Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware removal needed [Closed]


  • This topic is locked This topic is locked

#1
swilcox1949

swilcox1949

    New Member

  • Member
  • Pip
  • 1 posts

My internet explorer has been taken over by a program that warns of a virus or malware problem with a phone number to call to assure removal before files are damaged on my computer.  The pop up message can not be closed without shutting down the computer manually.  Pop ups now randomly appear advertising various products and internet security web sights.  I have run the frontier security program from my internet provider and it does not detect any virus or malware.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Steve (administrator) on STEVE-PC (30-09-2015 21:17:50)
Running from C:\Users\Steve\Downloads
Loaded Profiles: Steve (Available Profiles: Steve)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
() C:\Program Files\Updater By Smilebox\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSMA32.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\daugava\Ejemidvlf64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\fshoster32.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(F-Secure Corporation) C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msntask.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_185_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Steve\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [daugava64] => C:\Program Files\daugava\Ejemidvlf64.exe [463520 2015-07-22] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [190808 2011-03-01] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-06-12] (F-Secure Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-04-30] (Apple Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (53784)] => C:\Program Files (x86)\Frontier\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-12] (Logitech Inc.)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc.)
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\MountPoints2: {afa1bb3c-e8c7-11df-97e8-e0cb4e7d5b48} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010-05-16]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2009-12-04]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 192.168.254.254
Tcpip\..\Interfaces\{A01D95C7-330E-4E03-AB46-CB59AD452887}: [DhcpNameServer] 192.168.254.254 192.168.254.254

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.smilebox.com/?src=10&st=12&crg=3.5000006.10040&barid={AECE8725-DB8A-11E2-9C76-E0CB4E7D5B48}
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://frontier.yahoo.com/
HKU\S-1-5-21-3926269040-4061506150-889370240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
URLSearchHook: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {7712EA06-5431-4E42-9C05-0892B56ED6BA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A6000F58-2759-4DE9-B0B6-B46B23C1DA1B} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {7712EA06-5431-4E42-9C05-0892B56ED6BA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A6000F58-2759-4DE9-B0B6-B46B23C1DA1B} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.smilebox.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10040&barid={AECE8725-DB8A-11E2-9C76-E0CB4E7D5B48}
SearchScopes: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> DefaultScope {7712EA06-5431-4E42-9C05-0892B56ED6BA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> {7712EA06-5431-4E42-9C05-0892B56ED6BA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> {A6000F58-2759-4DE9-B0B6-B46B23C1DA1B} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.smilebox.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10040&barid={AECE8725-DB8A-11E2-9C76-E0CB4E7D5B48}
BHO: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\Frontier\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-05-09] (F-Secure Corporation)
BHO: Updater By Smilebox -> {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} -> C:\Program Files\Updater By Smilebox\Extension64.dll [2013-07-01] ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-18] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\Frontier\apps\SafeSearch\IE\FSSafeSearch.dll [2014-05-09] (F-Secure Corporation)
BHO-x32: Updater By Smilebox -> {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} -> C:\Program Files\Updater By Smilebox\Extension32.dll [2013-07-01] ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-18] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\Frontier\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-05-09] (F-Secure Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-18] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKLM-x32 - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\Frontier\apps\SafeSearch\IE\FSSafeSearch.dll [2014-05-09] (F-Secure Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-3926269040-4061506150-889370240-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-18] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {44C1E3A2-B594-401C-B27A-D1B4476E4797} hxxps://secureemployee.oppserv.org/XTSAC.cab
DPF: HKLM-x32 {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} hxxps://secure.logmeinrescue.com/Customer/x86/RescueDownloader.cab
DPF: HKLM-x32 {76850F2A-FCAA-454F-82D3-BD46CB186EF5} hxxps://intranet.lpch.org/departments/resq/ggw-activex.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://kdv.webex.com/client/T27LD/nbr/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3926269040-4061506150-889370240-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll [2009-10-27] (Hulu LLC)
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By Smilebox\Firefox
FF Extension: Updater By Smilebox - C:\Program Files\Updater By Smilebox\Firefox [2013-06-22]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Smilebox\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By Smilebox\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Smilebox\Firefox
FF HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-10]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-10]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-10]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-10]
CHR Extension: (Bing) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-09]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-16]
CHR Extension: (Skype Click to Call) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-10]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-10]
CHR HKU\S-1-5-21-3926269040-4061506150-889370240-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435304 2015-09-11] (Fitbit, Inc.)
R2 fshoster; C:\Program Files (x86)\Frontier\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-06-12] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Updater By Smilebox; C:\Program Files\Updater By Smilebox\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [61336 2015-06-18] (Cherimoya Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207912 2015-09-01] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Frontier\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [66736 2015-09-16] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2012-11-02] ()
R3 fsni; C:\Program Files (x86)\Frontier\apps\CCF_Scanning\bin\fsni64.sys [97832 2015-09-07] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-06-12] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 21:17 - 2015-09-30 21:17 - 02192384 _____ (Farbar) C:\Users\Steve\Downloads\FRST64 (1).exe
2015-09-30 21:12 - 2015-09-30 21:12 - 00050912 _____ C:\Users\Steve\Desktop\scan 9-30-15.txt
2015-09-30 21:08 - 2015-09-30 21:09 - 00050917 _____ C:\Users\Steve\Downloads\Addition.txt
2015-09-30 21:06 - 2015-09-30 21:17 - 00027104 _____ C:\Users\Steve\Downloads\FRST.txt
2015-09-30 21:06 - 2015-09-30 21:17 - 00000000 ____D C:\FRST
2015-09-30 21:04 - 2015-09-30 21:06 - 02192384 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
2015-09-30 17:27 - 2015-09-30 17:27 - 00000000 ____D C:\Users\Steve\AppData\Local\{1C81DDC9-B124-4142-B928-82046691CC49}
2015-09-29 19:52 - 2015-09-29 19:53 - 00000000 ____D C:\Users\Steve\AppData\Local\{216C17A2-E5EB-49A7-B391-7721CA2C108B}
2015-09-28 21:48 - 2015-09-28 21:48 - 00000000 ____D C:\Users\Steve\AppData\Local\{AC5E3328-81C2-433C-8CFC-6D9360BB6EEF}
2015-09-27 20:33 - 2015-09-27 20:33 - 00000000 ____D C:\Users\Steve\AppData\Local\{1E8CC864-89F0-44CA-9BE6-48721E51A0C2}
2015-09-27 00:58 - 2015-09-27 00:58 - 00000029 _____ C:\Users\Steve\Downloads\text_1 (1).txt
2015-09-26 23:56 - 2015-09-26 23:56 - 00000000 ____D C:\Users\Steve\AppData\Local\{C4D578F0-93EF-4A70-9F4F-9A4DB81D00E5}
2015-09-26 23:52 - 2015-09-26 23:52 - 00000000 ____D C:\Windows\TEMPfolder
2015-09-26 23:52 - 2015-09-26 23:52 - 00000000 ____D C:\Windows\system32\pums
2015-09-26 10:04 - 2015-09-26 10:04 - 00000000 ____D C:\Users\Steve\AppData\Local\{B45308DA-62D5-4DA2-8CFC-52DD4514E231}
2015-09-25 22:03 - 2015-09-25 22:03 - 00000000 ____D C:\Users\Steve\AppData\Local\{5C1D4384-2C92-4594-BF2A-13E6702F9458}
2015-09-24 23:32 - 2015-09-24 23:32 - 00000000 ____D C:\Users\Steve\AppData\Local\{24BC2044-DE61-4EFE-8046-3C6774C11BE2}
2015-09-23 19:24 - 2015-09-23 19:24 - 00000000 ____D C:\Users\Steve\AppData\Local\{03A9DA71-C75D-44B1-A3C2-3664AA8C6AE7}
2015-09-23 06:35 - 2015-09-23 06:35 - 00000000 ____D C:\Users\Steve\AppData\Local\{73CC5FB0-AB0E-4C8C-96CD-6F15A9CCF830}
2015-09-21 20:52 - 2015-09-21 20:52 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-21 20:52 - 2015-09-21 20:52 - 00000000 ____D C:\Users\Steve\AppData\Local\Apple Computer
2015-09-21 20:52 - 2015-09-21 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-21 20:51 - 2015-09-21 20:52 - 00000000 ____D C:\Program Files\iTunes
2015-09-21 20:51 - 2015-09-21 20:51 - 00000000 ____D C:\Program Files\iPod
2015-09-21 20:51 - 2015-09-21 20:51 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-21 20:50 - 2015-09-21 20:50 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-21 20:50 - 2015-09-21 20:50 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-21 20:49 - 2015-09-21 20:51 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-21 20:49 - 2015-09-21 20:49 - 00000000 ____D C:\Program Files\Bonjour
2015-09-21 20:49 - 2015-09-21 20:49 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-21 19:52 - 2015-09-21 19:52 - 00000000 ____D C:\Users\Steve\AppData\Local\{5A7A20DD-F4DA-4609-B04F-08401C892A29}
2015-09-21 07:51 - 2015-09-21 07:51 - 00000000 ____D C:\Users\Steve\AppData\Local\{5A8CDACD-9E09-47DE-A91B-2D78A762248C}
2015-09-20 16:22 - 2015-09-20 16:22 - 00000000 ____D C:\Users\Steve\AppData\Local\{6B7FA783-08FD-4E5B-B810-8FDA205CF1E6}
2015-09-20 00:51 - 2015-09-20 00:52 - 00000000 ____D C:\Users\Steve\AppData\Local\{F10F2A0F-E228-47B8-80AE-1919C62D5888}
2015-09-19 12:34 - 2015-09-26 09:53 - 00000000 ____D C:\Users\Steve\Desktop\Knowing the Bible
2015-09-18 19:40 - 2015-09-18 19:40 - 00000000 ___HD C:\Users\Steve\temp.1907890779
2015-09-18 19:13 - 2015-09-19 07:16 - 00000000 ____D C:\Users\Steve\AppData\Local\{FC3EA153-72D1-477D-BD74-86CD9B891150}
2015-09-17 22:32 - 2015-09-17 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2015-09-17 22:32 - 2015-09-17 22:32 - 00000000 ____D C:\Program Files (x86)\Fitbit Connect
2015-09-17 22:22 - 2015-09-17 22:32 - 00000000 ____D C:\ProgramData\FitbitConnect
2015-09-17 22:22 - 2015-09-17 22:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-17 21:12 - 2015-09-17 21:12 - 00000000 ____D C:\Users\Steve\AppData\Local\{13D1FDE9-77A8-4A45-A838-65DC12A69CE2}
2015-09-17 05:24 - 2015-09-17 05:24 - 00000000 ____D C:\Users\Steve\AppData\Local\{DEF039EE-9EC4-44FA-8D5E-FC4FD8B47AE6}
2015-09-16 16:46 - 2015-09-16 16:47 - 00000000 ____D C:\Users\Steve\AppData\Local\{D94367C7-9117-43D6-9EFA-16A9DA77D67D}
2015-09-15 23:10 - 2015-09-15 23:10 - 00000000 ____D C:\Users\Steve\AppData\Local\{0E6C43D8-75B2-48A8-9334-19BF75D233EC}
2015-09-15 07:12 - 2015-09-15 07:12 - 00000000 ____D C:\Users\Steve\AppData\Local\{C05D402D-CE47-40B4-AB90-6E41A0922EDC}
2015-09-13 21:03 - 2015-09-13 21:04 - 00000000 ____D C:\Users\Steve\AppData\Local\{B2ADEDC2-8BE4-44C3-8585-F09F7C68EBDB}
2015-09-12 03:46 - 2015-09-12 03:46 - 00080438 _____ C:\Users\Steve\Downloads\DSCN0293.jpeg
2015-09-12 03:40 - 2015-09-12 04:13 - 00000000 ____D C:\Users\Steve\Desktop\Dad (thompson) funeral
2015-09-12 03:08 - 2015-09-12 03:08 - 00000000 ____D C:\Users\Steve\AppData\Local\{93335F0D-348A-4480-BE08-9C457328D20F}
2015-09-10 01:58 - 2015-09-21 19:37 - 00000000 ___HD C:\$Windows.~BT
2015-09-10 00:20 - 2015-08-17 20:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 00:20 - 2015-08-17 20:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 00:20 - 2015-08-15 01:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 00:20 - 2015-08-15 01:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-10 00:20 - 2015-08-15 01:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-10 00:20 - 2015-08-15 01:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-10 00:20 - 2015-08-15 01:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-10 00:20 - 2015-08-15 01:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 00:20 - 2015-08-15 01:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 00:20 - 2015-08-15 01:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-10 00:20 - 2015-08-15 01:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-10 00:20 - 2015-08-15 01:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-10 00:20 - 2015-08-15 01:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-10 00:20 - 2015-08-15 01:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 00:20 - 2015-08-15 01:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-10 00:20 - 2015-08-15 01:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 00:20 - 2015-08-15 01:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-10 00:20 - 2015-08-15 01:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-10 00:20 - 2015-08-15 01:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-10 00:20 - 2015-08-15 01:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 00:20 - 2015-08-15 00:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-10 00:20 - 2015-08-15 00:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-10 00:20 - 2015-08-15 00:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-10 00:20 - 2015-08-15 00:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-10 00:20 - 2015-08-15 00:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-10 00:20 - 2015-08-15 00:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-10 00:20 - 2015-08-15 00:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 00:20 - 2015-08-15 00:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-10 00:20 - 2015-08-15 00:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-10 00:20 - 2015-08-15 00:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-10 00:20 - 2015-08-15 00:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-10 00:20 - 2015-08-15 00:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-10 00:20 - 2015-08-15 00:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 00:20 - 2015-08-15 00:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-10 00:20 - 2015-08-15 00:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-10 00:20 - 2015-08-15 00:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-10 00:20 - 2015-08-15 00:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 00:20 - 2015-08-15 00:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-10 00:20 - 2015-08-15 00:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-10 00:20 - 2015-08-15 00:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 00:20 - 2015-08-15 00:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 00:20 - 2015-08-15 00:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 00:20 - 2015-08-15 00:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-10 00:20 - 2015-08-15 00:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-10 00:20 - 2015-08-15 00:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 00:20 - 2015-08-15 00:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-10 00:20 - 2015-08-15 00:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-10 00:20 - 2015-08-15 00:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-10 00:20 - 2015-08-15 00:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-10 00:20 - 2015-08-15 00:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 00:20 - 2015-08-15 00:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 00:20 - 2015-08-15 00:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 00:20 - 2015-08-15 00:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 00:20 - 2015-08-15 00:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 00:20 - 2015-08-15 00:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-10 00:20 - 2015-08-14 23:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 00:20 - 2015-08-14 23:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 00:20 - 2015-08-14 23:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 00:20 - 2015-08-14 23:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 00:20 - 2015-08-14 23:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 23:59 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 23:59 - 2015-08-05 12:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 23:59 - 2015-08-05 12:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 23:59 - 2015-08-05 12:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 23:54 - 2015-07-14 22:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 23:54 - 2015-07-14 21:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 23:54 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 23:54 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 23:54 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 23:54 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 23:49 - 2015-07-22 19:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 23:49 - 2015-07-22 19:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 23:49 - 2015-07-22 19:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 23:49 - 2015-07-22 19:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 23:49 - 2015-07-22 19:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 23:49 - 2015-07-22 19:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 23:49 - 2015-07-22 19:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 23:49 - 2015-07-22 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 23:49 - 2015-07-22 19:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 23:49 - 2015-07-22 19:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 23:49 - 2015-07-22 19:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 23:49 - 2015-07-22 19:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 23:49 - 2015-07-22 19:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 23:49 - 2015-07-22 19:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 23:49 - 2015-07-22 18:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 23:49 - 2015-07-22 18:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 18:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 23:49 - 2015-07-22 12:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 23:49 - 2015-07-22 12:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 23:49 - 2015-07-22 12:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 23:49 - 2015-07-22 12:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 23:49 - 2015-07-22 12:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 23:49 - 2015-07-22 12:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 23:49 - 2015-07-22 12:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 23:49 - 2015-07-22 12:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 23:49 - 2015-07-22 12:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 23:49 - 2015-07-22 12:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 23:49 - 2015-07-22 12:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 23:49 - 2015-07-22 12:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 23:49 - 2015-07-22 12:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 23:49 - 2015-07-22 11:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 23:49 - 2015-07-22 11:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 23:49 - 2015-07-22 11:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 23:49 - 2015-07-22 11:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 23:49 - 2015-07-22 11:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 23:49 - 2015-07-22 11:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 11:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 11:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 23:49 - 2015-07-22 11:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 23:49 - 2015-06-25 05:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 23:49 - 2015-06-25 05:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 23:49 - 2015-06-25 05:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 23:49 - 2015-06-25 04:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 23:48 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 23:48 - 2015-08-27 13:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 23:48 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 23:48 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 23:48 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 23:48 - 2015-08-27 12:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 23:48 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 23:48 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 23:48 - 2015-08-04 13:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 23:48 - 2015-08-04 13:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 23:48 - 2015-08-04 12:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 23:48 - 2015-08-04 12:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 23:48 - 2015-08-04 12:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 23:48 - 2015-08-04 12:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 23:48 - 2015-08-04 12:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 23:48 - 2015-08-04 12:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 23:48 - 2015-08-04 11:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 23:47 - 2015-09-01 22:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 23:47 - 2015-09-01 22:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 23:47 - 2015-09-01 22:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 23:47 - 2015-09-01 22:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 23:47 - 2015-09-01 21:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 23:47 - 2015-09-01 21:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 23:47 - 2015-09-01 21:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 23:47 - 2015-09-01 21:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 23:47 - 2015-09-01 20:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 23:47 - 2015-09-01 20:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 23:47 - 2015-09-01 20:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 23:47 - 2015-08-26 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 23:47 - 2015-08-26 13:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 23:47 - 2015-08-26 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 23:47 - 2015-08-26 13:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 23:47 - 2015-08-26 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 23:47 - 2015-08-26 12:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 23:47 - 2015-08-26 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 23:47 - 2015-08-26 12:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 23:47 - 2015-08-26 12:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 23:47 - 2015-08-26 12:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 22:59 - 2015-09-09 22:59 - 00000000 ____D C:\Users\Steve\AppData\Local\{9501132A-872F-451D-BA42-E21CEEEE8F3E}
2015-09-06 16:25 - 2015-09-07 08:31 - 00000000 ____D C:\Users\Steve\AppData\Local\{C40390A2-E87F-4193-A0E7-318167BE8B57}
2015-09-06 01:37 - 2015-09-06 01:38 - 00000000 ____D C:\Users\Steve\AppData\Local\{53BB9535-C38D-4DE1-B1FB-B53EB830ACA7}
2015-09-05 09:42 - 2015-09-05 09:42 - 00000000 ____D C:\Users\Steve\AppData\Local\{A3C0DD48-168E-44A4-B59A-AB97B664335D}
2015-09-03 22:13 - 2015-09-03 22:13 - 00000000 ____D C:\Users\Steve\AppData\Local\{4F080315-0FD8-4262-AE8B-E275DAF1EBC5}
2015-09-03 10:12 - 2015-09-03 10:12 - 00000000 ____D C:\Users\Steve\AppData\Local\{7D1DD15B-9EEA-4743-A198-AB0830B49910}
2015-09-02 19:03 - 2015-09-02 19:03 - 00000000 ____D C:\Users\Steve\AppData\Local\{38871D19-E5A6-463B-B5F5-8129F71E4048}
2015-09-02 06:55 - 2015-09-02 06:55 - 00000000 ____D C:\Users\Steve\AppData\Local\{118FCE36-B2B6-4221-9706-A28E620EF89B}
2015-09-02 02:36 - 2015-09-02 07:49 - 00000000 ____D C:\Users\Steve\Desktop\reorganized
2015-09-01 05:24 - 2015-09-02 01:03 - 00000000 ____D C:\Users\Steve\Desktop\for slide show (3)
2015-09-01 05:05 - 2015-09-12 03:08 - 00000000 ____D C:\Users\Steve\Desktop\New folder (2)
2015-09-01 05:01 - 2015-09-01 17:03 - 00000000 ____D C:\Users\Steve\AppData\Local\{CF1A503A-D4AA-43C8-80F9-DC9405E04D71}
2015-08-31 12:41 - 2015-08-31 12:41 - 00000000 ____D C:\Users\Steve\AppData\Local\{584D4F88-DF22-4073-B219-01ED01E30511}
2015-08-31 02:01 - 2015-08-31 02:02 - 00000000 _____ C:\Users\Steve\Downloads\Grandpa  Thompson and kids.jpeg.yfiiwu2.partial

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 21:10 - 2010-02-23 11:07 - 01774043 _____ C:\Windows\WindowsUpdate.log
2015-09-30 21:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-30 21:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-30 20:34 - 2012-04-04 17:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-30 20:20 - 2011-12-26 12:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-30 19:55 - 2010-06-22 10:49 - 00000000 ____D C:\Users\Steve\Tracing
2015-09-30 19:54 - 2011-12-26 12:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-30 19:54 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 19:54 - 2009-07-13 23:51 - 00344390 _____ C:\Windows\setupact.log
2015-09-30 19:53 - 2010-05-31 18:00 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-09-29 22:18 - 2012-06-08 16:21 - 00000000 ____D C:\Users\Steve\AppData\Roaming\Skype
2015-09-29 20:22 - 2013-12-10 07:54 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-26 23:52 - 2011-04-13 21:02 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-09-26 23:52 - 2011-04-13 21:02 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-09-23 21:22 - 2010-05-16 16:22 - 00740608 _____ C:\Windows\PFRO.log
2015-09-22 02:13 - 2015-05-01 04:51 - 00000000 ____D C:\Users\Steve\AppData\Roaming\Apple Computer
2015-09-21 20:51 - 2015-04-30 16:51 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-21 20:50 - 2015-04-30 16:50 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-21 20:50 - 2015-04-30 16:50 - 00000000 ____D C:\ProgramData\Apple
2015-09-21 19:41 - 2009-12-04 20:46 - 00000000 ____D C:\Windows\Panther
2015-09-21 19:35 - 2012-04-04 17:17 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 19:35 - 2012-04-04 17:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 19:35 - 2011-12-26 18:45 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-18 19:40 - 2010-05-16 07:53 - 00000000 ____D C:\Users\Steve
2015-09-17 21:09 - 2009-07-14 00:08 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-17 19:22 - 2010-05-31 18:17 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-16 17:04 - 2015-07-24 06:45 - 00000000 ____D C:\Program Files\daugava
2015-09-16 16:39 - 2012-11-07 18:37 - 00066736 _____ C:\Windows\system32\Drivers\fsbts.sys
2015-09-15 23:15 - 2011-12-26 12:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 23:15 - 2011-12-26 12:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-12 10:43 - 2013-06-22 06:50 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForSteve.job
2015-09-12 09:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-09-12 04:51 - 2013-06-22 06:50 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSteve
2015-09-12 04:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-12 03:11 - 2009-07-14 00:13 - 00006222 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 03:06 - 2013-08-09 08:48 - 00000000 ____D C:\Users\Steve\Desktop\Summer 2013 pics  Part 3
2015-09-12 03:04 - 2009-07-13 23:45 - 00351088 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 03:01 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 00:21 - 2010-05-16 20:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 23:28 - 2013-07-26 13:29 - 00000000 ____D C:\Users\Steve\Desktop\Pickard Pics 2011-11-27
2015-09-05 16:23 - 2011-04-14 06:34 - 00000000 ____D C:\Users\Steve\Documents\My Scans
2015-09-02 07:50 - 2014-05-14 04:04 - 00000000 ____D C:\Users\Steve\Desktop\Diane work mileage,meetings
2015-09-01 08:55 - 2015-08-28 23:48 - 00000000 ____D C:\Users\Steve\Desktop\New folder
2015-09-01 08:08 - 2010-05-22 07:23 - 00000000 ____D C:\Users\Steve\Desktop\My Investments
2015-09-01 05:03 - 2014-03-30 15:32 - 00000000 ____D C:\Users\Steve\Desktop\Pics of Grandpa for Funeral
2015-08-31 02:01 - 2015-08-30 07:41 - 00000000 _____ C:\Users\Steve\Desktop\Grandpa  Thompson and kids.jpeg.yfiiwu2.partial

==================== Files in the root of some directories =======

2012-11-24 12:46 - 2012-11-24 12:53 - 0000042 _____ () C:\Users\Steve\AppData\Roaming\wklnhst.dat
2010-10-08 18:21 - 2010-10-08 18:21 - 0054712 _____ () C:\Users\Steve\AppData\Local\tmp20101002_30D_0250.0
2010-10-08 18:21 - 2010-10-08 18:21 - 0055803 _____ () C:\Users\Steve\AppData\Local\tmp20101002_30D_0250.JPG
2010-12-28 18:33 - 2010-12-29 15:35 - 3994342 _____ () C:\Users\Steve\AppData\Local\tmpIMG_0353.JPG
2010-12-28 18:34 - 2010-12-28 18:34 - 0669882 _____ () C:\Users\Steve\AppData\Local\tmpIMG_0353_CROP.0
2010-12-28 18:34 - 2010-12-28 18:37 - 0669882 _____ () C:\Users\Steve\AppData\Local\tmpIMG_0353_CROP.JPG
2010-11-27 08:35 - 2010-11-27 08:35 - 0622717 _____ () C:\Users\Steve\AppData\Local\tmpSCAN0001.0
2010-11-27 08:35 - 2010-11-27 08:35 - 0170385 _____ () C:\Users\Steve\AppData\Local\tmpSCAN0001.JPG
2010-10-10 23:18 - 2010-10-10 23:18 - 0803189 _____ () C:\Users\Steve\AppData\Local\tmpSCAN0003.0
2010-10-10 23:18 - 2010-10-10 23:18 - 0287323 _____ () C:\Users\Steve\AppData\Local\tmpSCAN0003.1
2010-10-10 23:18 - 2010-10-10 23:18 - 0279709 _____ () C:\Users\Steve\AppData\Local\tmpSCAN0003.JPG
2014-12-30 23:00 - 2014-12-30 23:00 - 0000000 _____ () C:\Users\Steve\AppData\Local\{62661307-DA71-4202-9E4A-68E958F06D9A}
2014-02-28 22:41 - 2014-02-28 22:41 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-16 19:38 - 2011-03-04 19:16 - 0002147 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Steve\AppData\Local\Temp\6o6ijvn3.dll
C:\Users\Steve\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Steve\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Steve\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Steve\AppData\Local\Temp\iihag4je.dll
C:\Users\Steve\AppData\Local\Temp\install_flashplayer11x32ax_chra_awa_aih.exe
C:\Users\Steve\AppData\Local\Temp\install_flashplayer11x32ax_chra_awa_aih_1.exe
C:\Users\Steve\AppData\Local\Temp\install_flashplayer11x32ax_mssa_awe_aih.exe
C:\Users\Steve\AppData\Local\Temp\LMIRescue001.exe
C:\Users\Steve\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Steve\AppData\Local\Temp\ose00000.exe
C:\Users\Steve\AppData\Local\Temp\pecb72ee.dll
C:\Users\Steve\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_64.exe
C:\Users\Steve\AppData\Local\Temp\qzlkmp7f.dll
C:\Users\Steve\AppData\Local\Temp\Resource.exe
C:\Users\Steve\AppData\Local\Temp\sboxbing_717_active.exe
C:\Users\Steve\AppData\Local\Temp\Shortcut_sbtb_install.exe
C:\Users\Steve\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Steve\AppData\Local\Temp\sp53904.exe
C:\Users\Steve\AppData\Local\Temp\sp54931.exe
C:\Users\Steve\AppData\Local\Temp\sp58915.exe
C:\Users\Steve\AppData\Local\Temp\sp64126.exe
C:\Users\Steve\AppData\Local\Temp\uninstaller.exe
C:\Users\Steve\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Steve\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Steve\AppData\Local\Temp\vvloumcu.dll
C:\Users\Steve\AppData\Local\Temp\WSSetup.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2011-04-13 21:02] - [2015-09-26 23:52] - 0357888 ____A (Microsoft Corporation) 7E738A6AE051648FE3B65E6DCAEDDE8A

C:\Windows\SysWOW64\dnsapi.dll
[2011-04-13 21:02] - [2015-09-26 23:52] - 0270336 ____A (Microsoft Corporation) FA1BBF611B8045C10F1BEAB4E7D84A7C

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-21 22:48

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Steve (2015-09-30 21:18:23)
Running from C:\Users\Steve\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-16 12:53:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3926269040-4061506150-889370240-500 - Administrator - Disabled)
Guest (S-1-5-21-3926269040-4061506150-889370240-501 - Limited - Disabled)
Steve (S-1-5-21-3926269040-4061506150-889370240-1001 - Administrator - Enabled) => C:\Users\Steve

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Computer Security (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Security (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4700 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.25.1010.0 - Logitech) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Computer Security 14.106.104.0 (release) (x32 Version: 14.106.104.0 - F-Secure Corporation) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
daugava 2.0.0.701 (HKLM\...\{f179b4aa-3249-4e0e-a45a-8519d6bcd424}_is1) (Version: 2.0.0.701 - daugava)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fitbit Connect (HKLM-x32\...\{F76678F2-2FF6-40D7-9B16-A39B0A820ED2}) (Version: 1.0.3.5512 - Fitbit Inc.)
FoxTab PDF Creator (HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\FoxTab PDF Creator) (Version:  - ) <==== ATTENTION
Frontier Secure (HKLM-x32\...\F-Secure ServiceEnabler 53784) (Version: 2.06.303.0 - F-Secure Corporation)
Frontier Secure (x32 Version: 2.06.303.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 1.1.25.2280 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.136 (x32 Version: 1.02.136 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.146.0 (release) (x32 Version: 1.03.146.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Help (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
Lexicon Alpha ASIO (remove only) (HKLM-x32\...\Alpha ASIO driver) (Version:  - )
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version:  - Lexicon)
Lexicon Alpha Driver (Version: 2.6 - Lexicon) Hidden
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version:  - )
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LWS VideoEffects (Version: 13.25.1005.0 - Logitech) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaFireDownloader (HKLM-x32\...\MediafireToolbar) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Smilebox (HKU\S-1-5-21-3926269040-4061506150-889370240-1001\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steinberg Cubase LE 4 (HKLM-x32\...\{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}) (Version: 4.0.3.2233 - Steinberg Media Technologies GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syncrosoft License Control (HKLM-x32\...\Syncrosoft License Control) (Version:  - SIA Syncrosoft)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Updater By Smilebox 2.0.0.607 (HKLM\...\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}_is1) (Version: 2.0.0.607 - Smilebox)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

12-09-2015 03:15:42 Windows Update
17-09-2015 22:21:41 Installed Fitbit Connect
17-09-2015 22:31:21 Installed Fitbit Connect
17-09-2015 22:40:50 Windows Update
21-09-2015 19:27:22 Windows Update
21-09-2015 20:50:39 Installed iTunes
30-09-2015 18:50:42 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A942DFE-68FA-4FA1-A215-1BEFC07891FD} - System32\Tasks\HP AR Program Upload - 023c148b33854da8b45c613f79d2318d4dc53b2377ae429984787017d7c4b2a5 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {0C0A9356-B069-4DC8-98CF-1F0A8EC9B006} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1F67D0CF-6E2B-4DCF-BF23-0DCEBA1533B5} - System32\Tasks\HP AR Program Upload - 8ca8925b3ae3404ea208616c21740ee22ca3e3d6f4eb4d28b182bfe425b70d3a => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {268101DD-2EEB-4164-AC3F-05A17C1638A4} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2FB45621-D078-4A68-A022-059F35EB64D3} - System32\Tasks\{6CFCE731-7B6A-4142-B12D-C635FDE0F683} => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14] ()
Task: {35520BE7-D3F3-41AF-A2DB-362EC2CBD8B3} - System32\Tasks\Cawlez => C:\Program Files\daugava\Irosioe.bat [2015-07-22] ()
Task: {3DCE0005-634D-44A1-92CF-6A6CE14B01C9} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {3E63873E-F85F-43D1-8F2C-6C45FB75C298} - System32\Tasks\{CD347687-4CF8-417C-BB92-9F97BB664A0D} => C:\Users\Steve\Downloads\install_flashplayer11x32ax_mssa_awe_aih.exe [2013-12-14] (Solid State Networks)
Task: {52368831-CDD3-438A-9F27-8591D7EEFA9D} - System32\Tasks\{C8DD1CB5-F922-4B6D-A32A-22540DCE21C3} => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14] ()
Task: {553352A4-2A00-4F61-ACEB-E478A014BB4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {67984DBA-D253-45C7-AA30-34BA06C36DE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6AE28481-BAF2-4134-8E3B-923685060115} - System32\Tasks\{F0B14391-860C-48E5-9411-BC6C10F617A3} => C:\Users\Steve\Downloads\install_flashplayer11x32ax_mssa_awe_aih.exe [2013-12-14] (Solid State Networks)
Task: {761AFE6F-E4AB-4F04-B426-9E86E533F237} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {7D9A3CD5-7873-4405-B61A-D85412E21FE3} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {7E68F6CD-742E-4F07-B475-9FBBB3827363} - System32\Tasks\HP AR Program Upload - cd7d9cf752ee495f96c465beac06f398f4e12eb242b24fb292c0a8e5cc01bcc8 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {87CA5F48-1C70-47B5-8C11-E54B441F217F} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {89543B8D-BA48-4234-8775-F050737B4D30} - System32\Tasks\{61AC5404-5633-46BF-B7DE-E25536B56AC8} => C:\Users\Steve\Downloads\install_flashplayer11x32ax_mssa_awe_aih.exe [2013-12-14] (Solid State Networks)
Task: {8E26F7F3-47AD-4058-AF5D-574A2C8A46B7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN3CI8RH0N => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {8F75C291-D268-435C-B758-947261A11118} - System32\Tasks\{B2420DB0-4FD6-4786-AC15-6CE9E878A19E} => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
Task: {A893202A-D414-47BA-9098-B2C3853B8B9A} - System32\Tasks\HP AR Program Upload - e137f18868d1440a812dacee080fe46ce6f69cf7fd784789a133654d3a4a9c6b => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A998623B-C64E-4419-986B-33F61578400A} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {ABBAD156-10B7-4F1D-AE3E-2D7CBBC8FE23} - System32\Tasks\HP AR Program Upload - 6425e6c31bed4d86a4ff7ce7e3a5f9d510fc7ae6f0fe4631afe87611b46014dd => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {B0012B06-3F13-465F-9151-B9130400AD99} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {B6295353-CB0F-4A70-98F5-82CCF82D9B52} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {B63B3D2E-4D12-4EB9-8FD1-05CD31263057} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {BB9BF087-C2E6-4FC6-AE93-09A490D72D7F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {BFA327DA-38CC-460B-ACC6-5725A2F40880} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {DF7CB552-D34B-41DF-BC28-B47EFE7E63BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FEEB60EB-044C-4AD8-96F8-93E3BCC317BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FFCCF4D5-A66F-4B74-B175-1AC87B3994B2} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSteve.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

==================== Loaded Modules (Whitelisted) ==============

2015-09-15 14:25 - 2015-09-15 14:25 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-22 17:25 - 2013-07-01 11:56 - 00188760 _____ () C:\Program Files\Updater By Smilebox\ExtensionUpdaterService.exe
2015-07-24 06:45 - 2015-07-22 17:55 - 00296608 _____ () C:\Program Files\daugava\Esrqqdf64.DLL
2009-09-14 19:17 - 2009-09-14 19:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2015-07-24 06:45 - 2015-07-22 17:55 - 00463520 _____ () C:\Program Files\daugava\Ejemidvlf64.exe
2015-07-24 06:45 - 2015-07-22 17:55 - 00276640 _____ () C:\Program Files\daugava\Wqzaon64.DLL
2011-03-01 23:13 - 2011-03-01 23:13 - 00203096 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-03-22 23:56 - 2011-03-22 23:56 - 00687448 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2012-11-02 19:16 - 2015-06-12 07:33 - 00045608 _____ () C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\FSAVHRES.ENG
2013-05-15 16:05 - 2013-05-15 16:05 - 00220096 _____ () C:\Program Files (x86)\Frontier\daas2.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-04-09 18:04 - 2009-04-09 18:04 - 02141008 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 07704400 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
2009-04-22 16:53 - 2009-04-22 16:53 - 00969040 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00475472 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00363856 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00200016 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
2010-08-27 16:53 - 2010-08-27 16:53 - 00027472 _____ () C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 11311952 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00291664 _____ () C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
2010-08-27 16:54 - 2010-08-27 16:54 - 00751616 _____ () C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00029008 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00035152 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00138064 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
2011-03-03 20:26 - 2011-03-03 20:26 - 00181592 _____ () C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2009-10-22 21:50 - 2009-10-22 21:50 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2012-11-02 19:16 - 2015-06-12 07:33 - 00056360 _____ () C:\Program Files (x86)\Frontier\apps\ComputerSecurity\FSGUI\fsavures.ENG
2015-07-24 06:54 - 2015-07-24 06:54 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2011-03-30 18:25 - 2011-03-30 18:25 - 00331608 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2012-11-02 19:23 - 2012-11-02 19:23 - 00030888 _____ () C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2012-11-02 19:16 - 2015-06-23 21:10 - 00175144 _____ () C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Gemini\fsgem.dll
2013-06-22 17:25 - 2013-07-01 11:56 - 00169304 _____ () C:\Program Files\Updater By Smilebox\Extension32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Steve\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Steve\Desktop\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Steve\Desktop\Blake's Pics:AFP_AfpInfo
AlternateDataStreams: C:\Users\Steve\Desktop\Koelmels in MN Pics Jun2014:AFP_AfpInfo

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3926269040-4061506150-889370240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Steve^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{604F2030-97C0-41A7-B75E-DCD4A9618AA2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{D782F0F1-2A5D-42A0-9068-494525B85AF0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{361FE903-BB93-44C9-A82D-3EDA6379A674}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{07BECDE9-6DC9-416C-BC1C-E2749AD0BFD7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{D07BF6BC-D2D0-4A0C-9DD5-36A4D2570C02}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{0753623D-4B5A-4F56-90AC-BBFB43DF2411}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{62CAB40F-E2B7-4C4B-A490-2023FDB492FF}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{3F46B99E-D239-46DE-8067-4F1007F3EC95}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{98DCA5FC-A8A4-4FA8-9594-751777048DD7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{26E3CF23-AAC9-48A4-8A35-9DD1BC88465C}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{775AEA58-B711-41B5-BDF1-33DC7D9D16E5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{D657027D-3E22-4188-9497-33252AE39583}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{7FA21080-29C6-4907-B0D9-A1887B185E28}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1DE878F2-3E27-4B91-BBC6-57B7D37E47F2}] => (Allow) svchost.exe
FirewallRules: [{81EFF154-68D7-4D1D-9029-B8A0CB47BBA2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{69DB7479-15F6-4C38-B1D1-B044597FDEE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8017E4F8-93BF-4E27-86D8-5D97277E854E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{23D6A43B-06F4-4D8A-82E3-F9B881DDB49D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{018B0B80-AB19-40BC-80AC-9B0D1D67A0F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FDC78961-DF64-4511-81E8-DB89B3B09605}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{82933160-2992-4251-820C-96A8AA84821E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CA110494-A110-4E11-B9B4-92F02F248318}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{72540A79-BFB4-47D0-8884-D35C68989EE3}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{C268AD53-2C0A-4868-9C0C-90B8E83DB96E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{9239DE43-4CFE-4967-9ACF-FE07589AE950}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4C7CB76F-0ED8-450A-B535-FCC4B920C183}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{95E11886-003F-4D79-B218-EC7EBD6A33F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{E15C59E4-FF24-4152-A603-BA20E538C6D9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{044525DB-6908-4302-96CF-4E6AE28ED515}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5F54C023-4A30-45A1-A437-257EEC99D231}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A28744A3-0FB8-46AC-A752-AE3DC8BB0602}] => (Allow) LPort=2869
FirewallRules: [{8065CDAD-B674-4CE5-82BD-FB301A443BD6}] => (Allow) LPort=1900
FirewallRules: [{AC4C7175-AB58-44BF-A424-9018EE44014B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B07E5FDD-2016-440C-BA36-DEDEB50B2C54}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{58D0D21E-6B9E-4FF6-8835-E8266D293873}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [TCP Query User{C273930E-837D-4D7C-84C2-219C0A54DDAA}C:\users\steve\appdata\local\temp\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\steve\appdata\local\temp\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{03969BE4-35EB-488C-A6C8-B47EFF882FD2}C:\users\steve\appdata\local\temp\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\steve\appdata\local\temp\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{9A35AACA-51E3-4389-8C1F-28133E9E88C8}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{503702B3-D17C-466B-AC4D-581493575535}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{0E8324E4-912C-4C6C-A2E7-9D697EFB5604}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D5B07461-84AD-4DC4-BF09-A8A74DEA12B3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{9342129B-0D50-4421-96E7-D4A553CFD57A}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{8A37C76C-D41F-4808-A21F-137A1CCD8119}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{115883FB-C3EF-4432-BC4C-0E38F59A044C}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{5C3B11B6-0F67-49B2-9246-359AF92DC717}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{90557803-A3C0-4872-9DD0-EBFA8F21F770}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{48169F81-B9C9-41F9-8C04-D0022787F608}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E063DBEA-DFA4-4229-8CD1-5FADE6D80F4F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{547895F5-43F0-4657-992D-E1D5B3E41AA9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{89900363-F7CE-4F4D-B866-2261CB324102}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{24C9E0F3-FF8F-4516-9DDE-B50A9B46C2B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2B9A65BB-F854-4C25-BF71-BEE906896F0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81FBDB84-50DA-4761-BDD3-D404C5B5C14B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{CE5FF7D9-B30D-4BF1-A5EB-1249B8B517D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2015 08:44:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18015, time stamp: 0x55cec14a
Faulting module name: SkypeIEPlugin.dll, version: 7.4.0.9058, time stamp: 0x55434fc7
Exception code: 0xc0000005
Fault offset: 0x00060ae6
Faulting process id: 0x163c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (09/30/2015 08:40:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1574

Start Time: 01d0fbe9eceee361

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (09/30/2015 08:37:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a0

Start Time: 01d0fbe961a57bd5

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (09/30/2015 08:34:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d8

Start Time: 01d0fbe8fa2bc766

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (09/30/2015 07:18:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1658

Start Time: 01d0fbde5771d4c2

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/30/2015 06:52:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8018

Error: (09/30/2015 06:52:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8018

Error: (09/30/2015 06:52:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 06:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

Error: (09/30/2015 06:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020

System errors:
=============
Error: (09/30/2015 07:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%1053

Error: (09/30/2015 07:56:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

Error: (09/30/2015 07:56:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (09/30/2015 07:49:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6BA70EAF-D5FF-4687-829A-A646EEC622F8}

Error: (09/30/2015 07:17:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP Network Devices Support service hung on starting.

Error: (09/30/2015 07:15:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%1053

Error: (09/30/2015 07:15:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

Error: (09/30/2015 07:15:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (09/30/2015 05:28:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (09/30/2015 05:25:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%1053

CodeIntegrity:
===================================
  Date: 2012-11-02 18:04:38.739
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-02 18:04:38.661
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-02 11:33:41.925
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-02 11:33:41.847
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 16:44:59.908
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 16:44:59.830
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 16:21:24.114
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 16:21:24.036
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 15:22:37.491
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-01 15:22:37.413
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8400 @ 2.66GHz
Percentage of memory in use: 33%
Total physical RAM: 8157.18 MB
Available physical RAM: 5445.54 MB
Total Virtual: 16312.38 MB
Available Virtual: 12719.67 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.8 GB) (Free:753.05 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.61 GB) (Free:1.55 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Dad slide Show) (CDROM) (Total:0.03 GB) (Free:0 GB) UDF
Drive f: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:889.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D46868D4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 189.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hello swilcox1949 and :welcome:

My name is Bruce1270 and I will be helping you with your malware problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

A few things before we get started.
  • Please read all instructions carefully. If there is anything you do not understand please ask me first before doing anything.
  • Please be patient. I am a volunteer who does this in my spare time so I will try to get back to you as soon as possible.
  • Please follow all instructions in the order given.
  • Please do not install any other software unless advised. This may hinder the removal process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • Please make sure you reply within 4 days to my responses, if there is no reply within 4 days, the topic will be closed and you will need to request the topic be reopened.


    Important!

    Please save or print off these instructions. Part of this fix may require you to be in safe mode where you will not be able to access the internet or my instructions!

    I would strongly recommend you back up your personal data and folders before we begin.

    Malware removal can be very long, complicated and may take multiple steps. I understand this may be frustrating but please stay with this topic until your machine is declared clean. The results will hopefully be very rewarding. :happy:
    As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

    OK. Let's move on.

    I'm analysing your logs and will post a fix soon. :)

  • 0

#3
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi Swilcox1949

Apologies for the delay.

Let's get this cleaned up for you. :)

Step1 - Remove unwanted programs

Please uninstall the following unwanted programs:

Coupon Printer for Windows
Daugava 2.0.0.701
FoxTab PDF Creator
Smilebox
Updater By Smilebox 2.0.0.607


Note: If any of the programs are not listed, proceed to the next one and work through the list.

To do this:
Please go to Start Menu -> Control Panel -> Uninstall a program or Programs and Features
In the list of installed programs locate and click on the program to uninstall e.g. Coupon Printer for Windows.
Click uninstall.
Repeat the above steps for all the other programs to remove.


Step2 - FRST fix


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Download the attached fixlist.txt to your desktop.Attached File  fixlist.txt   3.14KB   35 downloads
  • Ensure fixlist.txt is in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.

    Things for your next post:
  • Let me know if any issues uninstalling any of the programs
  • fixlog.txt
  • How is the computer now?

  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP