Extension: (Astromenda New Tab) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-11-01]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-10-30] (Just Develop It) <==== ATTENTION
R2 dsrvprn; C:\Windows\SysWOW64\dsrvprn.exe [268600 2014-11-02] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-06] (globalUpdate) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
S4 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-10-28] () [File not signed] <==== ATTENTION
R2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [492496 2014-11-02] (Client Connect LTD)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
2014-11-07 19:03 - 2014-11-07 19:05 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-11-07 19:03 - 2014-11-07 19:05 - 00010234 _____ () C:\Windows\system32\bddel.dat
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-*.job
2014-11-06 09:56 - 2014-11-07 18:11 - 00001364 _____ () C:\Windows\Tasks\GQRWQQA.job
2014-11-06 09:56 - 2014-11-06 09:56 - 01535408 _____ (HQuality3V06.11) C:\Users\Owner\AppData\Roaming\GQRWQQA.exe
2014-11-06 09:56 - 2014-11-06 09:56 - 00007178 _____ () C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-*
2014-11-06 09:55 - 2014-11-07 18:11 - 00001708 _____ () C:\Windows\Tasks\CJVEYMH.job
2014-11-06 09:55 - 2014-11-06 09:55 - 02021296 _____ (HQuality3V06.11) C:\Users\Owner\AppData\Roaming\CJVEYMH.exe
2014-11-06 09:55 - 2014-11-06 09:55 - 00004718 _____ () C:\Windows\System32\Tasks\CJVEYMH
2014-11-06 09:55 - 2014-11-06 16:00 - 00000986 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-06 09:55 - 2014-11-06 09:55 - 00003958 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-11-06 09:47 - 2014-11-06 09:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-11-05 06:12 - 2014-11-05 17:27 - 00000000 ____D () C:\Program Files\Shop For Rewards
2014-11-05 06:12 - 2014-11-05 06:12 - 01482640 _____ () C:\ProgramData\Setup.exe
2014-11-05 06:12 - 2014-11-05 06:12 - 00000045 _____ () C:\user.js
2014-11-03 11:53 - 2014-11-03 11:53 - 00003104 _____ () C:\Windows\System32\Tasks\{5AA26A89-6E5D-49A8-B570-B6A8ECE2D7A7}
2014-11-03 11:19 - 2014-11-03 11:19 - 00000000 ____D () C:\Program Files (x86)\predm
2014-11-03 10:12 - 2014-11-03 10:12 - 00000000 ____D () C:\ProgramData\374311380
2014-11-03 07:18 - 2014-11-03 07:18 - 00022528 _____ () C:\Users\Owner\AppData\Local\84021875dsisetup840276712.exe
2014-11-03 07:18 - 2014-11-03 07:18 - 00000001 _____ () C:\Users\Owner\AppData\Local\DSI.DAT
2014-11-01 09:18 - 2014-11-07 18:23 - 00000316 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-11-01 09:18 - 2014-11-03 11:54 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Systweak
2014-11-01 09:18 - 2014-11-03 11:23 - 00002654 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-11-01 09:18 - 2014-11-03 11:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WSE_Astromenda
2014-11-01 09:18 - 2014-10-06 16:36 - 00020296 _____ () C:\Windows\system32\roboot64.exe
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd*.job
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd*
2014-11-01 09:13 - 2014-11-07 18:11 - 00000982 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-01 09:13 - 2014-11-06 09:55 - 00003722 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-11-01 09:13 - 2014-11-01 09:13 - 01974688 _____ (app) C:\Users\Owner\AppData\Roaming\YLEIWO.exe
2014-11-01 09:13 - 2014-11-01 09:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\globalUpdate
2014-11-01 09:12 - 2014-11-06 10:46 - 00000000 ___HD () C:\Users\Public\Temp
2014-11-01 09:12 - 2014-11-01 09:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\LPT
2014-11-01 09:12 - 2014-11-01 09:12 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smartbar
2014-11-01 09:11 - 2014-11-01 09:11 - 00001984 _____ () C:\Users\Owner\Desktop\Sync Folder.lnk
2014-11-01 09:11 - 2014-11-01 09:11 - 00000000 ____D () C:\Users\Owner\Documents\Optimizer Pro
2014-11-01 09:10 - 2014-11-03 11:33 - 00000000 ____D () C:\Program Files (x86)\Consumer Input
2014-11-01 09:10 - 2014-11-03 08:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-01 09:10 - 2014-11-01 09:38 - 00001929 _____ () C:\Windows\patsearch.bin
2014-11-01 09:10 - 2014-11-01 09:10 - 00001102 _____ () C:\Users\Owner\Desktop\MyPC Backup.lnk
2014-11-01 09:10 - 2014-11-01 09:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-11-01 09:10 - 2014-11-01 09:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-11-01 09:08 - 2014-11-06 09:57 - 00000004 _____ () C:\end
2014-10-25 20:47 - 2014-10-25 20:47 - 00073656 _____ () C:\Users\Owner\Downloads\FLVPlayer-Chrome.exe
2014-10-24 19:23 - 2014-10-24 19:23 - 00366056 _____ () C:\Users\Owner\Downloads\Player Setup.exe
2014-10-19 19:52 - 2014-10-19 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-19 19:50 - 2014-10-19 19:50 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-19 19:47 - 2014-10-19 19:47 - 01753736 _____ () C:\Users\Owner\Downloads\Adaware_Installer (1).exe
2014-11-10 08:36 - 2014-08-30 14:33 - 00003228 _____ () C:\Windows\System32\Tasks\Driver Pro Schedule
2014-11-10 08:33 - 2014-02-22 18:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{50E71491-A125-42E1-8253-648F19D90BBC}
2014-11-05 02:43 - 2014-08-30 14:20 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
Task: {0052B76E-E7AC-45C1-97D2-DC7C2D2B0146} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {008F1528-2535-40E8-A724-081B3DB433B9} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {0B235C81-D72B-4706-8E36-5467267D7815} - System32\Tasks\GQRWQQA => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {230864E9-9C8B-465E-A955-4A5E64251067} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
Task: {30565CD3-1B8B-4683-B962-BA6E3F4ED452} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-10-30] (MyPC Backup) <==== ATTENTION
Task: {371057A4-4DAD-4189-8F57-F549A1C8DEB7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe [2014-11-01] (app)
Task: {3D569F1C-8F19-43BB-8E74-B866E00C589A} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe [2014-08-26] (PC Utilities Software Limited) <==== ATTENTION
Task: {56E9A489-E4D9-4026-A0A9-6CC2EC7C76C6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe [2014-11-01] (app)
Task: {5A500579-64B5-408D-A92F-2D7F859F28F1} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe [2014-11-01] (app)
Task: {60E8AF3C-C697-4CA9-9D4E-E768E42C3C99} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {65D5802A-F244-4662-BD4A-E9EB841418D1} - System32\Tasks\CJVEYMH => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {687010BC-5B05-4D51-87E5-04FEA3202FA6} - System32\Tasks\WSE_Astromenda => C:\Users\Owner\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-11-03] ()
Task: {68B8E1EA-333D-49EA-AAFA-D1D437377EF6} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {8ABE6366-0E30-425E-B9C4-75A6F52BB490} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe [2014-11-01] (app)
Task: {8C5ED063-EEBE-45FD-90C2-85520F0FB153} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1 => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {900E3E13-61F6-4AC7-AD53-39F7A320E5BB} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe [2014-11-01] (app)
Task: {90A39AB9-1F55-4720-BCA6-39B876D650BF} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {AEAAA720-5384-4023-A6D9-EA5E1D297CAA} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {B4BE5F03-91FD-4819-BE72-B2A38123B87F} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe [2014-11-01] (app)
Task: {BF061D0D-4BF0-4AB9-811B-8FFBFEC06668} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {D658A849-3508-4367-BAAC-75C0998012C7} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5 => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe [2014-11-01] (app)
Task: {E1303E4E-4489-4037-81E7-6374D4E3BDD6} - System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1 => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe [2014-11-01] (app)
Task: {F124C809-5676-4E10-BE70-41CF6A4D2A31} - System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3 => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe [2014-11-06] (HQuality3V06.11) <==== ATTENTION
Task: {F61DA9E1-53F1-47AD-9F67-65817E502381} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-06] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job => C:\Program Files (x86)\HQuality-v3V06.11\HQuality-v3V06.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job => C:\Program Files (x86)\HQuality-v3V06.11\53846bfa-df38-4813-824c-7f71cc0e54c5-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job => C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.exe
Task: C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job => C:\Program Files (x86)\Browsers+Apps+1.1\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.exe
Task: C:\Windows\Tasks\CJVEYMH.job => C:\Users\Owner\AppData\Roaming\CJVEYMH.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GQRWQQA.job => C:\Users\Owner\AppData\Roaming\GQRWQQA.exe <==== ATTENTION
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Owner\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
2014-10-30 06:30 - 2014-10-30 06:30 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-11-05 06:12 - 2014-11-02 15:57 - 00268600 _____ () C:\Windows\SysWOW64\dsrvprn.exe
2014-11-01 09:10 - 2014-11-01 02:52 - 04959744 _____ () C:\Windows\rcore.exe
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\Browsers+Apps+1.1
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r
C:\Program Files\Lavasoft\Ad-Aware Antivirus
C:\Users\Owner\AppData\Local\SevereWeatherAlerts
C:\Program Files (x86)\SupTab
C:\Program Files (x86)\HQuality-v3V06.11
C:\Users\Owner\AppData\Local\ospd_us_349
C:\Program Files (x86)\Krab Web
C:\ProgramData\VCRZNU
C:\Program Files (x86)\ORBTR
C:\Users\Owner\AppData\Roaming\VOPackage
C:\Program Files (x86)\Consumer Input
C:\Program Files (x86)\Driver Pro
C:\Users\Owner\AppData\Local\IDLECR~1.R
C:\Users\Owner\AppData\Local\Smartbar
C:\Program Files\TermTutor
C:\Program Files (x86)\TermTutor
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\LPT
C:\Users\Owner\AppData\Roaming\WSE_AS~1
C:\Program Files (x86)\SearchProtect
C:\ProgramData\e435d908-8e15-4e0c-ae35-3dc1cb10ee1e
C:\Windows\System32\Tasks\IC Runner Procedure
C:\Users\Owner\Downloads\Unconfirmed*.crdownload
EmptyTemp:
 
 
 
 
 
 
 
 
 
*****************
 
KillProcesses: => Error: No automatic fix found for this entry.
C:\Program Files (x86)\MyPC Backup\BackupStack.exe => No running process found
C:\Windows\SysWOW64\dsrvprn.exe => No running process found
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe => No running process found
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe => No running process found
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe => No running process found
 
=========  tskill chrome /A =========
 
'tskill' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
C:\Program Files (x86)\SupTab\HpUI.exe => No running process found
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe => No running process found
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe => No running process found
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe => No running process found
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe => No running process found
C:\Program Files (x86)\Driver Pro\DPTray.exe => No running process found
[93596] C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe => Process closed successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdAwareTray => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ospd_us_349 => Value not found.
HKU\S-1-5-21-77919763-808462472-1795383770-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267 => Value not found.
"C:\Users\Owner\AppData\Local\Smartbar\Application\Resources\crdlil64.dll" => Value Data not found.
"c:\users\owner\appdata\local\smartbar\application\resources\crdlil.dll" => Value Data not found.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk not found.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe not found.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk not found.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe not found.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk not found.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe not found.
"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found.
"HKU\S-1-5-21-77919763-808462472-1795383770-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => Key not found.
"HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key not found.
"HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => Key not found.
"HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key not found.
"HKCR\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}" => Key not found.
"HKCR\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key not found.
"HKCR\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}" => Key not found.
"HKCR\Wow6432Node\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CB99040-7828-4C37-AC01-F15758F43E4D}" => Key not found.
"HKCR\Wow6432Node\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Value not found.
"HKCR\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => Value not found.
"HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => Value not found.
"HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key not found.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key not found.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{BF883488-0379-470e-8BF2-C5D1F3828428} => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{BF883488-0379-470e-8BF2-C5D1F3828428} => Value not found.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword not detected.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago directory not found.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon directory not found.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae directory not found.
BackupStack => Service not found.
dsrvprn => Service not found.
globalUpdate => Service not found.
globalUpdatem => Service not found.
LavasoftAdAwareService11 => Service not found.
LPTSystemUpdater => Service not found.
Orbiter => Service not found.
Trufos => Service not found.
SPPD => Service not found.
"C:\Windows\system32\bddel.exe" => File/Directory not found.
"C:\Windows\system32\bddel.dat" => File/Directory not found.
"C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-*.job" => File/Directory not found.
"C:\Windows\Tasks\GQRWQQA.job" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\GQRWQQA.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-*" => File/Directory not found.
"C:\Windows\Tasks\CJVEYMH.job" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\CJVEYMH.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\CJVEYMH" => File/Directory not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage" => File/Directory not found.
"C:\Program Files\Shop For Rewards" => File/Directory not found.
"C:\ProgramData\Setup.exe" => File/Directory not found.
"C:\user.js" => File/Directory not found.
"C:\Windows\System32\Tasks\{5AA26A89-6E5D-49A8-B570-B6A8ECE2D7A7}" => File/Directory not found.
"C:\Program Files (x86)\predm" => File/Directory not found.
"C:\ProgramData\374311380" => File/Directory not found.
"C:\Users\Owner\AppData\Local\84021875dsisetup840276712.exe" => File/Directory not found.
"C:\Users\Owner\AppData\Local\DSI.DAT" => File/Directory not found.
"C:\Windows\Tasks\WSE_Astromenda.job" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\Systweak" => File/Directory not found.
"C:\Windows\System32\Tasks\WSE_Astromenda" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\WSE_Astromenda" => File/Directory not found.
"C:\Windows\system32\roboot64.exe" => File/Directory not found.
"C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd*.job" => File/Directory not found.
"C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd*" => File/Directory not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Directory not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\YLEIWO.exe" => File/Directory not found.
"C:\Users\Owner\AppData\Local\globalUpdate" => File/Directory not found.
"C:\Users\Public\Temp" => File/Directory not found.
"C:\Users\Owner\AppData\Local\LPT" => File/Directory not found.
"C:\Users\Owner\AppData\Local\Smartbar" => File/Directory not found.
"C:\Users\Owner\Desktop\Sync Folder.lnk" => File/Directory not found.
"C:\Users\Owner\Documents\Optimizer Pro" => File/Directory not found.
"C:\Program Files (x86)\Consumer Input" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Windows\patsearch.bin" => File/Directory not found.
"C:\Users\Owner\Desktop\MyPC Backup.lnk" => File/Directory not found.
"C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup" => File/Directory not found.
"C:\end" => File/Directory not found.
"C:\Users\Owner\Downloads\FLVPlayer-Chrome.exe" => File/Directory not found.
"C:\Users\Owner\Downloads\Player Setup.exe" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft" => File/Directory not found.
"C:\Program Files\Common Files\Lavasoft" => File/Directory not found.
"C:\Users\Owner\Downloads\Adaware_Installer (1).exe" => File/Directory not found.
"C:\Windows\System32\Tasks\Driver Pro Schedule" => File/Directory not found.
"C:\Windows\System32\Tasks\User_Feed_Synchronization-{50E71491-A125-42E1-8253-648F19D90BBC}" => File/Directory not found.
"C:\Program Files (x86)\WSE_Astromenda" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0052B76E-E7AC-45C1-97D2-DC7C2D2B0146}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{008F1528-2535-40E8-A724-081B3DB433B9}" => Key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\IC Update Procedure" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B235C81-D72B-4706-8E36-5467267D7815}" => Key not found.
C:\Windows\System32\Tasks\GQRWQQA not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GQRWQQA" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{230864E9-9C8B-465E-A955-4A5E64251067}" => Key not found.
C:\Windows\System32\Tasks\IC Runner Procedure not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IC Runner Procedure" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30565CD3-1B8B-4683-B962-BA6E3F4ED452}" => Key not found.
C:\Windows\System32\Tasks\LaunchSignup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{371057A4-4DAD-4189-8F57-F549A1C8DEB7}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D569F1C-8F19-43BB-8E74-B866E00C589A}" => Key not found.
C:\Windows\System32\Tasks\Driver Pro Schedule not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Pro Schedule" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E9A489-E4D9-4026-A0A9-6CC2EC7C76C6}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A500579-64B5-408D-A92F-2D7F859F28F1}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60E8AF3C-C697-4CA9-9D4E-E768E42C3C99}" => Key not found.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-6" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65D5802A-F244-4662-BD4A-E9EB841418D1}" => Key not found.
C:\Windows\System32\Tasks\CJVEYMH not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CJVEYMH" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{687010BC-5B05-4D51-87E5-04FEA3202FA6}" => Key not found.
C:\Windows\System32\Tasks\WSE_Astromenda not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Astromenda" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B8E1EA-333D-49EA-AAFA-D1D437377EF6}" => Key not found.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-4" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ABE6366-0E30-425E-B9C4-75A6F52BB490}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C5ED063-EEBE-45FD-90C2-85520F0FB153}" => Key not found.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-1" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{900E3E13-61F6-4AC7-AD53-39F7A320E5BB}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90A39AB9-1F55-4720-BCA6-39B876D650BF}" => Key not found.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEAAA720-5384-4023-A6D9-EA5E1D297CAA}" => Key not found.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4BE5F03-91FD-4819-BE72-B2A38123B87F}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF061D0D-4BF0-4AB9-811B-8FFBFEC06668}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF061D0D-4BF0-4AB9-811B-8FFBFEC06668}" => Key deleted successfully.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5C7EADF-9EF1-4F59-9DB3-A66CAB2DFF27}" => Key deleted successfully.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D658A849-3508-4367-BAAC-75C0998012C7}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1303E4E-4489-4037-81E7-6374D4E3BDD6}" => Key not found.
C:\Windows\System32\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F124C809-5676-4E10-BE70-41CF6A4D2A31}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F124C809-5676-4E10-BE70-41CF6A4D2A31}" => Key deleted successfully.
C:\Windows\System32\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53846bfa-df38-4813-824c-7f71cc0e54c5-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F61DA9E1-53F1-47AD-9F67-65817E502381}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F61DA9E1-53F1-47AD-9F67-65817E502381}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-1.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-11.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-2.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-3.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-4.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-5_user.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-6.job not found.
C:\Windows\Tasks\53846bfa-df38-4813-824c-7f71cc0e54c5-7.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-1.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-11.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-2.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-3.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-4.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-5_user.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-6.job not found.
C:\Windows\Tasks\b03f950d-028f-4765-b7eb-ba357f9aa6dd-7.job not found.
C:\Windows\Tasks\CJVEYMH.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\GQRWQQA.job not found.
C:\Windows\Tasks\WSE_Astromenda.job not found.
"C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll" => File/Directory not found.
C:\Windows\SysWOW64\dsrvprn.exe => Moved successfully.
"C:\Windows\rcore.exe" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\Browsers+Apps+1.1" => File/Directory not found.
 
"C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r" directory move:
 
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\msvcp110.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\msvcr110.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\uninstall.exe => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\7z.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmlProc.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\InSes.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\NavSupp.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Data\ResPack2.bin => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe => Moved successfully.
Could not move "C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome_100_percent.pak" => Scheduled to move on reboot.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome_child.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\content_resources.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\d3dcompiler_46.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\debug.log => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ffmpegsumo.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\First Run => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\icudt.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\libEGL.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\libGLESv2.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\metro_driver.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl64.exe => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl_irt_x86_32.nexe => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl_irt_x86_64.nexe => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ppGoogleNaClPluginChrome.dll => Moved successfully.
Could not move "C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\resources.pak" => Scheduled to move on reboot.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\manifest.json => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\pepflashplayer.dll => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\am.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ar.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\bg.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\bn.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ca.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\cs.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\da.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\de.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\el.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\en-GB.pak => Moved successfully.
Could not move "C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\en-US.pak" => Scheduled to move on reboot.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\es-419.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\es.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\et.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fa.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fi.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fil.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fr.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\gu.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\he.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hi.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hr.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hu.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\id.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\it.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ja.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\kn.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ko.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\lt.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\lv.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ml.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\mr.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ms.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\nb.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\nl.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pl.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pt-BR.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pt-PT.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ro.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ru.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sk.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sl.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sr.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sv.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sw.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ta.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\te.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\th.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\tr.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\uk.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\vi.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\zh-CN.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\zh-TW.pak => Moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\Dictionaries\en-US-3-0.bdic => Moved successfully.
Could not move "C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r" directory. => Scheduled to move on reboot.
 
"C:\Program Files\Lavasoft\Ad-Aware Antivirus" => File/Directory not found.
"C:\Users\Owner\AppData\Local\SevereWeatherAlerts" => File/Directory not found.
C:\Program Files (x86)\SupTab => Moved successfully.
C:\Program Files (x86)\HQuality-v3V06.11 => Moved successfully.
"C:\Users\Owner\AppData\Local\ospd_us_349" => File/Directory not found.
"C:\Program Files (x86)\Krab Web" => File/Directory not found.
"C:\ProgramData\VCRZNU" => File/Directory not found.
"C:\Program Files (x86)\ORBTR" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\VOPackage" => File/Directory not found.
"C:\Program Files (x86)\Consumer Input" => File/Directory not found.
C:\Program Files (x86)\Driver Pro => Moved successfully.
 
"C:\Users\Owner\AppData\Local\IDLECR~1.R" directory move:
 
Could not move "C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\chrome_100_percent.pak" => Scheduled to move on reboot.
Could not move "C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\resources.pak" => Scheduled to move on reboot.
Could not move "C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\locales\en-US.pak" => Scheduled to move on reboot.
Could not move "C:\Users\Owner\AppData\Local\IDLECR~1.R" directory. => Scheduled to move on reboot.
 
"C:\Users\Owner\AppData\Local\Smartbar" => File/Directory not found.
"C:\Program Files\TermTutor" => File/Directory not found.
"C:\Program Files (x86)\TermTutor" => File/Directory not found.
C:\Program Files (x86)\globalUpdate => Moved successfully.
"C:\Program Files (x86)\LPT" => File/Directory not found.
"C:\Users\Owner\AppData\Roaming\WSE_AS~1" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
C:\ProgramData\e435d908-8e15-4e0c-ae35-3dc1cb10ee1e => Moved successfully.
"C:\Windows\System32\Tasks\IC Runner Procedure" => File/Directory not found.
C:\Users\Owner\Downloads\Unconfirmed*.crdownload => Moved successfully.
EmptyTemp: => Removed 24.4 GB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-11 14:54:27)<=
 
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome_100_percent.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\resources.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\en-US.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\I.d.l.e  C.r.a.w.l.e.r => Is moved successfully.
C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\chrome_100_percent.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\resources.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\IDLECR~1.R\Chrome-bin\locales\en-US.pak => Is moved successfully.
C:\Users\Owner\AppData\Local\IDLECR~1.R => Is moved successfully.
 
==== End of Fixlog ====

  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you. It may have taken a very long time to run as it Removed 24.4 GB temporary data which is a lot.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP