Solved I-Search -amigo

[Solved] I-Search -amigo

Browsers are directed to isearch-amigo...Cant change?

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/28/2014
Scan Time: 2:39:16 PM
Logfile: mb.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.28.08
Rootkit Database: v2014.12.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Stan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 378138
Time Elapsed: 30 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 30
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Quarantined, [2e0a7fe9c4b83cfa0ddaa19c1ee5db25],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [2e0a7fe9c4b83cfa0ddaa19c1ee5db25],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [cc6c194fafcd2f07b88c45fb897a5aa6],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [cc6c194fafcd2f07b88c45fb897a5aa6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],

Files: 9
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, Quarantined, [2e0a7fe9c4b83cfa0ddaa19c1ee5db25],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Quarantined, [cc6c194fafcd2f07b88c45fb897a5aa6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantined, [50e8da8e4c30ec4adb755ee8a261c53b],

Physical Sectors: 0
(No malicious items detected)


(end)

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/14/2011 3:41:40 AM
System Uptime: 12/28/2014 3:18:07 PM (0 hours ago)
.
Motherboard: TOSHIBA | | NALAE
Processor: AMD Phenom(tm) II N660 Dual-Core Processor | Socket M2/S1G1 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 290.771 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {1378e71b-ab4d-4348-af26-cba56b12969e}
Description: StorLib bus (virtual storages support)
Device ID: ROOT\STORLIB\0000
Manufacturer: SugarSync
Name: StorLib bus (virtual storages support)
PNP Device ID: ROOT\STORLIB\0000
Service: SSCBFS3
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Community Help
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop Elements 10
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Pro CS3 Functional Content
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
AIM 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Bonjour
Box Sync
Brother MFL-Pro Suite MFC-7360N
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Corel WinDVD
D3DX10
DHTML Editing Component
Digital Sound Factory Session Drummer 3 Acoustic Kits
Dropbox
Elements 10 Organizer
FileZilla Client 3.9.0.6
Focusrite Scarlett Plug-in Suite 1.1
Focusrite USB 2.0 Audio Driver 2.4
Google Chrome
Google Drive
Google Update Helper
honestech VHS to DVD 4.0 HD
hppLaserJetService
hppM1130M1210SeriesLaserJetService
hppusgM1130M1210Series
iTunes
Java 7 Update 60 (64-bit)
Java 7 Update 67
Java 8 Update 25
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Lagarith lossless video codec (Remove Only)
Licensing Service Install
Line 6 Uninstaller
Malwarebytes Anti-Malware version 2.0.4.1028
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Nuance PaperPort 12
Nuance PDF Viewer Plus
PaperPort Image Printer 64-bit
PDF Settings
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
PSE10 STI Installer
QuickTime 7
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver
Realtek WLAN Driver
SanDiskSecureAccess_Manager.exe
Scansoft PDF Professional
SeaMonkey 2.26 (x86 en-US)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
SONAR X3 (x64)
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
Visual Studio 2008 x64 Redistributables
Winamp
Winamp Detector Plug-in
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
12/28/2014 4:05:59 AM, Error: Application Popup [1060] - \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/28/2014 3:18:26 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\Rtlihvs.dll Error Code: 126
12/28/2014 12:05:48 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 252.
12/28/2014 1:11:35 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
12/26/2014 9:24:10 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 169.254.155.167, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
12/26/2014 10:30:01 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
.
==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 11.25.2
Run by Stan at 15:22:27 on 2014-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2281 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Hp\HP UT LEDM\bin\hppusg.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uDefault_Page_URL = www.google.com
mStart Page = www.google.com
mSearch Page = www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = www.google.com
mCustomizeSearch = www.google.com
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Stan\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
mRun: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\ "
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe "
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe "
mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini "
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{43301DB2-110B-4452-BBCD-A8822DAD9703} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{4BCFD5F1-5076-4A1B-892A-EAD491BB5833} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4BCFD5F1-5076-4A1B-892A-EAD491BB5833}\378696E6970796E656 : DHCPNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
TCP: Interfaces\{4BCFD5F1-5076-4A1B-892A-EAD491BB5833}\44F6366515D27657563747 : DHCPNameServer = 75.75.76.76 75.75.75.75 192.168.33.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mSearch Page = www.google.com
x64-mDefault_Page_URL = www.google.com
x64-mDefault_Search_URL = www.google.com
x64-mSearchAssistant = www.google.com
x64-mCustomizeSearch = www.google.com
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Stan\AppData\Roaming\Mozilla\Firefox\Profiles\rcne8d28.default-1419756545963\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-10-22 55856]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-3-22 202752]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672]
R2 regi;regi;C:\windows\System32\drivers\regi.sys [2011-3-22 14112]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-10-9 266240]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 NIWinCDEmu;ISO Mounter driver;C:\windows\System32\drivers\NIWinCDEmu.sys [2012-2-5 111696]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-3-22 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-10-8 941784]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2013-5-2 1514568]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-3-22 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\Hp\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\windows\System32\drivers\BrSerIb.sys [2013-5-22 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\windows\System32\drivers\BrUsbSib.sys [2013-5-22 21872]
S3 CCUSBMIDI;CASIO USB MIDI;C:\windows\System32\drivers\ccusbmid.sys [2012-2-24 26624]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;C:\windows\System32\drivers\ffusb2audio.sys [2013-2-5 125304]
S3 HP1210FAX;HP1210MFP FAX;C:\windows\System32\drivers\HPM1210FAX.sys [2014-10-2 16896]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 mvusbews;USB EWS Device;C:\windows\System32\drivers\mvusbews.sys [2012-12-24 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-1 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-3-22 232992]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-3-22 1143912]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\drivers\RTL8192su.sys [2010-9-29 695400]
S3 TridVid;USB2.0 VIDBOX NM;C:\windows\System32\drivers\tridvid.sys [2012-1-5 292056]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-5-6 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-5-15 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open= "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe ", "%1 "
.
=============== Created Last 30 ================
.
2014-12-28 08:58:23 35064 ----a-w- C:\windows\System32\drivers\TrueSight.sys
2014-12-28 07:16:08 165376 ----a-w- C:\windows\SysWow64\unrar.dll
2014-12-28 05:28:06 -------- d-----w- C:\Users\Stan\AppData\Roaming\uTorrent
2014-12-28 04:59:28 -------- d-----w- C:\Program Files (x86)\hide.me VPN
2014-12-28 01:02:48 -------- d-----w- C:\Users\Stan\AppData\Local\{C898BF97-59FE-48A6-A75C-21A838C07FAF}
2014-12-27 23:17:08 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AA365D5-A21E-4A8D-A335-B24B0DE25C28}\mpengine.dll
2014-12-26 22:36:35 -------- d-----w- C:\Program Files\Common Files\Avid
2014-12-26 22:36:35 -------- d-----w- C:\Program Files (x86)\Common Files\Avid
2014-12-26 22:24:53 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-26 21:23:57 -------- d-----w- C:\Users\Stan\AppData\Local\{60D04938-B690-444F-A46A-61A3470BB228}
2014-12-22 18:20:30 -------- d-----w- C:\Users\Stan\AppData\Local\{6C1446BE-C221-409B-8EFC-16DFDBBB361E}
2014-12-21 19:40:31 -------- d-----w- C:\Users\Stan\AppData\Local\{E08607E2-886B-46F5-9F18-8DD71A5F94A2}
2014-12-21 02:41:52 -------- d-----w- C:\Users\Stan\AppData\Local\{FCCA275C-25C7-476F-9737-D4BF8949EECB}
2014-12-20 01:34:41 -------- d-----w- C:\Users\Stan\AppData\Local\Valassis
2014-12-20 01:07:57 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{970F52B4-C073-464A-9D25-0E40A6821084}\gapaengine.dll
2014-12-19 18:23:05 -------- d-----w- C:\Users\Stan\AppData\Local\{7D322872-4AD2-46C6-9000-43E649D19AEE}
2014-12-18 18:40:54 -------- d-----w- C:\Users\Stan\AppData\Local\{F7A1DE85-A173-4336-9302-474742F16F81}
2014-12-17 20:25:43 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2014-12-17 20:25:43 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-12-17 20:25:35 -------- d-----w- C:\Users\Stan\AppData\Local\{471D33A2-82A9-4CE0-B872-03541E2BA5E1}
2014-12-16 19:18:19 -------- d-----w- C:\Users\Stan\AppData\Local\{A8FDD61C-3A69-400C-A96F-990E7A773B2B}
2014-12-16 07:17:26 -------- d-----w- C:\Users\Stan\AppData\Local\{8E4C8A44-3E65-4CA4-A3E4-01E0BE900579}
2014-12-15 19:17:12 -------- d-----w- C:\Users\Stan\AppData\Local\{A76D459E-E0D7-4DB6-8072-90AFFBF54DB1}
2014-12-14 23:15:27 -------- d-----w- C:\Users\Stan\AppData\Local\{11BD4924-E1FF-4D5B-BA52-945DD5843BD8}
2014-12-12 16:33:39 -------- d-----w- C:\Users\Stan\AppData\Local\{D52ACE4F-90E8-4972-BBF6-3BC035B8AD46}
2014-12-12 02:16:11 -------- d-----w- C:\Users\Stan\AppData\Local\{A42AF1F0-D0B0-4A03-8EA2-4F4283B82FE7}
2014-12-11 08:26:07 -------- d-----w- C:\windows\System32\appraiser
2014-12-11 08:02:48 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2014-12-11 08:02:48 24576 ----a-w- C:\windows\System32\mfpmp.exe
2014-12-11 08:02:48 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2014-12-11 08:02:48 2048 ----a-w- C:\windows\System32\mferror.dll
2014-12-11 08:02:47 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2014-12-11 08:02:47 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2014-12-11 08:02:47 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2014-12-11 08:02:47 206848 ----a-w- C:\windows\System32\mfps.dll
2014-12-11 08:02:47 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2014-12-11 08:02:46 4121600 ----a-w- C:\windows\System32\mf.dll
2014-12-10 18:09:33 -------- d-----w- C:\Users\Stan\AppData\Local\{12DFC98D-6C7A-4046-BF62-C9AF325462A5}
2014-12-10 18:08:55 -------- d-----w- C:\Users\Stan\AppData\Local\{773D0819-21D4-4869-ADD5-B7BBD0A379D0}
2014-12-09 18:03:20 -------- d-----w- C:\Users\Stan\AppData\Local\{D199D304-A279-4DFE-A551-848AE5E3C41C}
2014-12-09 18:02:51 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-08 22:03:59 -------- d-----w- C:\Users\Stan\AppData\Local\{1FCCF0C4-741D-4689-ADD7-1FE7604D85B3}
2014-12-08 06:31:11 -------- d-----w- C:\Users\Stan\AppData\Local\{F08E2B51-DCC8-4CC8-B742-0A025D9305C6}
2014-12-07 15:40:40 -------- d-----w- C:\Users\Stan\AppData\Local\{17543A42-F702-4D62-970C-8093D335A3E8}
2014-12-07 03:39:47 -------- d-----w- C:\Users\Stan\AppData\Local\{A82FC47F-0783-4758-B564-4E694977068C}
2014-12-07 03:35:16 -------- d-----w- C:\Users\Stan\AppData\Local\{EF158B01-653E-4BBB-BD72-1FEB54FE6239}
2014-12-04 21:49:48 -------- d-----w- C:\Users\Stan\AppData\Local\{2EF30172-517D-4119-BEB9-EBCBCA06E298}
2014-12-03 19:39:56 -------- d-----w- C:\Users\Stan\AppData\Local\{F110BABE-5C9C-489F-99D5-0400A10B8B7B}
2014-12-03 06:31:20 227048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-12-03 06:31:20 227048 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-12-02 06:23:13 -------- d-----w- C:\Users\Stan\AppData\Local\{EB216034-73C7-4F71-B8C0-4FE224173E5C}
2014-12-01 01:45:20 -------- d-----w- C:\Users\Stan\AppData\Local\{18BA45BC-5802-4C99-B2A6-6630476FD63A}
2014-11-29 17:38:12 -------- d-----w- C:\Users\Stan\AppData\Local\{80DA2394-E6B8-4DA0-8EB5-65CB27A98240}
2014-11-29 00:10:20 -------- d-----w- C:\Users\Stan\AppData\Local\{6AF7B4B0-1F23-4F3D-8E3E-41C0E0AB8E32}
.
==================== Find3M ====================
.
2014-12-28 20:19:33 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-12-11 20:18:17 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 20:18:17 701104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-21 11:14:22 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-11-18 19:56:48 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-10-31 03:59:10 707299 ----a-w- C:\Program Files (x86)\unins000.exe
2014-10-30 11:25:26 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-30 02:03:43 165888 ----a-w- C:\windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\windows\SysWow64\WSManHTTPConfig.exe
2014-10-02 19:23:20 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2014-10-02 19:23:20 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
.
============= FINISH: 15:25:31.97 ===============

 

RogueKiller V10.1.1.0 [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Stan [Administrator]
Mode : Scan -- Date : 12/29/2014 00:19:58

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 26 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Found
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3954531214-905133765-490049910-1001\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3954531214-905133765-490049910-1001\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3954531214-905133765-490049910-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3954531214-905133765-490049910-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK5065GSXN ATA Device +++++
--- User ---
[MBR] 520f39b4e9508d70f64f6b8780084e66
[BSP] d4e156cccf802d1e4b2438b6430456fb : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 463519 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 952360960 | Size: 11920 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06222014_165252.log - RKreport_DEL_12282014_040330.log - RKreport_DEL_12282014_040333.log - RKreport_DEL_12282014_041145.log
RKreport_SCN_06222014_164833.log - RKreport_SCN_12282014_040252.log - RKreport_SCN_12282014_041107.log

 

malwarebytes came back clean

 

ComboFix 14-12-25.01 - Stan 12/29/2014 20:39:31.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2305 [GMT -5:00]
Running from: c:\users\Stan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Stan\AppData\Local\Temp\_MEI39443\_ctypes.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\_elementtree.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\_hashlib.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\_multiprocessing.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\_socket.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\_ssl.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\hashobjs_ext.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\pyexpat.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\pysqlite2._sqlite.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\python27.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\pythoncom27.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\PyWinTypes27.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\select.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\unicodedata.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32api.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32com.shell.shell.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32crypt.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32event.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32file.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32gui.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32inet.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32pdh.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32pipe.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32process.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32profile.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32security.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\win32ts.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\windows._lib_cacheinvalidation.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._animate.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._controls_.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._core_.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._gdi_.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._html2.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._misc_.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._windows_.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wx._wizard.pyd
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxbase294u_net_vc90.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxbase294u_vc90.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxmsw294u_adv_vc90.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxmsw294u_core_vc90.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxmsw294u_html_vc90.dll
c:\users\Stan\AppData\Local\Temp\_MEI39443\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-11-28 to 2014-12-30 )))))))))))))))))))))))))))))))
.
.
2014-12-28 08:58 . 2014-12-29 05:26 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-28 07:16 . 2010-03-15 10:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2014-12-28 05:28 . 2014-12-28 08:32 -------- d-----w- c:\users\Stan\AppData\Roaming\uTorrent
2014-12-28 04:59 . 2014-12-28 08:32 -------- d-----w- c:\program files (x86)\hide.me VPN
2014-12-26 22:36 . 2014-12-26 22:36 -------- d-----w- c:\program files\Common Files\Avid
2014-12-26 22:36 . 2014-12-26 22:36 -------- d-----w- c:\program files (x86)\Common Files\Avid
2014-12-20 01:34 . 2014-12-20 01:34 -------- d-----w- c:\users\Stan\AppData\Local\Valassis
2014-12-17 20:25 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-17 20:25 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-11 08:26 . 2014-12-11 08:26 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 08:02 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-11 08:02 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-11 08:02 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-11 08:02 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 08:02 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-11 08:02 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-11 08:02 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-11 08:02 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-11 08:02 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-11 08:02 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 18:03 . 2014-11-22 02:41 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-09 18:02 . 2014-12-22 21:16 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-03 06:31 . 2014-12-03 06:31 227048 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-29 05:39 . 2014-05-03 22:57 135384 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-29 05:37 . 2014-05-03 22:56 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-11 20:18 . 2012-04-06 05:42 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 20:18 . 2011-05-16 21:53 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 08:04 . 2011-05-15 05:59 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-02 10:26 . 2014-12-29 00:06 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B42CF53-F29A-40CF-9A63-7F968212F3E7}\mpengine.dll
2014-12-02 10:26 . 2014-12-27 23:17 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-21 11:14 . 2014-05-03 22:56 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 11:14 . 2014-05-03 22:56 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-18 19:56 . 2014-11-18 19:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-11 03:08 . 2014-11-19 23:24 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 23:24 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 23:24 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 23:24 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-31 03:59 . 2014-10-31 03:59 707299 ----a-w- c:\program files (x86)\unins000.exe
2014-10-30 11:25 . 2011-05-15 06:28 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:57 . 2014-11-12 01:03 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 01:03 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 01:03 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 01:03 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 01:04 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 01:04 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 01:03 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 01:04 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 01:04 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 01:04 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 01:04 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 01:03 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 01:04 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 01:04 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 01:04 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 01:03 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-12 01:04 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-12 01:04 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-12 01:04 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-12 01:04 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-12 01:04 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-12 01:04 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-12 01:04 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-12 01:04 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-10-02 19:23 . 2014-10-02 19:23 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2014-10-02 19:23 . 2014-10-02 19:23 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt1"]
@= "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt2"]
@= "{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt3"]
@= "{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt4"]
@= "{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt5"]
@= "{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt6"]
@= "{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt7"]
@= "{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ "DropboxExt8"]
@= "{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM "= "c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"SanDiskSecureAccess_Manager.exe "= "c:\users\Stan\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe" [2011-06-29 27311232]
"GoogleDriveSync "= "c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL "= "c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-23 352256]
"HWSetup "= "c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify "= "c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation "= "c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TWebCamera "= "c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"APSDaemon "= "c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"HPUsageTrackingLEDM "= "c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"IndexSearch "= "c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-09 46368]
"PaperPort PTD "= "c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-09 29984]
"PPort12reminder "= "c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook "= "c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller "= "c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4 "= "c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2012-09-07 143360]
"BrStsMon00 "= "c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
"iTunesHelper "= "c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task "= "c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableUIADesktopToggle "= 0 (0x0)
"EnableSecureUIAPath "= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_Dlls "=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@= "Service "
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 CCUSBMIDI;CASIO USB MIDI;c:\windows\system32\Drivers\ccusbmid.sys;c:\windows\SYSNATIVE\Drivers\ccusbmid.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 ffusb2audio;Focusrite USB 2.0 Audio Driver;c:\windows\system32\DRIVERS\ffusb2audio.sys;c:\windows\SYSNATIVE\DRIVERS\ffusb2audio.sys [x]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys;c:\windows\SYSNATIVE\Drivers\HPM1210FAX.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TridVid;USB2.0 VIDBOX NM;c:\windows\system32\DRIVERS\TridVid.sys;c:\windows\SYSNATIVE\DRIVERS\TridVid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 NIWinCDEmu;ISO Mounter driver;c:\windows\system32\DRIVERS\NIWinCDEmu.sys;c:\windows\SYSNATIVE\DRIVERS\NIWinCDEmu.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 21:34 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:18]
.
2014-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-08 04:10]
.
2014-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-08 04:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@= "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@= "{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@= "{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@= "{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 22:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 22:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 22:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 22:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 22:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl "= "c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg "= "c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"TosVolRegulator "= "c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify "= "c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"MSC "= "c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"AdobeAAMUpdater-1.0 "= "c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
uSearchAssistant = hxxp://www.google.com
mCustomizeSearch = www.google.com
mSearchAssistant = www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Stan\AppData\Roaming\Mozilla\Firefox\Profiles\rcne8d28.default-1419756545963\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - (no file)
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - (no file)
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - (no file)
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - (no file)
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - (no file)
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - (no file)
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - (no file)
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
AddRemove-{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9} - c:\programdata\{4C2C834F-B555-47C0-AFCB-FDF50ADB5ED7}\Guitar Rig 5 Setup PC.exe
AddRemove-{0886900B-B2F3-452C-B580-60F1253F7F80} - c:\programdata\{B9F6456A-E0C8-4BD3-A6E8-AFA8859EC4C4}\Controller Editor Setup PC.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}\Service Center Setup PC.exe
AddRemove-{0DBCB5F0-DFFF-426f-9137-17E9A042F7DB} - c:\programdata\{36047B27-9342-4F25-AB0D-F0DFC71A650A}\Replika Setup PC.exe
AddRemove-{2930FB47-6452-4476-BF16-D77F748646DB} - c:\programdata\{B0CAD5CC-867E-473E-B55F-339F9635A45D}\Guitar Rig Mobile IO Setup PC.exe
AddRemove-{5552453B-BB76-45E3-973D-F95E458ED780} - c:\programdata\{78F6A1FC-ADDE-4028-A231-7B924CE455BD}\Kontakt 5 Setup PC.exe
AddRemove-{7930FB47-6452-4476-BF16-D77F748646DB} - c:\programdata\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}\Guitar Rig Session IO Setup PC.exe
AddRemove-{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070} - c:\programdata\{00E0164B-B182-4800-96DA-F8D39B3A7189}\Kontakt Factory Selection Setup PC.exe
AddRemove-{B962AD08-335F-46f7-A182-257D37672E5C} - c:\programdata\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}\Rig Kontrol 3 Setup PC.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@= "c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker6 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@= "c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.15 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker6 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
.
**************************************************************************
.
Completion time: 2014-12-29 21:10:12 - machine was rebooted
ComboFix-quarantined-files.txt 2014-12-30 02:10
.
Pre-Run: 312,104,091,648 bytes free
Post-Run: 313,159,991,296 bytes free
.
- - End Of File - - 9BFB2154A50384C87A9FFDB03F600946
5B5E648D12FCADC244C1EC30318E1EB9

 

# AdwCleaner v4.106 - Report created 29/12/2014 at 21:32:41
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Stan - STAN-LAPTOP
# Running from : C:\Users\Stan\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****

Task Deleted : YourFile DownloaderUpdate

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Stan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Vittalia
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\DF917BEA0BDE9E345B42099FC7E14699
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\DF917BEA0BDE9E345B42099FC7E14699
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF917BEA0BDE9E345B42099FC7E14699

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v39.0.2171.95

[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS&q={searchTerms}
[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS&q={searchTerms}
[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS&q={searchTerms}
[C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS&q={searchTerms}

*************************

AdwCleaner[R0].txt - [3151 octets] - [29/12/2014 21:31:09]
AdwCleaner[S0].txt - [4342 octets] - [29/12/2014 21:32:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4402 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Stan on Mon 12/29/2014 at 21:38:44.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update towertilt



~~~ Files

Successfully deleted: [File] "C:\windows\couponprinter.ocx "



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{02820A2C-9AFA-4E5D-82C5-AD75BCB2843C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{03DCEC4A-3574-42FF-9581-B731B937BD05}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{041282DC-631B-4C57-B63C-8745E8CAC1EA}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{0428D05B-E466-4EB9-8648-A92923759B2C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{0C8BE9B7-F212-480A-98AD-86FB48F262A0}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{0EFA2265-45E2-45E3-9EBF-A1FE1D001701}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{0F7BE7D5-84B1-4896-B407-9E1FA217E949}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{11BD4924-E1FF-4D5B-BA52-945DD5843BD8}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{1248A701-7C45-4FF9-B64D-2AFE09581167}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{12DFC98D-6C7A-4046-BF62-C9AF325462A5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{12EBDE4C-6302-47EE-AA4C-9DF150669A1E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{17543A42-F702-4D62-970C-8093D335A3E8}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{18BA45BC-5802-4C99-B2A6-6630476FD63A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{18BAC6A5-600E-4394-977C-91C18C887ED0}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{18D8C7F6-1584-4623-8159-D2128A09B0AE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{1D4DF153-1C75-434D-81D4-FE8C4DD329DA}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{1E4D0E5C-D491-4D78-8805-820A55B2A586}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{1FCCF0C4-741D-4689-ADD7-1FE7604D85B3}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{20377C87-2613-4565-83B0-2820BE5FE5EB}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{222474B2-2A08-4235-8A89-0840B77654BE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{22531556-8319-4FAF-B289-84411A85C3AB}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{240B5E67-E0CF-4E7D-8038-4B87AF4D4EC9}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{26907AC1-87AE-47D7-95DE-1A2EE6032850}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2741E934-C203-4C1E-B531-092E43565768}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{28DF99CB-B193-4D8C-B211-52609684175E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2A0CCA13-382E-4AC9-B6DD-4DC08EEB5651}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2A2CF48E-2115-411D-AC0D-C54A88C8239D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2C74E868-7F64-4330-B896-E5A8E1302A18}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2CD9B201-C452-424B-BF57-482F203C2546}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2D065E41-45CF-4904-B3AB-4DDEB1BDECCB}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{2EF30172-517D-4119-BEB9-EBCBCA06E298}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3A7DABDB-B07D-4EE7-9ECA-5F63762E4DAF}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3AC37591-C3AF-4A3C-BC21-861857DE689D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3B0B9A0A-60CA-443E-9DA1-4C6A7A3E2337}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3BF1C839-1A67-4269-9E73-13A64BB15FB1}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3C07692C-DCFE-4444-BE76-865169CEAEDE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3C6EA4DB-077E-4632-AD96-754D61ABDF54}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3F416536-1BC2-43A9-84D8-F9F23E75169E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3F54F431-B781-4610-BFF1-D0983FFAFC5D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3F7F6C17-363F-4A22-9E5C-03069472B81B}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{3FB66E09-4024-4171-901C-B4B4D0482793}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{43FE7361-B816-4D2A-AD6C-B0E7DA8D7A1D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{44271F04-04D4-4C1B-AB5D-398825C2DE11}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{4598CFD2-924F-4030-AD5E-59A5123F7AB7}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{471D33A2-82A9-4CE0-B872-03541E2BA5E1}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{486BD3A4-B9B9-48F5-BC2B-B62B80376A33}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{4B49C687-40DB-40AF-89EF-58815278B93F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{4D691437-7232-430B-ADEB-FB94B8FBD464}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{50D5A1BB-2980-40CB-89E7-6E9B4AAACC2A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{53D8A79C-E578-457F-B335-F23AD2947D96}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{55CF1696-99DC-40C7-A6CF-C11BB5A63990}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{581584CB-3D97-4DF9-ABEE-6C0B28687F5F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{5B70999E-E676-488E-A40C-0436924C992F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{60456194-1181-4B36-B4B1-4F34072D4A20}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{60D04938-B690-444F-A46A-61A3470BB228}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{64568C10-F5BE-42B3-8448-8D73C19BCC45}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{650AC850-8652-4230-A58E-044F95914386}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{658849E6-7917-4EC2-941D-4DF749329813}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{65A99552-D7A7-4488-A175-FF12B449B4C5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{698F4E32-B413-4471-9617-471A0907ABFE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6AF7B4B0-1F23-4F3D-8E3E-41C0E0AB8E32}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6BB70F2C-E437-4851-B54B-FC3CE11F063F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6BE165B5-7DE4-494C-B7B9-EA9CBD3EEE96}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6C1446BE-C221-409B-8EFC-16DFDBBB361E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6C98B647-66C9-4D94-8CA9-8FDAA369DF69}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6E83E1CB-7389-4336-9650-6CE4BFF94D62}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6F1F747C-A015-4A88-A40F-A63CFB27867A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{6FF92A30-5B8B-446F-8AE3-17E59F0C934F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{718723A3-A303-4957-BB12-4D27D8E658E4}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{721D9BC8-D465-49C5-B457-5B6EFEC1B9F5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{729AA66E-6F85-4D1B-A5C8-FEE18EFC4B24}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{773D0819-21D4-4869-ADD5-B7BBD0A379D0}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{77E6B06D-C7DC-4270-B2DF-C3CB4CB01C3F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7B05C1E7-1C8D-4E05-8B1C-32C591EBA766}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7B146D68-7C17-43D3-BE97-EA7AE1018268}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7D1B48AF-DFB6-4839-8AB0-804637CAD8BA}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7D322872-4AD2-46C6-9000-43E649D19AEE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7D8B4AF6-7B75-4612-86DE-0D26EE0AD8E3}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{7E1B97BF-985E-4137-92DB-757547C62420}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{80DA2394-E6B8-4DA0-8EB5-65CB27A98240}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{8129DCB8-732B-40CA-99A4-7BE9D9CF1BB4}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{827305CE-DCBC-4BF5-9EE7-9DC66D832C07}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{83EC8367-5653-4345-96B1-972FE4DDDE70}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{8402C8D5-D1C5-4D25-8E4B-4A265D84B2A7}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{84C686C3-5841-4E02-8866-BF5E61189AA9}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{8E4C8A44-3E65-4CA4-A3E4-01E0BE900579}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{921F1486-6CF1-43BB-87EB-F7DA4592F998}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{927F91B1-06C1-4EDB-BED0-8289D2B39DDF}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{955A7831-FCF6-4746-A1E3-9944CFAFD290}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{974769ED-AE12-4587-BAFC-BCFEB3623313}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{977BB578-048D-477B-B0AE-CEC720FFCF57}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A1E4C600-8EA9-4C5C-9164-18AE677EEDBF}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A27CB7C1-1BEC-4553-9F05-76BA3D75A6B4}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A2E11D37-2A13-45AF-A6FA-1D67492AD0B2}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A384A7D5-D188-4435-A623-B0D5645C4DA3}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A42AF1F0-D0B0-4A03-8EA2-4F4283B82FE7}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A76D459E-E0D7-4DB6-8072-90AFFBF54DB1}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A82FC47F-0783-4758-B564-4E694977068C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A836A2A0-E062-47EA-BC53-7929E7FA8A9D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{A8FDD61C-3A69-400C-A96F-990E7A773B2B}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AA145B72-9E4D-4A4B-B9BA-C2D0E542C83A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AA1D48F1-B863-42EA-99A1-DB14FDE6734D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AA7A6216-8737-4F1C-A881-5E8EC7BFAEA0}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AB682325-2F31-4789-B48A-B5F12EEC3979}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AF1A33DF-E4C1-4A2A-83CD-030902E2367C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{AF9F3BEA-2223-4325-8B48-8453F3D2AA97}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B0CF3023-3089-4D27-9B1A-76922FBA95D7}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B32EE491-D8A1-495F-86A4-3DD2E3718BB7}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B3FA0F1C-BD41-432D-B70D-F7D76C86819E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B543B377-9E2A-4524-85DC-BDA69F29A719}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B5B44832-08F6-4F86-B73D-FA86EFB24020}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B6BF85EF-C889-4929-B17A-5351C2A29423}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{B9BDDBC1-CFA2-42CD-BE3C-5BF0DD172877}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BA177180-6239-4F87-8505-E28A353C6135}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BB605B6E-C58D-4358-A8F0-17F639E2C6E5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BF236B6C-E6CD-4191-87A4-1A9055357CD5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BF5BE770-C08C-4F66-BB7E-ABF9B1CE3E2D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BF6943E2-E222-4FD6-8303-51D563A2CC9F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{BFE0717A-2066-42B9-B1EB-39FF5CC49783}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C0C518F7-EA09-46C6-BB18-CAF0654AC51F}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C2016A1C-01FA-4A8A-A8F8-0ED547269122}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C211089F-7319-411D-B1AE-29CACBCBC406}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C4566E8A-1542-4181-B483-0811540A6876}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C47F3397-6F63-466B-9859-26473DB95ECC}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C7E166E3-32E8-4A96-A013-96571AAD2202}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C879F5F8-46C8-4A29-B1A2-B6F36672FD16}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{C898BF97-59FE-48A6-A75C-21A838C07FAF}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CA976B43-EA6E-4F66-87E8-1BBFBF61CE37}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CB98D756-4A90-47A9-ADB3-FD2D9BDCC980}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CF145E27-96C0-4419-AF78-5F3298B284B5}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CF7F38D5-17C0-45BE-A9F5-A108EF654397}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CF9C8CD7-8B45-44A8-BEDD-562196C16905}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{CFA61B99-774E-44D0-AACD-1E56F4A3A194}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D199D304-A279-4DFE-A551-848AE5E3C41C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D3DFDEC4-DD14-4498-B22A-3EF31A16809D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D44CE3D7-50CE-4559-BACA-23B80BC2026A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D52ACE4F-90E8-4972-BBF6-3BC035B8AD46}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D5398370-FA48-4366-B6B9-EE71056CB417}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D8F1F21A-E6D3-4D49-9880-998BCD1B5663}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{D9F3A34E-BF24-4EEC-AE0F-AFB9082DA2C1}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DA1B7C43-3324-4742-A506-AADD60A59F3E}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DA2FA7B6-70AB-4372-8A2E-CEEE1DECAF2C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DC5C898B-8A6A-455F-AAF6-D9AC9E0FEDA3}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DEBECA6D-A828-48BE-B485-DA855F45BD49}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DF91E67C-155E-433A-8353-A2DF06E147D0}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{DFB362EC-783D-4F08-8E8C-9D2253E875F4}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{E08607E2-886B-46F5-9F18-8DD71A5F94A2}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{E3071536-8832-4770-A732-AE6DD0109588}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{E7E693D7-68FB-4B03-A631-0D77A39EFDFF}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EB097BCF-330E-4036-BBFC-C51450EF9B3A}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EB216034-73C7-4F71-B8C0-4FE224173E5C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EB94FF2F-77BD-49EF-AECD-4F86E682C15D}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EC0FF3A3-9615-4409-BDB8-EC69B7BBDB2C}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EC3753D7-065D-41E3-A923-BA3480E1B775}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{EF158B01-653E-4BBB-BD72-1FEB54FE6239}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F08E2B51-DCC8-4CC8-B742-0A025D9305C6}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F0CFA076-356E-4F1B-9B54-8A0E54DB9077}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F0F1728F-840D-4099-A332-9B2CC1AB8441}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F110BABE-5C9C-489F-99D5-0400A10B8B7B}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F22F6573-268C-4C33-B0AA-C911F6562E37}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F6CC33BA-A7BB-4005-A169-88B32002A179}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F7A1DE85-A173-4336-9302-474742F16F81}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{F93D513D-9824-45C9-90D2-E1FE9C20BF28}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FBDBB7A8-7839-411F-852E-AE3DE874A8F2}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FCCA275C-25C7-476F-9737-D4BF8949EECB}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FD5368D9-E7D6-418B-933A-F2C1838739BA}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FDB49FFA-BC63-4179-90C8-9E2310537AFE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FE65BAE0-3093-4EDC-9CF7-F7E80D490FFE}
Successfully deleted: [Empty Folder] C:\Users\Stan\appdata\local\{FFEA13AE-EB91-41FB-B705-354F84BC1F34}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/29/2014 at 21:42:00.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Stan at 2014-12-29 21:46:04
Running from C:\Users\Stan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
AIM 7 (HKLM-x32\...\AIM_7) (Version: - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BE3DFCA2-6F42-509D-555C-68A923314062}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (x32 Version: 4.0.4212.0 - Box Inc.) Hidden
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.349 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Digital Sound Factory Session Drummer 3 Acoustic Kits (HKLM-x32\...\Digital Sound Factory Session Drummer 3 Acoustic Kits_is1) (Version: 1.0 - Digital Sound Factory)
Dropbox (HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Focusrite Scarlett Plug-in Suite 1.1 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.1 - Focusrite Audio Engineering Ltd.)
Focusrite USB 2.0 Audio Driver 2.4 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.4 - Focusrite Audio Engineering Limited.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
honestech VHS to DVD 4.0 HD (HKLM-x32\...\{BA84775E-C53D-41F4-A0C9-B9000D1BF95B}) (Version: 4.0 - honestech)
honestech VHS to DVD 4.0 HD (x32 Version: 4.0 - Honest Technology) Hidden
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version: - )
Licensing Service Install (HKLM-x32\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19269 - Gemalto N.V.)
Scansoft PDF Professional (x32 Version: - ) Hidden
SeaMonkey 2.26 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.26 (x86 en-US)) (Version: 2.26 - Mozilla)
SONAR X3 (x64) (HKLM-x32\...\SONARX3_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) (HKLM\...\4214A1CFC1A368A5078729BFD4B211F0CDB5CEC5) (Version: 09/10/2012 2.4.128.0 - Focusrite)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954531214-905133765-490049910-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-29 20:57 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07E46A4C-1CD1-49CF-BC36-5C9BBBB4F1F0} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== ATTENTION
Task: {0C1EDBC8-8DFE-4AF8-B29A-D8DEA6CA3132} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe
Task: {275A5A11-8C3B-450B-A9B7-6A9DEF0EDDA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {31CC47AD-B708-40A0-A170-62C4E4993CBB} - System32\Tasks\{B451AABD-D5FA-4682-BCB8-6F49E67EDD69} => pcalua.exe -a "C:\Program Files\MeldaProduction\MFreeEffectsBundle64 6\setup.exe" -d "C:\Program Files\MeldaProduction\MFreeEffectsBundle64 6" -c update
Task: {49E5A1F8-870F-452B-9D22-C328618D3B44} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe
Task: {549C271A-C5EC-4B89-9819-6BE887ED3FFA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {5D8240CB-5664-4BE1-9A7C-C55DE7820765} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {6D8A300D-B77F-41D8-A889-79759093178D} - System32\Tasks\{E61A7C8B-76B8-41E0-845D-161BD902E49A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{21E77392-C30A-4AA2-8CA7-5728316939D6}\setup.exe" -c -runfromtemp -l0x0009 uninstall -removeonly
Task: {895034B1-9AF0-4B36-9C49-237E0006B164} - System32\Tasks\{FB55DF94-8CA4-46D5-8B81-5B77ECFEC717} => pcalua.exe -a C:\Users\Stan\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe -c --uninstall
Task: {8FC0C741-512A-462B-AC00-D4B2A4BB0833} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {977AA185-1BDD-4127-8596-3A7A479C239B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A37CB650-D23A-4D7D-BBA6-C9E2880DFBB3} - System32\Tasks\{91CB31FA-BCC8-4FF6-9E89-FE5B9B7A681F} => pcalua.exe -a C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(2)\64Bit\SetupX64.exe -d C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(2)\64Bit
Task: {B8FCFF50-3182-4254-B979-901D10E14606} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC5F0A03-1460-4142-BD1A-EED49EEB7EEA} - System32\Tasks\{791F4C2A-630E-4EDF-ABFA-C2F7D5BBFFDB} => pcalua.exe -a C:\PROGRA~2\Waves\DIAMON~1\UNWISE.EXE -c C:\PROGRA~2\Waves\DIAMON~1\INSTALL.LOG
Task: {C1C452E9-76B2-4DB5-B54A-D4A7E82276BD} - System32\Tasks\{B6B9B4A1-EDE9-4851-8648-147CEC97A177} => pcalua.exe -a C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(1)\64Bit\SetupX64.exe -d C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(1)\64Bit
Task: {C52118D6-6784-48D7-9DE0-A74095CD08B9} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {D47CF938-C456-433C-85EC-AD4E393B0F7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D4998D1D-5461-4E08-BB76-52C1888BD038} - System32\Tasks\{1EB87212-C1FB-4418-8F77-A08BE0A7AB90} => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-09-06] (Brother Industries, Ltd.)
Task: {EB463976-31B2-4423-B087-ED8104B0CBC1} - System32\Tasks\AdobeAAMUpdater-1.0-STAN-LAPTOP-Stan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FC069FC1-745D-4923-99C3-7A59DDA3EDF4} - System32\Tasks\{D4A62271-43F8-4D76-A8B8-9193FAA68140} => pcalua.exe -a C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(2)\SetupX86.exe -d C:\Users\Stan\Downloads\USB2.0_VIDBOX_NM_xp_vista_090506(2)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-02 22:44 - 2012-09-29 12:25 - 00074240 ____N () C:\windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL
2010-04-07 18:07 - 2010-04-07 18:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 15:26 - 2009-11-03 15:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 16:15 - 2010-03-03 16:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 16:15 - 2010-03-03 16:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-11-01 02:01 - 2009-06-22 17:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 21:08 - 2009-03-12 21:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 19:38 - 2009-07-25 19:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2012-01-03 23:09 - 2005-04-21 23:36 - 00143360 ____R () C:\windows\system32\BrSNMP64.dll
2010-02-05 19:44 - 2010-02-05 19:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-05-01 14:29 - 2014-05-01 14:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-15 17:44 - 2009-10-15 17:44 - 00067128 _____ () C:\Program Files (x86)\Hp\HP UT LEDM\bin\HPTools.dll
2009-10-15 17:44 - 2009-10-15 17:44 - 00075320 _____ () C:\Program Files (x86)\Hp\HP UT LEDM\bin\HPToolkit.dll
2014-12-29 21:34 - 2014-12-29 21:34 - 00098816 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32api.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00110080 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\pywintypes27.dll
2014-12-29 21:34 - 2014-12-29 21:34 - 00364544 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\pythoncom27.dll
2014-12-29 21:34 - 2014-12-29 21:34 - 00045568 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_socket.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 01160704 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_ssl.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00320512 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32com.shell.shell.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00713216 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_hashlib.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 01175040 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._core_.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00805888 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._gdi_.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00811008 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._windows_.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 01062400 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._controls_.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00735232 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._misc_.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00128512 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_elementtree.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00127488 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\pyexpat.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00557056 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\pysqlite2._sqlite.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00087552 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_ctypes.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00119808 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32file.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00108544 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32security.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00007168 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\hashobjs_ext.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00167936 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32gui.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00018432 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32event.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00038912 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32inet.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00011264 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32crypt.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00070656 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._html2.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00027136 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\_multiprocessing.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00035840 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32process.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00686080 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\unicodedata.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00122368 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._wizard.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00024064 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32pipe.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00025600 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32pdh.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00525640 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\windows._lib_cacheinvalidation.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00010240 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\select.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00017408 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32profile.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00022528 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\win32ts.pyd
2014-12-29 21:34 - 2014-12-29 21:34 - 00078336 _____ () C:\Users\Stan\AppData\Local\Temp\_MEI38362\wx._animate.pyd
2014-10-09 22:05 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-09 03:41 - 2014-12-09 03:41 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Stan\Cookies:r0iMe9RSfF5Py2qdTtIJ

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3954531214-905133765-490049910-500 - Administrator - Disabled)
Guest (S-1-5-21-3954531214-905133765-490049910-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3954531214-905133765-490049910-1002 - Limited - Enabled)
Stan (S-1-5-21-3954531214-905133765-490049910-1001 - Administrator - Enabled) => C:\Users\Stan

==================== Faulty Device Manager Devices =============

Name: StorLib bus (virtual storages support)
Description: StorLib bus (virtual storages support)
Class Guid: {1378e71b-ab4d-4348-af26-cba56b12969e}
Manufacturer: SugarSync
Service: SSCBFS3
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall ", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-12-29 20:49:55.087
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-29 20:49:54.697
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-13 15:44:46.656
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-13 15:44:46.313
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-23 21:24:39.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-23 21:24:38.871
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-23 21:24:38.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-23 21:24:38.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-23 21:24:37.700
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-23 21:24:37.290
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II N660 Dual-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 3835.68 MB
Available physical RAM: 2146.65 MB
Total Pagefile: 7669.55 MB
Available Pagefile: 5675.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI106050W0B) (Fixed) (Total:452.66 GB) (Free:291.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 01A4E7E1)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=17)

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Stan (administrator) on STAN-LAPTOP on 30-12-2014 01:46:11
Running from C:\Users\Stan\Desktop
Loaded Profile: Stan (Available profiles: Stan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\Stan\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [27311232 2011-06-29] (Gemalto N.V.)
HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => No File
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => No File
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => No File
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => No File
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => No File
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => No File
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => No File
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3954531214-905133765-490049910-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3954531214-905133765-490049910-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {445DEB7C-6B58-482B-9231-05991D8CE428} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3954531214-905133765-490049910-1001 -> {445DEB7C-6B58-482B-9231-05991D8CE428} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Stan\AppData\Roaming\Mozilla\Firefox\Profiles\rcne8d28.default-1419756545963
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-10-02]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.com/ ", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS "
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-06]
CHR Extension: (Google Cast) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-12-20]
CHR Extension: (Nimbus Screenshot) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2014-06-14]
CHR Extension: (Google Search) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-06]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-05-07]
CHR Extension: (Nimbus Screen Capture Web) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbabfnlcahbflejehfjibacnldlnnicl [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-06]
CHR Extension: (Gmail) - C:\Users\Stan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-06]
CHR HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-05-15] (Macrovision Europe Ltd.) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 CCUSBMIDI; C:\Windows\System32\Drivers\ccusbmid.sys [26624 2012-10-21] (CASIO COMPUTER CO., LTD.) [File not signed]
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [125304 2012-09-10] (Focusrite Audio Engineering Limited.)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2012-02-05] ()
R2 regi; C:\windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid.sys [292056 2011-10-07] (Trident Multimedia Technologies Co.,Ltd)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-29] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 01:46 - 2014-12-30 01:46 - 00022306 _____ () C:\Users\Stan\Desktop\FRST.txt
2014-12-30 00:54 - 2014-12-30 00:54 - 00000000 ____D () C:\Users\Stan\AppData\Local\{40B17FF4-A24E-40C9-B57B-F3EBBFA5FAF8}
2014-12-29 22:03 - 2014-12-29 22:03 - 00000000 ____D () C:\Users\Stan\RCA Recipe Book
2014-12-29 21:43 - 2014-12-30 01:46 - 00000000 ____D () C:\FRST
2014-12-29 21:31 - 2014-12-29 21:32 - 00000000 ____D () C:\AdwCleaner
2014-12-29 21:29 - 2014-12-29 21:29 - 02173952 _____ () C:\Users\Stan\Desktop\adwcleaner_4.106.exe
2014-12-29 21:29 - 2014-12-29 21:29 - 02123264 _____ (Farbar) C:\Users\Stan\Desktop\FRST64.exe
2014-12-29 21:29 - 2014-12-29 21:29 - 01707939 _____ (Thisisu) C:\Users\Stan\Desktop\JRT.exe
2014-12-29 21:10 - 2014-12-29 21:10 - 00033290 _____ () C:\ComboFix.txt
2014-12-29 20:37 - 2014-12-29 21:10 - 00000000 ____D () C:\Qoobox
2014-12-29 20:37 - 2011-06-26 01:45 - 00256000 _____ () C:\windows\PEV.exe
2014-12-29 20:37 - 2010-11-07 12:20 - 00208896 _____ () C:\windows\MBR.exe
2014-12-29 20:37 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-12-29 20:37 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-12-29 20:37 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-12-29 20:37 - 2000-08-30 19:00 - 00098816 _____ () C:\windows\sed.exe
2014-12-29 20:37 - 2000-08-30 19:00 - 00080412 _____ () C:\windows\grep.exe
2014-12-29 20:37 - 2000-08-30 19:00 - 00068096 _____ () C:\windows\zip.exe
2014-12-29 20:35 - 2014-12-29 20:35 - 05603624 ____R (Swearware) C:\Users\Stan\Desktop\ComboFix.exe
2014-12-29 00:37 - 2014-12-29 01:17 - 00000000 ____D () C:\Users\Stan\Desktop\mbar
2014-12-29 00:14 - 2014-12-29 00:14 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Stan\Downloads\mbar-1.08.2.1001.exe
2014-12-28 23:44 - 2014-12-28 23:44 - 00000000 _____ () C:\Users\Stan\Sti_Trace.log
2014-12-28 15:25 - 2014-12-28 15:25 - 00028280 _____ () C:\Users\Stan\Desktop\dds.txt
2014-12-28 15:25 - 2014-12-28 15:25 - 00014069 _____ () C:\Users\Stan\Desktop\attach.txt
2014-12-28 15:21 - 2014-12-28 15:21 - 00005702 _____ () C:\Users\Stan\Desktop\mb.txt
2014-12-28 14:38 - 2014-12-28 14:38 - 00688992 ____R (Swearware) C:\Users\Stan\Desktop\dds.com
2014-12-28 03:58 - 2014-12-29 00:26 - 00035064 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-12-28 03:57 - 2014-12-28 03:57 - 15298136 _____ () C:\Users\Stan\Downloads\RogueKiller.exe
2014-12-28 02:16 - 2010-03-15 05:31 - 00165376 _____ () C:\windows\SysWOW64\unrar.dll
2014-12-28 01:51 - 2014-12-28 01:51 - 00000000 ____D () C:\Users\Stan\Downloads\Waves MultiRack Native And SoundGrid v9r12 - R2R [deepstatus][h33t][1337x]
2014-12-28 01:50 - 2014-12-28 01:50 - 00018259 _____ () C:\Users\Stan\Downloads\Waves MultiRack Native And SoundGrid v9r12 - R2R [deepstatus] [2825402].torrent
2014-12-28 01:14 - 2014-12-28 01:33 - 1123292464 _____ () C:\Users\Stan\Downloads\WAves V9.20.zip
2014-12-28 00:28 - 2014-12-28 03:32 - 00000000 ____D () C:\Users\Stan\AppData\Roaming\uTorrent
2014-12-27 23:59 - 2014-12-28 03:32 - 00000000 ____D () C:\Program Files (x86)\hide.me VPN
2014-12-27 23:59 - 2014-12-27 23:59 - 00002712 _____ () C:\windows\System32\Tasks\arp_flush
2014-12-26 17:37 - 2014-12-26 17:37 - 00000000 ____D () C:\Users\Stan\Documents\Native Instruments
2014-12-26 17:36 - 2014-12-26 17:36 - 00000000 ____D () C:\Program Files\Common Files\Avid
2014-12-24 20:43 - 2014-12-24 20:43 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-19 20:34 - 2014-12-19 20:34 - 00000000 ____D () C:\Users\Stan\AppData\Local\Valassis
2014-12-17 15:25 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-17 15:25 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-12 16:25 - 2014-12-12 16:25 - 00000000 ____D () C:\Users\Stan\Desktop\Tor Browser
2014-12-11 03:26 - 2014-12-11 03:26 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-11 03:02 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-11 03:02 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-11 03:02 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-11 03:02 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-11 03:02 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-11 03:02 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-11 03:02 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-12-11 03:02 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-12-11 03:02 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-12-11 03:02 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-10 13:04 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-10 13:04 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-10 13:04 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-10 13:04 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 13:04 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 13:04 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-10 13:04 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-10 13:04 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-10 13:04 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 13:04 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-10 13:04 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-10 13:04 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-10 13:04 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-10 13:04 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 13:04 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-10 13:04 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 13:04 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-10 13:04 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-10 13:04 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-10 13:04 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 13:04 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 13:04 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-10 13:04 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-10 13:04 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-10 13:04 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-10 13:04 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 13:04 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 13:04 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 13:04 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-10 13:04 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 13:04 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 13:04 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 13:04 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 13:04 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 13:04 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 13:04 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-10 13:04 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 13:04 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 13:04 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-10 13:04 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 13:04 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-10 13:04 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 13:04 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 13:04 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-10 13:03 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 13:03 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-10 13:03 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-10 13:03 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-10 13:03 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-10 13:03 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 13:03 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-10 13:03 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-10 13:03 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-10 13:03 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 13:03 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-10 13:03 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-10 13:03 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 13:03 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-10 13:03 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 13:03 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 13:03 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-10 13:03 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-10 13:03 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-10 13:03 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-10 13:03 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-10 13:03 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 13:03 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-10 13:03 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-10 13:03 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-10 13:03 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-10 13:03 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 13:03 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-10 13:03 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-10 13:03 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 13:03 - 2014-12-09 13:02 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-12-09 13:02 - 2014-12-22 16:16 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-09 13:02 - 2014-12-09 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-09 03:41 - 2014-12-09 03:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 01:34 - 2014-06-07 23:10 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 01:18 - 2012-07-20 20:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 01:00 - 2009-07-13 23:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 01:00 - 2009-07-13 23:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 00:58 - 2009-07-14 00:13 - 00006266 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-30 00:56 - 2011-03-22 15:27 - 01898799 _____ () C:\windows\WindowsUpdate.log
2014-12-30 00:53 - 2014-10-07 16:17 - 00000442 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-12-30 00:53 - 2014-06-12 22:54 - 00000000 ___RD () C:\Users\Stan\Google Drive
2014-12-30 00:52 - 2014-11-06 14:35 - 00004144 _____ () C:\windows\setupact.log
2014-12-30 00:52 - 2014-06-07 23:10 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 00:52 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-29 22:03 - 2011-05-14 02:41 - 00000000 ____D () C:\Users\Stan
2014-12-29 21:54 - 2014-08-20 01:00 - 00000000 ____D () C:\Users\Stan\AppData\Local\Adobe
2014-12-29 21:39 - 2011-05-15 01:06 - 00000000 ____D () C:\Users\Stan\AppData\Local\CrashDumps
2014-12-29 21:33 - 2014-11-13 13:48 - 00004282 _____ () C:\windows\PFRO.log
2014-12-29 21:32 - 2014-06-19 20:58 - 00001050 _____ () C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-29 21:32 - 2014-06-19 20:54 - 00001050 _____ () C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-12-29 21:32 - 2014-06-12 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-29 21:32 - 2014-05-07 12:03 - 00000998 _____ () C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-29 21:32 - 2014-05-06 11:10 - 00001032 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-29 20:57 - 2009-07-13 21:34 - 00000215 _____ () C:\windows\system.ini
2014-12-29 01:17 - 2014-05-04 17:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-29 00:39 - 2014-05-03 17:57 - 00135384 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 00:37 - 2014-05-03 17:56 - 00096472 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-28 03:43 - 2012-02-08 17:26 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-12-28 03:43 - 2012-02-05 22:05 - 00000000 ____D () C:\Program Files\Native Instruments
2014-12-28 03:43 - 2012-02-05 22:05 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-12-28 02:51 - 2014-06-19 15:48 - 00000000 ____D () C:\Program Files (x86)\Waves
2014-12-28 02:51 - 2012-01-27 06:03 - 00000000 ____D () C:\Users\Stan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves
2014-12-28 02:51 - 2012-01-27 06:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2014-12-26 17:36 - 2014-01-28 21:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-22 16:16 - 2010-11-01 02:00 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-22 16:14 - 2013-10-20 16:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-20 23:14 - 2014-05-03 17:56 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-20 23:14 - 2014-05-03 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-20 23:14 - 2014-05-03 17:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-13 04:05 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-12-11 15:18 - 2012-07-20 20:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 15:18 - 2012-04-06 00:42 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 15:18 - 2011-05-16 16:53 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 03:26 - 2014-05-03 22:06 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-11 03:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-11 03:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat
2014-12-11 03:10 - 2011-05-19 23:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:09 - 2013-07-19 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-12-11 03:04 - 2011-05-15 00:59 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-11 00:54 - 2011-10-18 23:30 - 00000000 ____D () C:\Users\Stan\Desktop\ecrater
2014-12-11 00:53 - 2012-12-04 13:01 - 00000000 ____D () C:\Users\Stan\Desktop\ebay
2014-12-11 00:44 - 2012-01-09 08:54 - 00000000 ____D () C:\Users\Stan\music recording
2014-12-10 12:54 - 2014-05-07 11:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 12:51 - 2012-09-20 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 13:02 - 2014-04-16 15:44 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-12-09 13:02 - 2014-04-16 15:44 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-12-09 12:49 - 2012-11-21 17:54 - 00000000 _____ () C:\Users\Stan\Documents\Nuance Image Printer Writer Port

Some content of TEMP:
====================
C:\Users\Stan\AppData\Local\Temp\Quarantine.exe
C:\Users\Stan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 19:58

==================== End Of Log ============================

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Stan at 2014-12-31 01:37:11 Run:1
Running from C:\Users\Stan\Desktop
Loaded Profile: Stan (Available profiles: Stan)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {07E46A4C-1CD1-49CF-BC36-5C9BBBB4F1F0} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== ATTENTION
C:\Program Files (x86)\ExpressFiles
AlternateDataStreams: C:\Users\Stan\Cookies:r0iMe9RSfF5Py2qdTtIJ
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => No File
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => No File
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => No File
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => No File
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => No File
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => No File
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => No File
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => No File
HKU\S-1-5-21-3954531214-905133765-490049910-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR StartupUrls: Default -> "https://www.google.com/ ", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419749919&from=ild&uid=TOSHIBAXMK5065GSXN_Z0N8F2QVSXXZ0N8F2QVS "
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR HKU\S-1-5-21-3954531214-905133765-490049910-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2014-12-30 00:54 - 2014-12-30 00:54 - 00000000 ____D () C:\Users\Stan\AppData\Local\{40B17FF4-A24E-40C9-B57B-F3EBBFA5FAF8}
C:\Users\Stan\AppData\Local\Temp\Quarantine.exe
C:\Users\Stan\AppData\Local\Temp\sqlite3.dll

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07E46A4C-1CD1-49CF-BC36-5C9BBBB4F1F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07E46A4C-1CD1-49CF-BC36-5C9BBBB4F1F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Express Files Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express Files Updater" => Key deleted successfully.
"C:\Program Files (x86)\ExpressFiles" => File/Directory not found.
"C:\Users\Stan\Cookies" => ":r0iMe9RSfF5Py2qdTtIJ" ADS not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1aCopyShExtError" => Key deleted successfully.
HKCR\CLSID\{83BEA36E-7680-4598-A4DF-994426F6E78D} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\2aCopyShExtSynced" => Key deleted successfully.
HKCR\CLSID\{845B7388-6F85-4F32-9FD5-F02DC7882B89} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\3aCopyShExtSyncing" => Key deleted successfully.
HKCR\CLSID\{F6378A7A-F753-449B-AE1B-997A96132E61} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4aCopyShExtSyncingProg1" => Key deleted successfully.
HKCR\CLSID\{3A511828-777D-46F8-82F4-5B530C1B3D9E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\5aCopyShExtSyncingProg2" => Key deleted successfully.
HKCR\CLSID\{C8C88204-5B14-40EC-BA72-8AEBC762047E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\6aCopyShExtSyncingProg3" => Key deleted successfully.
HKCR\CLSID\{ACFF45C3-3EEB-4351-86C2-6696BA264239} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\7aCopyShExtSyncingProg4" => Key deleted successfully.
HKCR\CLSID\{29AF997F-488B-46F0-AE78-7146F1B89CC3} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\8aCopyShExtSyncingProg5" => Key deleted successfully.
HKCR\CLSID\{03F9AD29-1C78-4B66-8890-B177B5430C53} => Key not found.
"HKU\S-1-5-21-3954531214-905133765-490049910-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
"HKU\S-1-5-21-3954531214-905133765-490049910-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
catchme => Service deleted successfully.
C:\Users\Stan\AppData\Local\{40B17FF4-A24E-40C9-B57B-F3EBBFA5FAF8} => Moved successfully.
C:\Users\Stan\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Stan\AppData\Local\Temp\sqlite3.dll => Moved successfully.

==== End of Fixlog 01:37:11 ====

 

Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java 7 Update 67
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 15.0.0.246 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (34.0.5)
Google Chrome (39.0.2171.71)
Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

 

Farbar Service Scanner Version: 21-07-2014
Ran by Stan (administrator) on 03-01-2015 at 15:24:31
Running from "C:\Users\Stan\Desktop "
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware "=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****