WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

PCBooster [Solved]

Started by curlee1982 , Oct 24 2014 08:30 PM

This topic is locked

10 replies to this topic

#1 curlee1982

Authentic Member

Authentic Member
22 posts

Posted 24 October 2014 - 08:30 PM

Cannot get rid of PC Booster and other malware/adware on PC. Also, this afternoon as Windows was updating, it stopped halfway through and said it could not continue and then deleted what it had tried to update. Here is a copy of the logs you requested.

aswMBR.txt 1.7KB 200 downloads

FRST.txt 188.76KB 191 downloads

Addition.txt 43.25KB 277 downloads

Advertisements

Register to Remove

#2 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 25 October 2014 - 12:27 PM

:welcome:

Before we begin you need to read the instructions carefully, most of our tools and scanners need to be run from the desktop as they run more effectively there

This is where your running your programs

C:\Users\jimmy\Downloads

Go into your download folder and right click on FRST64 and select CUT, come back to your desktop and on any clear space right click and select Paste

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner

Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

Close all open programs and internet browsers.

Double click on AdwCleaner.exe to run the tool.

Click on Scan.

After the scan is complete click on "Clean"

Confirm each time with Ok.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the content of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

===============================================================================

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

===============================================================================

You have Malwarebytes installed, here are some instructions, just open it and on the dashboard check for updates and run the Threat Scan

Download Malwarebytes' Anti-Malware to your desktop.

Windows XP : Double click on the icon to run it.

Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#3 curlee1982

Authentic Member

Authentic Member
22 posts

Posted 26 October 2014 - 07:20 PM

Thank you Ken545,

I hoipe I have done this correctly!

AdwCleanerS0.txt 5.22KB 188 downloads

JRT.txt 1.45KB 167 downloads

malwarebytes.txt 1.03KB 174 downloads

#4 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 08:18 PM

Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs. If you can I prefer that you copy and paste the logs directly into the thread in lieu of attaching them

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#5 curlee1982

Authentic Member

Authentic Member
22 posts

Posted 28 October 2014 - 04:38 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01

Ran by jimmy (administrator) on OURPC on 28-10-2014 18:24:42

Running from C:\Users\jimmy\Desktop

Loaded Profile: jimmy (Available profiles: jimmy & Administrator)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe

(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Spotify Ltd) C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe

(SMART Technologies ULC.) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseSoftwareService.exe

(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(Microsoft) C:\Program Files (x86)\Portable Booster\WarningPopUp.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)

HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)

HKLM-x32\...\Run: [SMART Board Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe [10132336 2012-03-09] (SMART Technologies ULC)

HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)

HKLM-x32\...\Run: [Response Desktop Menu] => C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe [1990040 2012-10-17] (SMART Technologies ULC)

HKLM-x32\...\Run: [SMARTClassroomCoordinator.exe] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe [485232 2011-06-22] (SMART Technologies ULC.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\Run: [Spotify Web Helper] => C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-15] (Spotify Ltd)

Startup: C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - {AE4A0516-1D41-41E3-AF10-E092C9EA9DC1} URL = http://www.bing.com/...E10TR&pc=MAGWJS

SearchScopes: HKLM-x32 - {AE4A0516-1D41-41E3-AF10-E092C9EA9DC1} URL = http://www.bing.com/...E10TR&pc=MAGWJS

SearchScopes: HKCU - DefaultScope {DC8E2359-5F23-453B-B05B-ECDE309AB2E1} URL = https://search.yahoo...p={SearchTerms}

SearchScopes: HKCU - {DC8E2359-5F23-453B-B05B-ECDE309AB2E1} URL = https://search.yahoo...p={SearchTerms}

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)

BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files (x86)\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)

DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefie...r_5.0.203.0.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\jimmy\AppData\Roaming\Mozilla\Firefox\Profiles\l8b5k1dm.default

FF SearchEngineOrder.1: Secure Search

FF Keyword.URL: https://search.yahoo...US0D20131207&p=

FF SelectedSearchEngine: Secure Search

FF DefaultSearchEngine: Secure Search

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @nsroblox.roblox.com/launcher64 -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy64.dll ( ROBLOX Corporation)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jimmy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-07]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-30]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-07]

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR DefaultSearchKeyword: Default -> mcafee

CHR DefaultSearchURL: Default -> https://search.yahoo...p={searchTerms}

CHR DefaultSuggestURL: Default ->

CHR Profile: C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-30]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-06]

CHR Extension: (Avast Online Security) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-22]

CHR Extension: (Google Wallet) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-27]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-04] (AVAST Software)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-29] (WildTangent)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()

S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)

S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)

R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)

R2 Response Hardware; C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe [19352 2012-10-17] (SMART Technologies ULC)

R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)

S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)

S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-04] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-04] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-04] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-04] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-04] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-04] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-04] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-04] ()

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-16] (Advanced Micro Devices)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-28] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)

R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)

R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)

R3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)

R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)

R3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 18:13 - 2014-10-28 18:13 - 00000000 ____D () C:\Users\jimmy\Desktop\FRST-OlderVersion

2014-10-28 09:53 - 2014-10-28 09:53 - 00000000 ____D () C:\Users\jimmy\.thumbnails

2014-10-28 09:51 - 2014-10-28 09:51 - 00000000 ____D () C:\Program Files (x86)\Blender Foundation

2014-10-28 09:48 - 2014-10-28 09:49 - 53895385 _____ () C:\Users\jimmy\Downloads\blender-2.72b-windows32.exe

2014-10-27 21:01 - 2014-10-27 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-10-26 21:16 - 2014-10-26 21:16 - 00001051 _____ () C:\Users\jimmy\Desktop\malwarebytes.txt

2014-10-26 20:33 - 2014-10-26 20:33 - 00001488 _____ () C:\Users\jimmy\Desktop\JRT.txt

2014-10-26 20:04 - 2014-10-26 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-10-26 19:59 - 2014-10-26 19:59 - 01706144 _____ (Thisisu) C:\Users\jimmy\Downloads\JRT.exe

2014-10-26 19:54 - 2014-10-26 19:54 - 00005345 _____ () C:\Users\jimmy\Desktop\AdwCleaner[S0].txt

2014-10-26 17:30 - 2014-10-26 17:30 - 00005385 _____ () C:\Users\jimmy\Desktop\AdwCleaner[R0].txt

2014-10-26 17:17 - 2014-10-26 17:17 - 00001191 _____ () C:\Users\jimmy\Desktop\AdwCleaner.exe - Shortcut.lnk

2014-10-26 17:12 - 2014-10-26 17:51 - 00000000 ____D () C:\AdwCleaner

2014-10-26 17:11 - 2014-10-26 17:11 - 01962496 _____ () C:\Users\jimmy\Downloads\AdwCleaner.exe

2014-10-26 14:27 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-10-26 14:27 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-24 22:28 - 2014-10-27 06:02 - 00036352 ___SH () C:\Users\jimmy\Desktop\Thumbs.db

2014-10-24 22:20 - 2014-10-24 22:20 - 00044290 _____ () C:\Users\jimmy\Desktop\Addition.txt

2014-10-24 22:19 - 2014-10-28 18:25 - 00026626 _____ () C:\Users\jimmy\Desktop\FRST.txt

2014-10-24 22:14 - 2014-10-24 22:18 - 00044290 _____ () C:\Users\jimmy\Downloads\Addition.txt

2014-10-24 22:09 - 2014-10-24 22:18 - 00193289 _____ () C:\Users\jimmy\Downloads\FRST.txt

2014-10-24 22:08 - 2014-10-24 22:08 - 02112000 _____ (Farbar) C:\Users\jimmy\Downloads\FRST64 (1).exe

2014-10-24 21:58 - 2014-10-28 18:24 - 00000000 ____D () C:\FRST

2014-10-24 21:58 - 2014-10-28 18:13 - 02113024 _____ (Farbar) C:\Users\jimmy\Desktop\FRST64.exe

2014-10-24 21:57 - 2014-10-24 21:57 - 00001744 _____ () C:\Users\jimmy\Desktop\aswMBR.txt

2014-10-24 21:57 - 2014-10-24 21:57 - 00000512 _____ () C:\Users\jimmy\Desktop\MBR.dat

2014-10-24 21:45 - 2014-10-24 21:45 - 05192704 _____ (AVAST Software) C:\Users\jimmy\Downloads\aswMBR.exe

2014-10-24 21:19 - 2014-10-24 21:19 - 00015502 _____ () C:\Users\jimmy\Desktop\hijackthis.log

2014-10-24 21:18 - 2014-10-24 21:18 - 00015502 _____ () C:\Users\jimmy\Downloads\hijackthis.log

2014-10-24 21:13 - 2014-10-24 21:13 - 00019456 ___SH () C:\Users\jimmy\Downloads\Thumbs.db

2014-10-24 21:13 - 2014-10-24 21:13 - 00013824 ___SH () C:\Users\jimmy\Documents\Thumbs.db

2014-10-24 21:10 - 2014-10-24 21:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\jimmy\Downloads\HiJackThis.exe

2014-10-24 20:44 - 2014-10-24 20:44 - 02685256 _____ (www.PerfectUninstaller.com ) C:\Users\jimmy\Downloads\PerfectUninstaller.exe

2014-10-21 21:40 - 2014-10-26 21:36 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Deployment

2014-10-21 19:31 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2014-10-21 19:18 - 2014-07-15 14:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-10-21 19:18 - 2014-07-15 04:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-10-21 19:18 - 2014-07-15 04:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-10-21 19:17 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-10-21 19:13 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2014-10-21 19:13 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-10-21 19:03 - 2014-05-03 01:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-10-21 19:03 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-10-21 19:03 - 2014-04-30 02:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-10-21 19:03 - 2014-04-30 00:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-10-21 19:03 - 2014-04-30 00:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-10-21 19:03 - 2014-04-30 00:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-10-21 19:03 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-10-21 19:03 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-10-21 19:03 - 2014-04-29 23:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-10-21 19:03 - 2014-04-28 18:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-10-21 19:03 - 2014-04-26 12:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-10-21 19:03 - 2014-04-14 05:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-10-21 19:03 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-10-21 19:02 - 2014-05-03 01:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-10-21 19:02 - 2014-05-03 01:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-10-21 19:02 - 2014-05-03 01:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-10-21 19:02 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-10-21 19:02 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-10-21 19:02 - 2014-05-02 19:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-10-21 19:02 - 2014-04-30 02:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-10-21 19:02 - 2014-04-30 02:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-10-21 19:02 - 2014-04-30 02:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-10-21 19:02 - 2014-04-30 01:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-10-21 19:02 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-10-21 19:02 - 2014-04-30 00:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-10-21 19:02 - 2014-04-30 00:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-10-21 19:02 - 2014-04-29 23:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-10-21 19:02 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-10-21 19:02 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-10-21 19:02 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-10-21 18:55 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2014-10-21 18:55 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2014-10-21 18:55 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2014-10-21 18:55 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2014-10-21 18:55 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-10-21 18:55 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-10-21 18:55 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-10-21 18:55 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-10-21 18:55 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-10-21 18:52 - 2014-08-16 00:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-10-21 18:52 - 2014-08-15 23:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-10-21 18:52 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-10-21 18:52 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-10-21 18:52 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-10-21 18:52 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-10-21 18:52 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-10-21 18:52 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-10-21 18:52 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-10-21 18:51 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-10-21 18:51 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-10-21 18:51 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-10-21 18:51 - 2014-08-15 23:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-10-21 18:51 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-10-21 18:51 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-10-21 18:51 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-10-21 18:51 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2014-10-21 18:51 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-10-21 18:51 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2014-10-21 18:51 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll

2014-10-21 18:51 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-10-21 18:51 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2014-10-21 18:51 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2014-10-21 18:51 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2014-10-21 18:51 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll

2014-10-21 18:51 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-10-21 18:51 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-10-21 18:51 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-10-21 18:51 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-10-21 18:51 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-10-21 18:51 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-10-21 18:51 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-10-21 18:51 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-10-21 18:51 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-10-21 18:51 - 2014-07-31 19:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-10-21 18:46 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll

2014-10-21 18:46 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

2014-10-21 18:32 - 2014-06-01 22:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-10-21 18:32 - 2014-05-31 02:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys

2014-10-21 18:32 - 2014-05-31 02:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys

2014-10-21 18:32 - 2014-05-31 00:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe

2014-10-21 18:32 - 2014-05-31 00:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll

2014-10-21 18:32 - 2014-05-31 00:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll

2014-10-21 18:32 - 2014-05-27 05:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll

2014-10-21 18:32 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll

2014-10-21 18:31 - 2014-10-09 18:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-10-21 18:31 - 2014-10-08 18:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2014-10-21 18:31 - 2014-09-18 21:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-10-21 18:31 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2014-10-21 18:31 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-10-21 18:31 - 2014-07-10 00:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll

2014-10-21 18:28 - 2014-07-12 00:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-10-20 19:23 - 2014-10-20 19:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-10-20 19:08 - 2014-10-28 16:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-10-20 19:07 - 2014-10-20 19:07 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-20 19:07 - 2014-10-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-20 19:06 - 2014-10-20 19:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-20 19:06 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-10-20 19:06 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-10-20 19:06 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-10-20 19:01 - 2014-10-20 19:02 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.3.1025.exe

2014-10-20 18:17 - 2014-10-20 18:17 - 00000000 __SHD () C:\Users\jimmy\AppData\Local\EmieUserList

2014-10-20 18:17 - 2014-10-20 18:17 - 00000000 __SHD () C:\Users\jimmy\AppData\Local\EmieSiteList

2014-10-20 18:16 - 2014-10-28 12:53 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9791AE5-E39C-4E49-8217-4386C0483A75}

2014-10-20 02:01 - 2014-10-19 22:08 - 00000000 __SHD () C:\Recovery

2014-10-20 02:00 - 2014-10-20 19:11 - 00000000 ___DC () C:\WINDOWS\Panther

2014-10-20 01:56 - 2014-10-20 01:56 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-10-20 01:56 - 2014-10-20 01:56 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-10-20 01:56 - 2014-10-20 01:56 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-10-20 01:56 - 2014-10-20 01:56 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-10-20 01:55 - 2014-10-20 01:55 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-10-20 01:55 - 2014-10-20 01:55 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-10-20 01:55 - 2014-10-20 01:55 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll

2014-10-20 01:55 - 2014-10-20 01:55 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-10-20 01:54 - 2014-10-20 01:54 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-10-20 01:54 - 2014-10-20 01:54 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-10-20 01:54 - 2014-10-20 01:54 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-10-20 01:54 - 2014-10-20 01:54 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-20 01:53 - 2014-10-20 01:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-10-20 01:53 - 2014-10-20 01:53 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-10-20 01:51 - 2014-10-20 01:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files\MSBuild

2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies

2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-10-20 01:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2014-10-20 01:48 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2014-10-20 01:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2014-10-20 01:48 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-10-19 23:06 - 2014-10-19 23:06 - 00001449 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-10-19 23:05 - 2014-10-19 23:05 - 00000020 ___SH () C:\Users\jimmy\ntuser.ini

2014-10-19 22:57 - 2014-10-19 22:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat

2014-10-19 22:30 - 2014-10-19 22:30 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-10-19 22:30 - 2014-10-19 22:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-10-19 22:30 - 2014-10-19 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-10-19 22:18 - 2014-10-19 22:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate

2014-10-19 22:14 - 2014-10-28 09:53 - 00000000 ____D () C:\Users\jimmy

2014-10-19 22:14 - 2014-10-19 22:58 - 00032388 _____ () C:\WINDOWS\diagwrn.xml

2014-10-19 22:14 - 2014-10-19 22:58 - 00032388 _____ () C:\WINDOWS\diagerr.xml

2014-10-19 22:14 - 2014-10-19 22:40 - 00000000 ____D () C:\Users\Administrator

2014-10-19 22:14 - 2014-10-19 22:18 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-10-19 22:14 - 2014-10-19 22:18 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-10-19 22:14 - 2014-10-19 22:15 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-10-19 22:14 - 2014-10-19 22:15 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-10-19 22:07 - 2014-10-19 22:07 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201410192207066014.log

2014-10-19 22:06 - 2014-10-19 22:26 - 00000000 ____D () C:\ProgramData\AMD

2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-10-19 22:05 - 2014-10-28 14:17 - 01567429 _____ () C:\WINDOWS\WindowsUpdate.log

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\Program Files\Realtek

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\Program Files\AMD

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\AMD

2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin

2014-10-19 19:40 - 2014-10-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA

2014-10-19 19:39 - 2014-10-19 19:39 - 07054336 _____ () C:\Users\jimmy\Downloads\xnafx40_redist.msi

2014-10-19 19:37 - 2014-10-19 19:37 - 00000006 _____ () C:\Users\jimmy\Downloads\ID.dat

2014-10-19 19:32 - 2014-10-19 19:41 - 00000000 ____D () C:\Users\jimmy\Downloads\Pokemon

2014-10-19 19:30 - 2014-10-19 19:30 - 00000110 _____ () C:\Users\jimmy\Downloads\launcher_settings.dat

2014-10-19 19:27 - 2014-10-19 19:27 - 00217088 _____ (Kolben Games) C:\Users\jimmy\Downloads\Pokémon3D.exe

2014-10-17 15:26 - 2014-10-17 15:26 - 00003730 _____ () C:\WINDOWS\System32\Tasks\boosterpop

2014-10-17 15:26 - 2014-10-17 15:26 - 00003626 _____ () C:\WINDOWS\System32\Tasks\IEError

2014-10-17 15:26 - 2014-10-17 15:26 - 00003472 _____ () C:\WINDOWS\System32\Tasks\AI_Updater

2014-10-17 15:24 - 2014-10-28 11:37 - 00000000 ____D () C:\Program Files (x86)\Portable Booster

2014-10-17 15:24 - 2014-10-19 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster

2014-10-15 18:54 - 2014-10-20 20:22 - 00000000 ____D () C:\ProgramData\fgtyHUPuUn

2014-10-15 18:54 - 2014-10-20 20:15 - 00000000 ____D () C:\ProgramData\InstaShare

2014-10-14 22:10 - 2014-10-14 22:10 - 12853208 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.8.1.1.exe

2014-10-14 22:04 - 2014-10-14 22:05 - 12616928 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.7.9.0.exe

2014-10-14 20:56 - 2014-10-14 20:56 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Daring_Development_Inc

2014-10-14 20:54 - 2014-10-14 20:54 - 12788656 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.7.3.0.exe

2014-10-14 20:47 - 2014-10-14 20:48 - 65234731 _____ () C:\Users\jimmy\Downloads\Vertoak V12 Stuff Inside.zip

2014-10-11 07:53 - 2014-10-19 22:58 - 00009796 _____ () C:\WINDOWS\comsetup.log

2014-10-10 06:21 - 2014-10-10 06:21 - 07233024 _____ () C:\Users\jimmy\Downloads\Leviathan2.ppt

2014-10-06 23:06 - 2014-10-06 23:06 - 00068823 _____ () C:\Users\jimmy\Downloads\16 Ready to go Youth Group Meetings.zip

2014-10-06 20:06 - 2014-08-26 12:50 - 00076064 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys

2014-10-06 20:05 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

2014-10-04 22:35 - 2014-10-04 22:34 - 00355310 _____ () C:\Users\jimmy\Downloads\feab0935ff9659316e4afc6305d09c39_Minecraft.zip

2014-10-04 22:33 - 2014-10-04 22:33 - 00771624 _____ ( ) C:\Users\jimmy\Downloads\MinecraftSetup.exe

2014-10-04 14:11 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll

2014-10-04 14:11 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll

2014-10-04 14:11 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll

2014-10-04 14:11 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll

2014-10-04 14:11 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll

2014-10-04 11:51 - 2014-10-04 11:51 - 00000000 ____D () C:\Users\jimmy\Documents\SimCity

2014-10-04 11:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll

2014-10-04 10:34 - 2014-10-04 10:34 - 00000000 ____D () C:\Users\jimmy\Documents\Electronic Arts

2014-10-04 10:33 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll

2014-10-04 10:32 - 2014-10-04 10:32 - 00000000 ____D () C:\ProgramData\Package Cache

2014-10-04 10:26 - 2014-10-18 09:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-10-04 10:25 - 2014-10-04 23:29 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Origin

2014-10-04 10:23 - 2014-10-18 09:57 - 00000000 ____D () C:\ProgramData\Origin

2014-10-04 10:22 - 2014-10-04 10:22 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\jimmy\Downloads\OriginThinSetup.exe

2014-10-02 06:15 - 2014-10-02 06:15 - 00793240 _____ ( ) C:\Users\jimmy\Downloads\Free_Download_Setup.exe

2014-09-30 21:55 - 2014-09-30 21:55 - 01660008 _____ () C:\Users\jimmy\Downloads\The Avengers.mp4

2014-09-29 19:40 - 2014-09-29 19:40 - 00057126 _____ () C:\Users\jimmy\Downloads\Rhythm Manipulatives.notebook

2014-09-28 20:17 - 2014-09-28 20:17 - 00027887 _____ () C:\Users\jimmy\Downloads\mortal kombat.htm

2014-09-28 07:20 - 2014-09-28 07:20 - 07107753 _____ () C:\Users\jimmy\Downloads\daft punk.htm

2014-09-28 07:12 - 2014-09-28 07:12 - 00081503 _____ () C:\Users\jimmy\Downloads\video killed the radio star pentatonix.htm

2014-09-28 07:12 - 2014-09-28 07:12 - 00081435 _____ () C:\Users\jimmy\Downloads\pentatonix problem.htm

2014-09-28 07:11 - 2014-09-28 07:11 - 00081869 _____ () C:\Users\jimmy\Downloads\natural disaster.htm

2014-09-28 07:10 - 2014-09-28 07:10 - 00081561 _____ () C:\Users\jimmy\Downloads\music evolution.htm

2014-09-28 07:09 - 2014-09-28 07:09 - 00081129 _____ () C:\Users\jimmy\Downloads\save the world.htm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 18:10 - 2013-02-22 18:01 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1271087293-465154865-2948633367-1002

2014-10-28 18:06 - 2014-05-07 14:45 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job

2014-10-28 18:05 - 2013-12-15 21:17 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-10-28 18:05 - 2013-12-15 21:16 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-28 18:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-10-28 17:45 - 2013-03-16 09:30 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-10-28 09:54 - 2013-11-21 21:01 - 00000000 ____D () C:\Users\jimmy\Desktop\mods

2014-10-28 06:37 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-10-28 06:13 - 2014-09-24 03:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-10-28 06:12 - 2013-08-22 10:46 - 00326061 _____ () C:\WINDOWS\setupact.log

2014-10-27 18:09 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-10-26 19:47 - 2013-12-07 16:51 - 00000000 __RSD () C:\Users\jimmy\Documents\McAfee Vaults

2014-10-26 19:46 - 2013-12-30 13:55 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update

2014-10-26 19:39 - 2014-09-24 03:03 - 00099718 _____ () C:\WINDOWS\PFRO.log

2014-10-26 19:39 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-10-26 14:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-10-26 14:16 - 2014-09-24 05:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-10-26 14:16 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-10-26 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-10-26 07:52 - 2013-10-08 21:12 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2014-10-26 07:46 - 2013-11-21 21:01 - 00000000 ____D () C:\Users\jimmy\Desktop\html

2014-10-26 07:46 - 2013-09-27 18:23 - 00000000 ____D () C:\Users\jimmy\Desktop\free doodle frames

2014-10-26 07:46 - 2013-09-27 18:17 - 00000000 ____D () C:\Users\jimmy\Desktop\Wavy Swirl Doodle Frame

2014-10-26 07:46 - 2013-09-22 21:40 - 00000000 ____D () C:\Users\jimmy\Desktop\doodle frames

2014-10-26 07:45 - 2014-06-27 17:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-10-26 07:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-10-25 07:11 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-10-24 21:12 - 2013-02-21 22:18 - 00000000 ____D () C:\Users\jimmy\AppData\Local\VirtualStore

2014-10-24 20:20 - 2014-09-09 19:24 - 00000000 ____D () C:\Marvel Heroes Game

2014-10-24 18:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-10-22 15:58 - 2013-01-28 18:05 - 00000000 ____D () C:\Users\jimmy\Documents\Christians Work

2014-10-21 22:58 - 2012-12-22 18:03 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Packages

2014-10-21 20:13 - 2013-08-24 20:32 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-10-21 19:44 - 2013-02-23 00:11 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-10-21 19:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore

2014-10-20 20:16 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2014-10-20 19:06 - 2013-10-22 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-10-20 01:59 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

2014-10-20 01:59 - 2013-02-22 01:13 - 00000000 ____D () C:\Windows.old(1)

2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-10-20 01:55 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-10-19 22:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration

2014-10-19 22:48 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media

2014-10-19 22:48 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries

2014-10-19 22:34 - 2013-08-22 10:44 - 00429632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-10-19 22:32 - 2014-09-24 02:53 - 00000000 ____D () C:\WINDOWS\ShellNew

2014-10-19 22:32 - 2014-09-08 06:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-10-19 22:32 - 2014-07-15 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-19 22:32 - 2014-06-27 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series User Registration

2014-10-19 22:32 - 2014-06-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual

2014-10-19 22:32 - 2013-12-30 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-10-19 22:32 - 2013-12-27 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-10-19 22:32 - 2013-12-15 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader

2014-10-19 22:32 - 2013-12-15 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-10-19 22:32 - 2013-12-07 16:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup

2014-10-19 22:32 - 2013-10-11 17:12 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU

2014-10-19 22:32 - 2013-09-20 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore

2014-10-19 22:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help

2014-10-19 22:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2014-10-19 22:32 - 2013-03-16 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies

2014-10-19 22:32 - 2013-02-21 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-10-19 22:32 - 2012-09-11 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon Weblink

2014-10-19 22:32 - 2012-09-11 13:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10

2014-10-19 22:32 - 2012-09-11 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center

2014-10-19 22:32 - 2012-08-03 05:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5

2014-10-19 22:32 - 2012-08-03 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway

2014-10-19 22:32 - 2012-08-03 05:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-19 22:30 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log

2014-10-19 22:30 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated

2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN

2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep

2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\system32\WCN

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI

2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME

2014-10-19 22:29 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI

2014-10-19 22:29 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2014-10-19 22:29 - 2013-02-21 22:26 - 00000000 ____D () C:\WINDOWS\system32\kodak

2014-10-19 22:29 - 2013-02-21 22:15 - 00000000 ____D () C:\WINDOWS\system32\ek

2014-10-19 22:29 - 2012-09-11 13:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda

2014-10-19 22:27 - 2014-08-26 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare

2014-10-19 22:27 - 2014-06-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-10-19 22:27 - 2013-11-21 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-10-19 22:27 - 2013-11-20 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA

2014-10-19 22:27 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker

2014-10-19 22:27 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources

2014-10-19 22:27 - 2012-08-03 05:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero

2014-10-19 22:27 - 2012-08-03 05:38 - 00000000 ____D () C:\ProgramData\PRICache

2014-10-19 22:26 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar

2014-10-19 22:26 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar

2014-10-19 22:26 - 2012-09-11 13:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2014-10-19 22:18 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery

2014-10-19 22:15 - 2012-08-03 05:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages

2014-10-19 22:02 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default

2014-10-19 21:37 - 2013-02-21 22:16 - 01593040 _____ () C:\WINDOWS\WindowsUpdate (1).log

2014-10-18 18:01 - 2014-05-07 14:45 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2

2014-10-18 18:00 - 2013-12-15 21:16 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-10-18 09:55 - 2012-07-26 01:26 - 00000194 _____ () C:\WINDOWS\win.ini

2014-10-17 20:20 - 2013-02-21 22:56 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-10-17 15:17 - 2013-04-19 18:21 - 00000000 ____D () C:\Users\jimmy\AppData\Local\CrashDumps

2014-10-17 14:35 - 2013-03-24 13:33 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Audacity

2014-10-17 07:10 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

2014-10-15 21:36 - 2013-03-11 01:06 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Spotify

2014-10-15 18:30 - 2013-03-11 01:06 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Spotify

2014-10-10 17:50 - 2012-09-11 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-10-06 20:04 - 2013-12-07 16:39 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2014-10-06 20:03 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-10-04 14:10 - 2013-11-23 08:49 - 00030941 _____ () C:\WINDOWS\DirectX.log

2014-10-01 17:45 - 2014-09-07 20:40 - 07857310 _____ () C:\Users\jimmy\Downloads\Pokedex (1) (1) (1).rar

2014-09-30 05:31 - 2014-09-27 10:15 - 00332161 _____ () C:\Users\jimmy\Documents\Fall Leaves.notebook

2014-09-28 12:55 - 2014-09-27 10:41 - 00002343 _____ () C:\Users\jimmy\Documents\Fall_Leaves.mscz

Some content of TEMP:

====================

C:\Users\jimmy\AppData\Local\Temp\Quarantine.exe

C:\Users\jimmy\AppData\Local\Temp\sqlite3.dll

C:\Users\jimmy\AppData\Local\Temp\Uninstaller-388.exe

C:\Users\jimmy\AppData\Local\Temp\Uninstaller-6968.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-19 22:02

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01

Ran by jimmy at 2014-10-28 18:28:44

Running from C:\Users\jimmy\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 9 Trial (HKLM-x32\...\{A29BB48D-59ED-411C-AB20-3FA488D08161}) (Version: 9.0.0.0 - Ableton)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden

AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden

AMD AVIVO64 Codecs (Version: 12.5.100.20719 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{19CB64EB-ACFE-681D-B571-A8A3398F1943}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)

AMD VISION Engine Control Center (x32 Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)

Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)

Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)

Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version: - ‭Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)

Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)

DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)

DC Universe Online Live (HKCU\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)

Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)

Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Free YouTube Downloader 3.5.181 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

Game Channels (x32 Version: 7.1.0.17 - WildTangent, Inc.) Hidden

Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Gateway Incorporated)

Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden

Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Gateway Incorporated)

Hunting Unlimited 2010 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Hunting Unlimited 2011 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Gateway Incorporated)

iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Gateway Incorporated)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden

McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden

McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)

McAfee Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)

Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden

Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)

Nero BackItUp (x32 Version: 12.0.0016 - Nero AG) Hidden

Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)

Nero BackItUp Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden

Nero ControlCenter (x32 Version: 11.0.14500.0.45 - Nero AG) Hidden

Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden

Nero Core Components (x32 Version: 11.0.16900.1.27 - Nero AG) Hidden

Nero Express (x32 Version: 12.0.16001 - Nero AG) Hidden

Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden

Nero Launcher (x32 Version: 12.0.3000 - Nero AG) Hidden

Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden

Nero RescueAgent Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)

Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)

ROBLOX Player for jimmy (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)

ROBLOX Studio 2013 for jimmy (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)

SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)

SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)

SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)

SMART Response Software (HKLM-x32\...\{02885557-ACA5-4B6F-85D2-3F1A9B8580F5}) (Version: 4.0.450.1 - SMART Technologies ULC)

SMART Sync Teacher (HKLM-x32\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)

Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)

Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)

Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)

WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden

Wondershare Video Editor(Build 4.5.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1271087293-465154865-2948633367-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-c2a7e6748ad54a86\RobloxProxy64.dll (ROBLOX Corporation)

==================== Restore Points =========================

21-10-2014 23:30:22 Windows Update

25-10-2014 00:21:47 Removed PCBooster

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2BE533A9-3E5C-4C87-927B-6722A22B6B5F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-21] (Microsoft Corporation)

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {360A0CDF-FE35-4A24-8D14-560A1196F977} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)

Task: {37708282-8E36-43EB-A771-BE49A6ED466E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {408DBE6A-D817-4107-8EAD-08D1427CBDDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {644CD833-9DCE-42EC-9DCA-A4DBAEBFE5E7} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\\WarningPopUp.exe [2014-10-04] (Microsoft)

Task: {691C5007-EADB-411E-A1C3-D155647E5129} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)

Task: {69A79124-8170-4D64-B9F3-3F8F85126E0A} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2012-06-21] ()

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {7A8200C9-C4E1-438E-805B-9919B752D53D} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-10-04] (Portable Booster)

Task: {83D19DC0-FBCD-4324-B710-A40A48E9C9F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-04] (AVAST Software)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8BBB856F-24E0-41A8-8297-EEB1825C9FC1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {8EA43C2D-1C36-4648-8A81-D6A27EB6A0F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)

Task: {90FA3452-9D0D-4E28-AB4F-438CDD128B8D} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)

Task: {97089067-B7A4-420D-888C-87E98252E71A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {9A823740-E6AF-448A-B61C-3FB16097D69D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {A0772BF0-15D3-43E1-833D-676DD0FA37AD} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)

Task: {AA4C659F-5A11-4E0A-A27A-0A7D56D5491E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D61D7859-723F-44DC-AC2C-7413E2995BD0} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2012-08-24] ()

Task: {D6E6E288-AAE5-44E8-88D5-0A5F846E476D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {E97D4480-F704-4182-BD49-197159EAF3F5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)

Task: {F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-10-01] ()

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-27 17:50 - 2012-03-27 23:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

2010-04-13 21:11 - 2010-04-13 21:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll

2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2014-08-04 18:03 - 2014-08-04 18:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

2014-10-26 17:14 - 2014-10-26 17:14 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102600\algo.dll

2014-10-28 06:38 - 2014-10-28 06:38 - 02898432 _____ () C:\Program Files\AVAST Software\Avast\defs\14102800\algo.dll

2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 00022440 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 00054184 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 00053680 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_signals.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_8ce60f5e6bc42419\boost_signals-vc100-mt-1_44.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 02296736 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtCore4.dll

2014-10-19 22:30 - 2014-10-19 22:30 - 02364840 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_none_1bed397492abdaf4\xqilla-vc100-1_0.dll

2014-10-19 22:30 - 2014-10-19 22:30 - 00066976 _____ () C:\WINDOWS\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_none_a9eddec61c291613\zlib1-vc100-mt-1.2.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 02310056 _____ () C:\WINDOWS\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_none_abdcef110f80cf28\redland-vc100-1_0_9.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 00145328 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll

2014-10-19 22:31 - 2014-10-19 22:31 - 00051120 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 07546272 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtGui4.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 02027424 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtCore4.dll

2014-10-19 22:32 - 2014-10-19 22:32 - 00524712 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll

2012-10-24 14:11 - 2012-10-24 14:11 - 01435544 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\activation2.dll

2014-10-19 22:30 - 2014-10-19 22:30 - 02996648 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.2.1_9ca15c999435ee05_1.0.1.0_none_1bed22ac92abf495\xqilla21.dll

2011-06-22 08:19 - 2011-06-22 08:19 - 00070656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\libLogger-vc100-2_0.dll

2014-08-04 18:03 - 2014-08-04 18:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-08-26 21:30 - 2014-07-09 12:01 - 01459712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2014-08-26 21:30 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2012-10-17 08:40 - 2012-10-17 08:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node

2012-10-17 08:40 - 2012-10-17 08:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node

2014-10-19 22:32 - 2014-10-19 22:32 - 01030048 _____ () C:\WINDOWS\WinSxS\x86_smarttech.js.vc70.1.8_37a8c5fef6a21868_1.0.2.1_none_e909cd048128eadf\js32.dll

2012-10-24 14:11 - 2012-10-24 14:11 - 00466840 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\ziparchive-vc100-3_1_1a.dll

2014-10-28 04:20 - 2014-10-22 00:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll

2014-10-28 04:20 - 2014-10-22 00:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll

2014-10-28 04:20 - 2014-10-22 00:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll

2014-10-28 04:20 - 2014-10-22 00:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1271087293-465154865-2948633367-500 - Administrator - Disabled) => C:\Users\Administrator

Guest (S-1-5-21-1271087293-465154865-2948633367-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1271087293-465154865-2948633367-1004 - Limited - Enabled)

jimmy (S-1-5-21-1271087293-465154865-2948633367-1002 - Administrator - Enabled) => C:\Users\jimmy

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (10/28/2014 10:33:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)

Description: Activation of app Evernote.Skitch_q4d96b2w5wcc2!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/28/2014 10:33:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)

Description: Activation of app Evernote.Skitch_q4d96b2w5wcc2!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:

=============

Error: (10/28/2014 06:15:54 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)