Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91700 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Extremely Slow Computer [Closed]


  • This topic is locked This topic is locked
9 replies to this topic

#1 raleigh39

raleigh39

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 09 April 2014 - 05:54 PM

My computer is running extremely slow.

I posted here a few weeks ago but had an emergency out of town.  I was told to run Frst and Gmer.

 

I apologize and any help would be greatly appreciated.

 

Here are the logs for them:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Do Good Brian (administrator) on DOGOODBRIAN-HP on 09-04-2014 19:09:36
Running from C:\Users\Do Good Brian\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
() C:\Program Files (x86)\Google\Update\Install\{B1F56EE0-FB5D-47C3-8A32-8DA509C28382}\34.0.1847.116_33.0.1750.154_chrome_updater.exe
(Google Inc.) C:\Windows\TEMP\CR_ADD91.tmp\setup.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-20] ()
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-26] (APN)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [GoogleChromeAutoLaunch_A4CA0CF8D6298D1CECD0AB6A7133CBE4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-14] (Google Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [Google Update] - C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-10] (Google Inc.)
Startup: C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM-x32 - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - {89E1481D-AEF2-4BB9-8775-2A9D2C3749F2} URL = http://www.search.as...archTerms}&psv=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={2B1097F3-611E-451E-B1A8-994507E79276}&mid=ee17fd2a814e47d1811805cc227ebd3e-8cc48a6bfd2a5d845b462bef446fc1758997bd52&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-16 01:13:06&v=17.3.1.91&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKCU - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia....h={searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
BHO-x32: Price Finder - {6E89E1D3-C66F-41C4-A648-CD91544E99C3} - C:\Users\Do Good Brian\AppData\Roaming\PriceFinder\PriceFinderHelper.dll (Pronto.com)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default
FF user.js: detected! => C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\user.js
FF NewTab: hxxp://search.conduit.com/?ctid=CT3319612&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SPFF4AF9BF-C058-4911-AD7F-2A2BC64B86D8
FF Homepage: www.google.com
FF Keyword.URL: hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_2&ent=bs____campaignID___&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Do Good Brian\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Do Good Brian\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @zoom.us/ZoomVideoPlugin - C:\Users\Do Good Brian\AppData\Roaming\Zoom\bin\npzoomplugin.dll (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Do Good Brian\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\Extensions\artur.dubovoy@gmail.com [2014-03-10]
FF Extension: MyStart Toolbar - C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c} [2013-10-27]
FF Extension: Flash and Video Download - C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-03-28]
FF Extension: Panic Button - C:\Users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\Extensions\{24cea704-946d-11da-a72b-0800200c9a66}.xpi [2013-12-23]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-06]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319612&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPFF4AF9BF-C058-4911-AD7F-2A2BC64B86D8&SSPV=
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://search.condui...rchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Zoom Launcher) - C:\Users\Do Good Brian\AppData\Roaming\Zoom\bin\npzoomplugin.dll (Zoom Video Communications, Inc.)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Translate) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-11-25]
CHR Extension: (Cloudy Calculator) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgimceffoceigocablmjdpebeodphgc [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Loupe Collage) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc [2013-11-25]
CHR Extension: (James White) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2013-11-25]
CHR Extension: (YouTube) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-19]
CHR Extension: (WebCamera360) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdeincpllgeldajmlncemfloafomon [2013-11-25]
CHR Extension: (Google Cast) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2013-11-25]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2013-11-25]
CHR Extension: (McAfee Security Scan+) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2013-11-25]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-11-25]
CHR Extension: (ScreenSh00ter) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-19]
CHR Extension: (Chrome Speak) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2013-11-25]
CHR Extension: (Bizodo Free Online Form and Survey Builder) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmmdbcdicmnpoigpgglogaongampheh [2013-11-25]
CHR Extension: (Google+) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-11-25]
CHR Extension: (Pixlr-o-matic) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-11-25]
CHR Extension: (Dragdis) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiekimdgbphfmnlbiahcfdgcipcopmep [2013-11-25]
CHR Extension: (XKit) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-11-25]
CHR Extension: (Plex) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2013-11-25]
CHR Extension: (Cloud Internet Explorer by Ericom) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gahjiajfldfkbglaegkndeccohnpcoce [2013-11-25]
CHR Extension: (Chrome Office Viewer (Beta)) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2013-11-25]
CHR Extension: (My Ebook Maker) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlhjjfkeghahhinonefjehckgambhhg [2013-11-25]
CHR Extension: (Magisto) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [2013-11-25]
CHR Extension: (Dimensions) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmihohhdcbejdkidbfijmfehjbnmifk [2013-11-25]
CHR Extension: (Cloudy Calculator Enhancer) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgnndipkjcpghbagmmcemdbjfclkcla [2013-11-25]
CHR Extension: (CloudConvert) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2013-11-25]
CHR Extension: (NPR Infinite Player) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2013-11-25]
CHR Extension: (mysms - Text anywhere) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2013-11-25]
CHR Extension: (Google Play Music) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-11-25]
CHR Extension: (Chrome to Mobile) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2013-11-25]
CHR Extension: (iPiccy Photo Editor) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2013-11-25]
CHR Extension: (PDF to Word Converter App) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2013-11-25]
CHR Extension: (Spreadsheet Calculator) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfinkdekjifhglflifjjjeandcahkbp [2013-11-25]
CHR Extension: (My Browser Page) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg [2013-11-25]
CHR Extension: (Calc-Sheet) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinolkpkhpfipbnbedghadcpndobgiba [2013-11-25]
CHR Extension: (Google Voice (by Google)) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2013-11-25]
CHR Extension: (Shareaholic for Pinterest) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc [2013-11-25]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2013-11-25]
CHR Extension: (Google Maps) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-11-25]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-11-25]
CHR Extension: (Chrome Speak) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpmlgbbboameedkldbfbhoigbabcbhk [2013-11-25]
CHR Extension: (Google Mail Checker) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-11-25]
CHR Extension: (Text) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2013-11-25]
CHR Extension: (AVG SafeGuard) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-09-10]
CHR Extension: (Jolidrive) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo [2013-11-25]
CHR Extension: (SkyDrive) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-11-25]
CHR Extension: (Facebook Notifications) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2013-11-25]
CHR Extension: (imo free video calls and text) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2013-11-25]
CHR Extension: (My Chrome Theme) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-11-25]
CHR Extension: (__MSG_extBrowserActionName__) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg [2013-11-25]
CHR Extension: (Instagram for Chrome) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2013-11-25]
CHR Extension: (WiseStamp - Email Signatures for GMail…) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg [2013-11-25]
CHR Extension: (Paper Notes) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\peiamebfimhocbnbdfdihoehhidbifko [2013-11-25]
CHR Extension: (Psykopaint) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-11-25]
CHR Extension: (Evernote Web Clipper) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-19]
CHR Extension: (Projeqt) - C:\Users\Do Good Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\plakpdjijklmnhdghijpnniiiahkbdpp [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.2.101\avg.crx [2014-01-11]

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-26] (APN LLC.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-26] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 19:09 - 2014-04-09 19:13 - 00040664 _____ () C:\Users\Do Good Brian\Desktop\FRST.txt
2014-04-09 19:09 - 2014-04-09 19:09 - 00000000 ____D () C:\FRST
2014-04-09 19:07 - 2014-04-09 19:07 - 02157056 _____ (Farbar) C:\Users\Do Good Brian\Desktop\FRST64.exe
2014-04-09 19:01 - 2014-04-09 19:02 - 01145856 _____ (Farbar) C:\Users\Do Good Brian\Desktop\FRST.exe
2014-04-04 21:00 - 2014-04-04 21:00 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Canon
2014-03-31 00:43 - 2014-03-31 00:43 - 06000640 _____ () C:\Program Files (x86)\GUTCDF0.tmp
2014-03-31 00:43 - 2014-03-31 00:43 - 00000000 ____D () C:\Program Files (x86)\GUMCDEF.tmp
2014-03-30 15:19 - 2014-03-30 15:20 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-03-30 15:17 - 2014-03-30 16:05 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-03-30 15:12 - 2014-03-30 15:12 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-03-30 15:10 - 2014-04-09 18:46 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\canon
2014-03-30 15:10 - 2014-04-01 16:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-30 14:37 - 2014-03-30 14:37 - 00000000 ____D () C:\Program Files\Canon
2014-03-30 07:36 - 2013-03-24 05:00 - 00393728 _____ (CANON INC.) C:\Windows\system32\CNMXLMBX.DLL
2014-03-30 07:36 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BXL.dll
2014-03-30 07:36 - 2012-11-09 10:43 - 00088064 _____ () C:\Windows\SysWOW64\CNC176DD.TBL
2014-03-30 07:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-03-30 07:02 - 2014-03-30 14:41 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-03-30 06:58 - 2014-03-30 06:58 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-30 06:58 - 2014-03-30 06:58 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-30 06:58 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBX.DLL
2014-03-30 06:58 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\Windows\system32\CNC_BXL.dll
2014-03-30 06:58 - 2012-11-09 10:43 - 00088064 _____ () C:\Windows\system32\CNC176DD.TBL
2014-03-30 06:58 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BXC.dll
2014-03-30 06:58 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BXI.dll
2014-03-30 06:58 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-03-30 06:56 - 2014-03-30 14:41 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-29 22:30 - 2014-03-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 17:54 - 2014-03-27 17:54 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\DropboxMaster
2014-03-22 02:17 - 2014-03-22 02:17 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-03-22 02:17 - 2014-03-22 02:17 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-03-22 02:16 - 2014-03-22 02:16 - 00000000 ____D () C:\ProgramData\APN
2014-03-22 02:14 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-22 02:14 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-22 02:14 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-22 02:14 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-22 02:13 - 2014-03-22 02:14 - 00005204 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-20 14:22 - 2014-03-20 14:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-19 23:35 - 2014-03-19 23:35 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2014-03-19 20:26 - 2014-03-19 20:01 - 235255407 _____ () C:\Users\Do Good Brian\Desktop\Lucas Entertainmen.mp4
2014-03-19 20:08 - 2014-03-19 20:09 - 00013824 ___SH () C:\Users\Do Good Brian\Downloads\Thumbs.db
2014-03-19 19:45 - 2014-03-19 20:01 - 235255407 _____ () C:\Users\Do Good Brian\Downloads\Lucas Entertainments Gay Bareback Orgy Escalates with More Hot Guys  Gay Porn HD Movies  Lucas Entertainment - Official Website - Copy.mp4
2014-03-17 17:03 - 2014-03-17 17:03 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-03-17 09:39 - 2014-03-17 09:39 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-12 21:50 - 2014-03-12 21:54 - 00002397 _____ () C:\Users\Guest\Desktop\CodeMonkey - Chrome.lnk
2014-03-11 21:41 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 21:41 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 21:41 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 21:41 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 21:41 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 21:41 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 21:41 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 21:41 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 21:41 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 21:41 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 21:41 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 21:41 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 21:41 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 21:41 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-11 21:41 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 21:41 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 21:41 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 21:41 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 21:41 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 21:41 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 21:41 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 21:41 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 21:41 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 21:41 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 21:41 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 21:41 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 21:41 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 21:41 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 21:41 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 21:41 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 21:41 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 21:41 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 21:41 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 21:41 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 21:41 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 21:41 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 21:41 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 21:41 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 21:41 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 21:41 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-11 21:41 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 21:41 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-11 21:41 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 21:41 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 21:39 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 21:39 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 21:39 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 21:39 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 19:11 - 2014-03-10 19:11 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-10 19:07 - 2014-03-10 19:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-10 18:55 - 2014-03-10 18:55 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-10 18:54 - 2014-03-10 18:56 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\hpqLog
2014-03-10 18:49 - 2014-04-09 18:36 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-10 18:48 - 2014-03-10 19:11 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-03-10 18:47 - 2014-03-10 19:13 - 00034642 _____ () C:\Windows\DPINST.LOG
2014-03-10 18:47 - 2014-03-10 19:11 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-03-10 03:36 - 2014-03-10 03:36 - 00000351 _____ () C:\Users\Do Good Brian\Desktop\BROKE STRAIGHT BOYS - Spencer Todd Fucks Brandon B.URL

==================== One Month Modified Files and Folders =======

2014-04-09 19:14 - 2013-06-26 11:59 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Dropbox
2014-04-09 19:13 - 2014-04-09 19:09 - 00040664 _____ () C:\Users\Do Good Brian\Desktop\FRST.txt
2014-04-09 19:11 - 2010-08-15 02:51 - 01534525 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 19:09 - 2014-04-09 19:09 - 00000000 ____D () C:\FRST
2014-04-09 19:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-04-09 19:07 - 2014-04-09 19:07 - 02157056 _____ (Farbar) C:\Users\Do Good Brian\Desktop\FRST64.exe
2014-04-09 19:02 - 2014-04-09 19:01 - 01145856 _____ (Farbar) C:\Users\Do Good Brian\Desktop\FRST.exe
2014-04-09 18:58 - 2013-08-10 22:40 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000UA.job
2014-04-09 18:56 - 2013-06-12 23:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 18:51 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 18:51 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 18:49 - 2013-05-03 00:41 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Local\Adobe
2014-04-09 18:48 - 2013-04-22 16:58 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-09 18:46 - 2014-03-30 15:10 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\canon
2014-04-09 18:46 - 2013-06-26 12:04 - 00000000 ___RD () C:\Users\Do Good Brian\Dropbox
2014-04-09 18:42 - 2011-06-05 01:21 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-09 18:39 - 2013-04-22 16:58 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 18:36 - 2014-03-10 18:49 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-04-09 18:36 - 2010-08-15 02:52 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-09 18:35 - 2014-02-01 04:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-09 18:35 - 2011-06-05 01:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-09 18:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 18:35 - 2009-07-14 00:51 - 00097840 _____ () C:\Windows\setupact.log
2014-04-04 21:32 - 2013-04-08 02:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-04 21:00 - 2014-04-04 21:00 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Canon
2014-04-02 23:58 - 2013-04-08 02:14 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Skype
2014-04-02 20:06 - 2013-08-10 22:40 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000Core.job
2014-04-02 19:59 - 2014-03-03 19:24 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForDo Good Brian.job
2014-04-01 16:03 - 2014-03-30 15:10 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 03:43 - 2013-04-22 16:58 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 03:43 - 2013-04-22 16:58 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 21:52 - 2013-04-12 01:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 00:43 - 2014-03-31 00:43 - 06000640 _____ () C:\Program Files (x86)\GUTCDF0.tmp
2014-03-31 00:43 - 2014-03-31 00:43 - 00000000 ____D () C:\Program Files (x86)\GUMCDEF.tmp
2014-03-31 00:34 - 2013-11-16 21:38 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\vlc
2014-03-30 18:47 - 2011-06-05 03:46 - 00613734 _____ () C:\Windows\PFRO.log
2014-03-30 16:05 - 2014-03-30 15:17 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-03-30 16:00 - 2013-12-04 15:45 - 00002273 _____ () C:\Users\Do Good Brian\Desktop\My Movie.wlmp
2014-03-30 15:20 - 2014-03-30 15:19 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-03-30 15:12 - 2014-03-30 15:12 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-03-30 14:41 - 2014-03-30 07:02 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-03-30 14:41 - 2014-03-30 06:56 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-30 14:41 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-03-30 14:37 - 2014-03-30 14:37 - 00000000 ____D () C:\Program Files\Canon
2014-03-30 06:58 - 2014-03-30 06:58 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-30 06:58 - 2014-03-30 06:58 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-29 22:30 - 2014-03-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 17:54 - 2014-03-27 17:54 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\DropboxMaster
2014-03-27 17:54 - 2013-06-26 12:01 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-27 17:54 - 2011-06-05 01:04 - 00000000 ___RD () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-27 17:52 - 2013-08-10 22:40 - 00003930 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000UA
2014-03-27 17:52 - 2013-08-10 22:40 - 00003534 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000Core
2014-03-24 19:16 - 2014-03-03 19:24 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDo Good Brian
2014-03-22 02:22 - 2013-11-18 13:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-22 02:17 - 2014-03-22 02:17 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-03-22 02:17 - 2014-03-22 02:17 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-03-22 02:16 - 2014-03-22 02:16 - 00000000 ____D () C:\ProgramData\APN
2014-03-22 02:14 - 2014-03-22 02:13 - 00005204 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-22 02:14 - 2011-06-05 01:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-20 21:41 - 2009-07-14 01:13 - 00783336 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-20 14:22 - 2014-03-20 14:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-20 14:22 - 2014-02-16 02:13 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-20 14:21 - 2013-09-09 18:41 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-19 23:35 - 2014-03-19 23:35 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2014-03-19 23:35 - 2013-04-09 06:05 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Zoom
2014-03-19 20:26 - 2014-02-24 09:58 - 00835584 ___SH () C:\Users\Do Good Brian\Desktop\Thumbs.db
2014-03-19 20:09 - 2014-03-19 20:08 - 00013824 ___SH () C:\Users\Do Good Brian\Downloads\Thumbs.db
2014-03-19 20:05 - 2014-02-14 21:18 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Local\dumps
2014-03-19 20:01 - 2014-03-19 20:26 - 235255407 _____ () C:\Users\Do Good Brian\Desktop\Lucas Entertainmen.mp4
2014-03-19 20:01 - 2014-03-19 19:45 - 235255407 _____ () C:\Users\Do Good Brian\Downloads\Lucas Entertainments Gay Bareback Orgy Escalates with More Hot Guys  Gay Porn HD Movies  Lucas Entertainment - Official Website - Copy.mp4
2014-03-19 03:04 - 2013-07-15 01:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2013-04-01 04:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 00:16 - 2013-07-06 07:56 - 00000000 ____D () C:\Users\Do Good Brian\Documents\Zoom
2014-03-18 05:18 - 2013-04-09 06:05 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Local\Deployment
2014-03-17 17:03 - 2014-03-17 17:03 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-03-17 17:03 - 2013-04-22 16:58 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Local\Google
2014-03-17 09:39 - 2014-03-17 09:39 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-17 09:39 - 2013-05-13 14:06 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-12 21:54 - 2014-03-12 21:50 - 00002397 _____ () C:\Users\Guest\Desktop\CodeMonkey - Chrome.lnk
2014-03-12 21:30 - 2013-06-12 23:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 21:30 - 2013-04-01 03:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 21:30 - 2013-04-01 03:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 07:03 - 2009-07-14 00:45 - 04974792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 07:01 - 2013-04-05 03:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 07:01 - 2013-04-05 03:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-11 04:31 - 2013-04-09 06:05 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Local\Apps\2.0
2014-03-11 03:10 - 2013-11-28 06:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-10 19:47 - 2013-11-11 12:10 - 47567025 _____ () C:\Users\Do Good Brian\Downloads\Scissor Sisters.zip
2014-03-10 19:13 - 2014-03-10 18:47 - 00034642 _____ () C:\Windows\DPINST.LOG
2014-03-10 19:11 - 2014-03-10 19:11 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-10 19:11 - 2014-03-10 18:48 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-03-10 19:11 - 2014-03-10 18:47 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-03-10 19:11 - 2013-07-27 10:59 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-10 19:08 - 2014-03-10 19:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-10 19:04 - 2010-08-15 02:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-10 19:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-03-10 18:57 - 2010-08-15 02:50 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-10 18:56 - 2014-03-10 18:54 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\hpqLog
2014-03-10 18:55 - 2014-03-10 18:55 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-10 18:53 - 2010-06-14 22:07 - 00000000 ____D () C:\swsetup
2014-03-10 11:33 - 2013-05-13 14:04 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\HP Support Assistant
2014-03-10 11:33 - 2013-04-01 02:48 - 00000000 ____D () C:\Users\Do Good Brian\AppData\Roaming\HpUpdate
2014-03-10 03:36 - 2014-03-10 03:36 - 00000351 _____ () C:\Users\Do Good Brian\Desktop\BROKE STRAIGHT BOYS - Spencer Todd Fucks Brandon B.URL

Some content of TEMP:
====================
C:\Users\Do Good Brian\AppData\Local\Temp\APNSetup.exe
C:\Users\Do Good Brian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjebogc.dll
C:\Users\Do Good Brian\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Do Good Brian\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Do Good Brian\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Do Good Brian\AppData\Local\Temp\UninstallHPTCA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 07:48

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Do Good Brian at 2014-04-09 19:15:42
Running from C:\Users\Do Good Brian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A06}) (Version: 12.10.6.48 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4336 - AVG Technologies)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4336 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.5.292 - AVG Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Carbonite Online Backup Setup (HKLM-x32\...\Carbonite Setup Lite) (Version: 3.8.0 - Carbonite Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.25 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
InstallConverter (HKLM-x32\...\InstallConverter) (Version: 1.0 - InstallConverter)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.6.5 - )
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyStart Anti-phishing Domain Advisor (HKLM-x32\...\MyStart Anti-phishing Domain Advisor) (Version: 1.0.1.108 - Visicom Media Inc. (Powered by Panda Security))
NVIDIA 3D Vision Controller Driver 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Control Panel 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Seagate Manager Installer (HKLM-x32\...\InstallShield_{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}) (Version: 2.01.0700 - Seagate)
Seagate Manager Installer (x32 Version: 2.01.0700 - Seagate) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{63911503-7EA4-4685-B2FD-D391EF622FB9}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{34C6812E-E231-4B13-9DAC-21E06ECA864A}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zoom (HKCU\...\ZoomUMX) (Version: 2.1 - Zoom Video Communications, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

23-03-2014 07:00:45 Windows Update
24-03-2014 07:00:33 Windows Update
25-03-2014 07:00:29 Windows Update
26-03-2014 07:00:28 Windows Update
27-03-2014 07:00:32 Windows Update
28-03-2014 07:00:29 Windows Update
29-03-2014 00:47:47 Windows Update
30-03-2014 07:00:16 Windows Update
30-03-2014 20:29:49 Windows Update
31-03-2014 04:43:42 Windows Update
01-04-2014 07:00:19 Windows Update
01-04-2014 20:04:32 Windows Update
02-04-2014 07:00:14 Windows Update
03-04-2014 04:33:52 Windows Update
05-04-2014 01:15:49 Windows Update
05-04-2014 01:31:30 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-02-12 12:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0BE9149E-FC5A-477B-B1DC-3D89DD7889D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {0C4A5FC8-97C8-4BE4-A5D5-589D5DC6ECA7} - System32\Tasks\{276DC6A4-A022-4192-B809-D3BD339D95C5} => Iexplore.exe http://ui.skype.com/...e=tsProgressBar
Task: {0E001DFA-80AA-4BDE-B5BA-B2222F475720} - System32\Tasks\{B1358609-D851-4C8F-A556-D36F99C032E0} => Iexplore.exe http://ui.skype.com/...?LastError=1603
Task: {1EB050BE-1253-4D5E-9DC7-B55687D29486} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {24BF2F0D-FBCD-4753-B74C-257F5DE5C6B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2013-11-04] (Hewlett-Packard Company)
Task: {285EA713-7649-479C-A9DC-DDD662C3D68A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {2AF81404-2D6E-4E5F-8121-067E32DDBFDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22] (Google Inc.)
Task: {4B7D22A0-A4DC-4357-BE8A-38B4C14AC3B1} - System32\Tasks\HPCeeScheduleForDo Good Brian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {581EC7B5-C8D3-4EA6-A0F4-905AFE560A22} - System32\Tasks\{BAD5C244-B9C3-4715-AAF7-A58A6674B40A} => Iexplore.exe http://ui.skype.com/...?LastError=1603
Task: {71C39B0E-F8B0-4C25-AFE9-1057DE19A77B} - System32\Tasks\{96C8EFAB-44DC-45AA-A412-50A9DBA551BE} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {753B5BC4-AECF-4986-9A77-2092F567AD39} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {79E8151F-9013-4014-ABED-F22127A7EEF4} - System32\Tasks\AdobeAAMUpdater-1.0-DoGoodBrian-HP-Do Good Brian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {9BCD4524-810B-4BFC-B3AB-BEFE41966723} - System32\Tasks\{2CABCC90-D471-4604-ABF7-44D0C1C96769} => Iexplore.exe http://ui.skype.com/...?LastError=1603
Task: {9E2D4B04-6A8E-418E-864A-19E9FC9A6023} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BA279C15-08A4-41EA-BAB2-9B85C7BF952A} - System32\Tasks\{1C84932B-7C3F-41D6-9116-0B2D2A16BD1B} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: {C5038B8B-308B-4983-99B5-6BE0BE8ADFB7} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {D8083466-20C5-4234-B13C-F0B9611D33E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000Core => C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-10] (Google Inc.)
Task: {E285A141-188F-490A-ABC6-528B2075C93C} - System32\Tasks\{2687D162-F34A-4225-B27D-648922E2318D} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: {E446C8FE-9DEF-4720-81E7-4E629AAE386B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-03-12] (Microsoft)
Task: {EAC06C6C-5385-402E-AE46-9823B41EB757} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {ECC5C488-C8B5-45A1-9EBE-90ED0783233A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000UA => C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-10] (Google Inc.)
Task: {EE5EB987-94C5-4196-8C38-A8A4B484451C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000Core.job => C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000UA.job => C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDo Good Brian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-06-05 01:44 - 2013-09-12 03:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-30 15:11 - 2012-03-27 23:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-03-20 14:22 - 2014-03-20 14:21 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-02-16 02:13 - 2014-03-20 14:21 - 02544664 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-09 18:58 - 2014-04-08 13:02 - 08704216 _____ () C:\Program Files (x86)\Google\Update\Install\{B1F56EE0-FB5D-47C3-8A32-8DA509C28382}\34.0.1847.116_33.0.1750.154_chrome_updater.exe
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-20 14:22 - 2014-03-20 14:21 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\log4cplusU.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-04-09 18:42 - 2014-04-09 18:42 - 00041984 _____ () C:\Users\Do Good Brian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjebogc.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 23:45 - 2014-03-14 20:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-03-29 22:30 - 2014-03-29 22:30 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 21:30 - 2014-03-12 21:30 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Do Good Brian\Desktop\2013-09-30 22.47.40.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Do Good Brian\Desktop\2013-11-21 20.43.23.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Do Good Brian\Desktop\2013-11-21 23.01.42.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Do Good Brian\Desktop\2013-11-21 23.07.00.jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG-Secure-Search-Update_0913a => C:\Users\Do Good Brian\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid ee17fd2a814e47d1811805cc227ebd3e-8cc48a6bfd2a5d845b462bef446fc1758997bd52 --CMPID 0913a
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
MSCONFIG\startupreg: CarboniteSetupLite => "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
MSCONFIG\startupreg: Google Update => "C:\Users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MaxMenuMgr => "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Price Finder => C:\Users\Do Good Brian\AppData\Roaming\PriceFinder\PriceFinderHelper.exe /check
MSCONFIG\startupreg: ROC_ROC_APR2013_AV => C:\Users\Do Good Brian\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid ee17fd2a814e47d1811805cc227ebd3e-8cc48a6bfd2a5d845b462bef446fc1758997bd52 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2014 06:47:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: CNQMUPDT.EXE, version: 2.2.1.0, time stamp: 0x517a49ec
Faulting module name: CNMDWLD.DLL, version: 1.0.0.0, time stamp: 0x4f5eedc8
Exception code: 0xc0000005
Fault offset: 0x000023c6
Faulting process id: 0x328
Faulting application start time: 0xCNQMUPDT.EXE0
Faulting application path: CNQMUPDT.EXE1
Faulting module path: CNQMUPDT.EXE2
Report Id: CNQMUPDT.EXE3

Error: (04/04/2014 09:32:13 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi

Error: (04/04/2014 09:21:30 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi

Error: (04/03/2014 00:35:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15257

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15257

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14259

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14259

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/09/2014 06:36:05 PM) (Source: Service Control Manager) (User: )
Description: The AVG Firewall service terminated with service-specific error %%-536805289.

Error: (04/09/2014 06:35:40 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Error: (04/04/2014 09:32:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (04/04/2014 09:30:31 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)

Error: (04/04/2014 09:22:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (04/04/2014 09:11:19 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)

Error: (04/04/2014 09:11:19 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)

Error: (04/04/2014 09:11:19 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)

Error: (04/04/2014 09:11:13 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)

Error: (04/04/2014 09:11:13 PM) (Source: DCOM) (User: DoGoodBrian-HP)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DoGoodBrian-HPGuestS-1-5-21-732149340-772113115-3497680213-501LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (04/09/2014 06:47:12 PM) (Source: Application Error)(User: )
Description: CNQMUPDT.EXE2.2.1.0517a49ecCNMDWLD.DLL1.0.0.04f5eedc8c0000005000023c632801cf54458cc733d6C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXEC:\Program Files (x86)\Canon\Quick Menu\CNMDWLD.DLLe30ed78a-c038-11e3-8f8d-d485649a54cd

Error: (04/04/2014 09:32:13 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/04/2014 09:21:30 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/03/2014 00:35:12 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.1.0.129.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15257

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15257

Error: (04/02/2014 11:01:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14259

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14259

Error: (04/02/2014 11:01:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-02-12 11:58:07.883
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-12 11:58:07.712
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 86%
Total physical RAM: 2047.29 MB
Available physical RAM: 275.63 MB
Total Pagefile: 4094.57 MB
Available Pagefile: 1078.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1385.08 GB) (Free:1168.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: 9D24A0D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-711799700992) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-04-09 19:46:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000059 ST1500DL rev.HP16 1397.27GB
Running: pxhktoip.exe; Driver: C:\Users\DOGOOD~1\AppData\Local\Temp\awtdikoc.sys

---- Processes - GMER 2.1 ----

Library  C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe [4088](2014-01-03 01:09:26)                                           0000000003c60000
Library  c:\users\dogood~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjebogc.dll (*** suspicious ***) @ C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe [4088](2014-04-09 22:42:16)  0000000003b60000
Library  C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe [4088](2013-08-23 19:01:44)                                                 00000000523b0000
Library  C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe [4088] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                   0000000054aa0000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                           unknown MBR code

---- EOF - GMER 2.1 ----
 

 

 

 

 

 

 


    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 10 April 2014 - 05:06 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Ask Toolbar
Kobo
McAfee Security Scan Plus
ooVoo


Close the window.

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 

#3 raleigh39

raleigh39

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 10 April 2014 - 08:08 AM

Thank you very much.

I removed the programs and here is the CF log:

 

 

ComboFix 14-04-09.02 - Do Good Brian 04/10/2014   9:49.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2047.620 [GMT -4:00]
Running from: c:\users\Do Good Brian\Desktop\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-10 to 2014-04-10  )))))))))))))))))))))))))))))))
.
.

\Local\temp
2014-04-10 00:11 . 2014-03-31 01:16    23134208    ----a-w-    c:\windows\system32\mshtml.dll
2014-04-10 00:11 . 2014-03-31 01:13    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-04-10 00:11 . 2014-03-31 00:13    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-04-09 23:28 . 2014-02-04 02:35    190912    ----a-w-    c:\windows\system32\drivers\storport.sys
2014-04-09 23:28 . 2014-02-04 02:35    274880    ----a-w-    c:\windows\system32\drivers\msiscsi.sys
2014-04-09 23:28 . 2014-02-04 02:35    27584    ----a-w-    c:\windows\system32\drivers\Diskdump.sys
2014-04-09 23:28 . 2014-02-04 02:28    2048    ----a-w-    c:\windows\system32\iologmsg.dll
2014-04-09 23:28 . 2014-02-04 02:00    2048    ----a-w-    c:\windows\SysWow64\iologmsg.dll
2014-04-09 23:27 . 2014-03-04 09:44    1163264    ----a-w-    c:\windows\system32\kernel32.dll
2014-04-09 23:27 . 2014-03-04 09:44    362496    ----a-w-    c:\windows\system32\wow64win.dll
2014-04-09 23:27 . 2014-03-04 09:44    243712    ----a-w-    c:\windows\system32\wow64.dll
2014-04-09 23:27 . 2014-03-04 09:44    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2014-04-09 23:27 . 2014-03-04 09:17    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2014-04-09 23:27 . 2014-03-04 09:16    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2014-04-09 23:27 . 2014-03-04 09:44    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2014-04-09 23:27 . 2014-03-04 09:16    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2014-04-09 23:27 . 2014-03-04 08:09    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2014-04-09 23:27 . 2014-03-04 08:09    2048    ----a-w-    c:\windows\SysWow64\user.exe
2014-04-09 23:26 . 2014-01-24 02:37    1684928    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2014-04-09 23:09 . 2014-04-09 23:19    --------    d-----w-    C:\FRST
2014-04-05 01:00 . 2014-04-05 01:00    --------    d-----w-    c:\users\Guest\AppData\Roaming\Canon
2014-03-31 04:43 . 2014-03-31 04:43    --------    d-----w-    c:\program files (x86)\GUMCDEF.tmp
2014-03-31 04:43 . 2014-03-31 04:43    6000640    ----a-w-    c:\program files (x86)\GUTCDF0.tmp
2014-03-30 19:19 . 2014-03-30 19:20    --------    d--h--w-    c:\programdata\CanonIJScan
2014-03-30 19:17 . 2014-03-30 20:05    --------    d--h--w-    c:\programdata\CanonIJMIG
2014-03-30 19:12 . 2014-03-30 19:12    --------    d--h--w-    c:\programdata\CanonIJQuickMenu
2014-03-30 19:10 . 2014-04-01 20:03    --------    d-----w-    c:\programdata\CanonIJPLM
2014-03-30 19:10 . 2014-04-09 22:46    --------    d-----w-    c:\users\Do Good Brian\AppData\Roaming\canon
2014-03-30 18:37 . 2014-03-30 18:37    --------    d-----w-    c:\program files\Canon
2014-03-30 11:36 . 2013-03-24 09:00    393728    ----a-w-    c:\windows\system32\CNMXLMBX.DLL
2014-03-30 11:36 . 2013-02-04 19:10    321536    ----a-w-    c:\windows\SysWow64\CNC_BXL.dll
2014-03-30 11:36 . 2008-08-25 22:02    15872    ----a-w-    c:\windows\SysWow64\CNHMCA.dll
2014-03-30 11:02 . 2014-03-30 18:41    --------    d-----w-    c:\programdata\CanonIJWSpt
2014-03-30 10:58 . 2014-03-30 10:58    --------    d--h--w-    c:\programdata\CanonBJ
2014-03-30 10:58 . 2013-03-24 09:00    30208    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\CNMPDBX.DLL
2014-03-30 10:58 . 2013-03-24 09:00    101888    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\CNMPPBX.DLL
2014-03-30 10:58 . 2013-02-04 19:12    367104    ----a-w-    c:\windows\system32\CNC_BXL.dll
2014-03-30 10:58 . 2012-11-08 17:04    282624    ----a-w-    c:\windows\system32\CNC_BXC.dll
2014-03-30 10:58 . 2012-11-08 17:03    106496    ----a-w-    c:\windows\system32\CNC_BXI.dll
2014-03-30 10:58 . 2008-08-25 22:02    17920    ----a-w-    c:\windows\system32\CNHMCA6.dll
2014-03-30 10:58 . 2013-03-24 09:00    391168    ----a-w-    c:\windows\system32\CNMLMBX.DLL
2014-03-30 10:56 . 2014-03-30 18:41    --------    d-----w-    c:\program files (x86)\Canon
2014-03-27 21:54 . 2014-03-27 21:54    --------    d-----w-    c:\users\Do Good Brian\AppData\Roaming\DropboxMaster
2014-03-22 06:16 . 2014-03-22 06:16    --------    d-----w-    c:\programdata\APN
2014-03-22 06:14 . 2013-12-19 01:09    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-20 18:22 . 2014-03-20 18:22    --------    d-----w-    c:\programdata\AVG Secure Search
2014-03-12 01:39 . 2014-02-04 02:32    624128    ----a-w-    c:\windows\system32\qedit.dll
2014-03-12 01:39 . 2014-02-04 02:32    1424384    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2014-03-12 01:39 . 2014-02-04 02:04    509440    ----a-w-    c:\windows\SysWow64\qedit.dll
2014-03-12 01:39 . 2014-02-04 02:04    1230336    ----a-w-    c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 07:02 . 2013-04-01 08:33    90655440    ----a-w-    c:\windows\system32\MRT.exe
2014-04-09 23:43 . 2013-12-06 09:51    736952    ----a-w-    c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-04-09 23:42 . 2013-04-10 18:16    2876528    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-04-09 23:41 . 2013-04-10 18:16    42168    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-04-09 23:41 . 2014-01-04 05:21    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-03-20 18:21 . 2013-09-09 22:41    49952    ----a-w-    c:\windows\system32\drivers\avgtpx64.sys
2014-03-13 01:30 . 2013-04-01 07:17    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-13 01:30 . 2013-04-01 07:17    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-10 22:24 . 2014-03-10 22:24    76232    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FF59922-F1DB-42F3-8A42-FBDD9E9D8CED}\offreg.dll
2014-03-05 12:32 . 2013-04-10 18:16    736952    ----a-w-    c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-03-05 12:32 . 2013-05-17 17:27    2876528    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-03-05 12:21 . 2013-05-17 17:16    42168    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-03-04 09:17 . 2014-04-09 23:27    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2014-02-02 11:45 . 2013-04-10 18:16    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-01-16 00:42 . 2014-01-16 00:42    608032    ----a-w-    C:\SecurityScanner.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}]
2013-09-13 19:54    392784    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\PriceFinder\PriceFinderHelper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-03-20 18:21    3486232    ----a-w-    c:\program files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll" [2014-03-20 3486232]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_A4CA0CF8D6298D1CECD0AB6A7133CBE4"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-04-02 841032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-01-22 4962320]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-11-06 2237328]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-14 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-03-20 2544664]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2013-07-10 1694080]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2014-02-28 5545328]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-05-02 1282120]
.
c:\users\Do Good Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-3-19 32667896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 22:58    1077576    ----a-w-    c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-01 01:30]
.
2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 20:58]
.
2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 20:58]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000Core.job
- c:\users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-11 02:40]
.
2014-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732149340-772113115-3497680213-1000UA.job
- c:\users\Do Good Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-11 02:40]
.
2014-04-10 c:\windows\Tasks\HPCeeScheduleForDo Good Brian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 08:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
c:\program files (x86)\mystarttb\mystartDx64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ccb24e92-62c4-4c53-95d2-65f9eed476bc}"= "c:\program files (x86)\mystarttb\mystartDx64.dll" [BU]
.
[HKEY_CLASSES_ROOT\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-10-16 23:02    3358064    ----a-w-    c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-10-16 23:02    3358064    ----a-w-    c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-10-16 23:02    3358064    ----a-w-    c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Do Good Brian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-25 472984]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-03-12 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
FF - ProfilePath - c:\users\Do Good Brian\AppData\Roaming\Mozilla\Firefox\Profiles\9fjitxia.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_2&ent=bs____campaignID___&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c0,e8,af,cb,07,7e,d7,43,b2,b2,70,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c0,e8,af,cb,07,7e,d7,43,b2,b2,70,\
.
[HKEY_USERS\S-1-5-21-732149340-772113115-3497680213-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-732149340-772113115-3497680213-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-10  10:04:48
ComboFix-quarantined-files.txt  2014-04-10 14:04
ComboFix2.txt  2014-02-12 17:01
.
Pre-Run: 1,255,385,661,440 bytes free
Post-Run: 1,255,283,290,112 bytes free
.
- - End Of File - - 3EA24B5FB9CABA52EA6B995B51227F15
 


Edited by raleigh39, 10 April 2014 - 08:10 AM.


#4 raleigh39

raleigh39

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 17 April 2014 - 10:10 PM

What do I do if someone replied once, but it has been over 7 days since any other reply?



#5 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 18 April 2014 - 02:33 AM

I´m sorry, I did not see your reply. :wacko:

 

System File Check

For Windows XP:

  • Press the Windows- and the R-key simultanously.
  • Within the text box that jus opened, write cmd and hit Enter.


For Windows Vista/7:

  • Press the Windows key to open the start menu.
  • Don´t highlight anything, just write cmd.
  • The start menu will offer you an entry named cmd.
  • Right click it and select "run as administrator"



Within the opening window, write the following:

sfc /scannow
(See the blank within).


  • Hit enter. Your system will be checked for damaged system files.
  • Tell me the result of that scan in here (as the tool produces no log).

Proud Member of UNITE & TB
 

#6 raleigh39

raleigh39

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 21 April 2014 - 02:17 AM

Thank you.  That's not a problem.

 

I did the scan but once it finishes it closes so quickly I cannot read anything.  I tried it twice.



#7 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 21 April 2014 - 09:11 AM

Run the cmd command first (as instructed).

Within the command processor box, you can now executed the sfc command.

 

This box will stay opened so youay see any reply of the command to post up here.


Proud Member of UNITE & TB
 

#8 raleigh39

raleigh39

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 21 April 2014 - 06:51 PM

Ok, got it this time.

 

It said,

Windows Resource Protectioon did not find any integrity violations.



#9 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 22 April 2014 - 06:18 AM

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.


Proud Member of UNITE & TB
 

#10 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 08 May 2014 - 03:22 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic
Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users