Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

PCBooster [Solved]


  • This topic is locked This topic is locked
10 replies to this topic

#1 curlee1982

curlee1982

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 24 October 2014 - 08:30 PM

Cannot get rid of PC Booster and other malware/adware on PC. Also, this afternoon as Windows was updating, it stopped halfway through and said it could not continue and then deleted what it had tried to update. Here is a copy of the logs you requested.

 

Attached File  aswMBR.txt   1.7KB   108 downloads

Attached File  FRST.txt   188.76KB   108 downloads

Attached File  Addition.txt   43.25KB   176 downloads

 


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 25 October 2014 - 12:27 PM

:welcome:

 

Before we begin you need to read the instructions carefully, most of our tools and scanners need to be run from the desktop as they run more effectively there

 

This is where your running your programs

C:\Users\jimmy\Downloads

 

Go into your download folder and right click on FRST64 and select CUT, come back to your desktop and on any clear space right click and select Paste

 

-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    ===============================================================================
     
    You have Malwarebytes installed, here are some instructions, just open it and on the dashboard check for updates and run the Threat Scan
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished and the log pops up...select Copy to Clipboard
  • Please paste the log back into this thread for review
  • Exit Malwarebytes


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 curlee1982

    curlee1982

      Authentic Member

    • Authentic Member
    • PipPip
    • 22 posts

    Posted 26 October 2014 - 07:20 PM

    Thank you Ken545, 

     

    I hoipe I have done this correctly!

     

    Attached File  AdwCleanerS0.txt   5.22KB   93 downloads

    Attached File  JRT.txt   1.45KB   80 downloads

    Attached File  malwarebytes.txt   1.03KB   88 downloads



    #4 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 08:18 PM

    Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs.  If you can I prefer that you copy and paste the logs directly into the thread in lieu of attaching them



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #5 curlee1982

    curlee1982

      Authentic Member

    • Authentic Member
    • PipPip
    • 22 posts

    Posted 28 October 2014 - 04:38 PM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
    Ran by jimmy (administrator) on OURPC on 28-10-2014 18:24:42
    Running from C:\Users\jimmy\Desktop
    Loaded Profile: jimmy (Available profiles: jimmy & Administrator)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Spotify Ltd) C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
    (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
    (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe
    (SMART Technologies ULC.) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe
    (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
    (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseSoftwareService.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
    (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (Microsoft) C:\Program Files (x86)\Portable Booster\WarningPopUp.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)
    HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)
    HKLM-x32\...\Run: [SMART Board Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe [10132336 2012-03-09] (SMART Technologies ULC)
    HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)
    HKLM-x32\...\Run: [Response Desktop Menu] => C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe [1990040 2012-10-17] (SMART Technologies ULC)
    HKLM-x32\...\Run: [SMARTClassroomCoordinator.exe] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe [485232 2011-06-22] (SMART Technologies ULC.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\Run: [Spotify Web Helper] => C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-15] (Spotify Ltd)
    Startup: C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM - {AE4A0516-1D41-41E3-AF10-E092C9EA9DC1} URL = http://www.bing.com/...E10TR&pc=MAGWJS
    SearchScopes: HKLM-x32 - {AE4A0516-1D41-41E3-AF10-E092C9EA9DC1} URL = http://www.bing.com/...E10TR&pc=MAGWJS
    SearchScopes: HKCU - DefaultScope {DC8E2359-5F23-453B-B05B-ECDE309AB2E1} URL = https://search.yahoo...p={SearchTerms}
    SearchScopes: HKCU - {DC8E2359-5F23-453B-B05B-ECDE309AB2E1} URL = https://search.yahoo...p={SearchTerms}
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
    BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO-x32: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
    Toolbar: HKLM-x32 - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files (x86)\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
    DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefie...r_5.0.203.0.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\jimmy\AppData\Roaming\Mozilla\Firefox\Profiles\l8b5k1dm.default
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF DefaultSearchEngine: Secure Search
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy.dll ( ROBLOX Corporation)
    FF Plugin HKCU: @nsroblox.roblox.com/launcher64 -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy64.dll ( ROBLOX Corporation)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jimmy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-07]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-30]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-07]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR DefaultSearchKeyword: Default -> mcafee
    CHR DefaultSearchURL: Default -> https://search.yahoo...p={searchTerms}
    CHR DefaultSuggestURL: Default -> 
    CHR Profile: C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-30]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-06]
    CHR Extension: (Avast Online Security) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-22]
    CHR Extension: (Google Wallet) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-27]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-04]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-04] (AVAST Software)
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-29] (WildTangent)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
    S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
    S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
    R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
    R2 Response Hardware; C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe [19352 2012-10-17] (SMART Technologies ULC)
    R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)
    S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
    S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-04] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-04] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-04] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-04] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-04] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-04] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-04] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-04] ()
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-16] (Advanced Micro Devices)
    R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-28] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
    R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
    R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
    R3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)
    R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)
    R3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-28 18:13 - 2014-10-28 18:13 - 00000000 ____D () C:\Users\jimmy\Desktop\FRST-OlderVersion
    2014-10-28 09:53 - 2014-10-28 09:53 - 00000000 ____D () C:\Users\jimmy\.thumbnails
    2014-10-28 09:51 - 2014-10-28 09:51 - 00000000 ____D () C:\Program Files (x86)\Blender Foundation
    2014-10-28 09:48 - 2014-10-28 09:49 - 53895385 _____ () C:\Users\jimmy\Downloads\blender-2.72b-windows32.exe
    2014-10-27 21:01 - 2014-10-27 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-10-26 21:16 - 2014-10-26 21:16 - 00001051 _____ () C:\Users\jimmy\Desktop\malwarebytes.txt
    2014-10-26 20:33 - 2014-10-26 20:33 - 00001488 _____ () C:\Users\jimmy\Desktop\JRT.txt
    2014-10-26 20:04 - 2014-10-26 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-10-26 19:59 - 2014-10-26 19:59 - 01706144 _____ (Thisisu) C:\Users\jimmy\Downloads\JRT.exe
    2014-10-26 19:54 - 2014-10-26 19:54 - 00005345 _____ () C:\Users\jimmy\Desktop\AdwCleaner[S0].txt
    2014-10-26 17:30 - 2014-10-26 17:30 - 00005385 _____ () C:\Users\jimmy\Desktop\AdwCleaner[R0].txt
    2014-10-26 17:17 - 2014-10-26 17:17 - 00001191 _____ () C:\Users\jimmy\Desktop\AdwCleaner.exe - Shortcut.lnk
    2014-10-26 17:12 - 2014-10-26 17:51 - 00000000 ____D () C:\AdwCleaner
    2014-10-26 17:11 - 2014-10-26 17:11 - 01962496 _____ () C:\Users\jimmy\Downloads\AdwCleaner.exe
    2014-10-26 14:27 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2014-10-26 14:27 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2014-10-24 22:28 - 2014-10-27 06:02 - 00036352 ___SH () C:\Users\jimmy\Desktop\Thumbs.db
    2014-10-24 22:20 - 2014-10-24 22:20 - 00044290 _____ () C:\Users\jimmy\Desktop\Addition.txt
    2014-10-24 22:19 - 2014-10-28 18:25 - 00026626 _____ () C:\Users\jimmy\Desktop\FRST.txt
    2014-10-24 22:14 - 2014-10-24 22:18 - 00044290 _____ () C:\Users\jimmy\Downloads\Addition.txt
    2014-10-24 22:09 - 2014-10-24 22:18 - 00193289 _____ () C:\Users\jimmy\Downloads\FRST.txt
    2014-10-24 22:08 - 2014-10-24 22:08 - 02112000 _____ (Farbar) C:\Users\jimmy\Downloads\FRST64 (1).exe
    2014-10-24 21:58 - 2014-10-28 18:24 - 00000000 ____D () C:\FRST
    2014-10-24 21:58 - 2014-10-28 18:13 - 02113024 _____ (Farbar) C:\Users\jimmy\Desktop\FRST64.exe
    2014-10-24 21:57 - 2014-10-24 21:57 - 00001744 _____ () C:\Users\jimmy\Desktop\aswMBR.txt
    2014-10-24 21:57 - 2014-10-24 21:57 - 00000512 _____ () C:\Users\jimmy\Desktop\MBR.dat
    2014-10-24 21:45 - 2014-10-24 21:45 - 05192704 _____ (AVAST Software) C:\Users\jimmy\Downloads\aswMBR.exe
    2014-10-24 21:19 - 2014-10-24 21:19 - 00015502 _____ () C:\Users\jimmy\Desktop\hijackthis.log
    2014-10-24 21:18 - 2014-10-24 21:18 - 00015502 _____ () C:\Users\jimmy\Downloads\hijackthis.log
    2014-10-24 21:13 - 2014-10-24 21:13 - 00019456 ___SH () C:\Users\jimmy\Downloads\Thumbs.db
    2014-10-24 21:13 - 2014-10-24 21:13 - 00013824 ___SH () C:\Users\jimmy\Documents\Thumbs.db
    2014-10-24 21:10 - 2014-10-24 21:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\jimmy\Downloads\HiJackThis.exe
    2014-10-24 20:44 - 2014-10-24 20:44 - 02685256 _____ (www.PerfectUninstaller.com ) C:\Users\jimmy\Downloads\PerfectUninstaller.exe
    2014-10-21 21:40 - 2014-10-26 21:36 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Deployment
    2014-10-21 19:31 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
    2014-10-21 19:18 - 2014-07-15 14:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2014-10-21 19:18 - 2014-07-15 04:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2014-10-21 19:18 - 2014-07-15 04:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2014-10-21 19:17 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2014-10-21 19:13 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2014-10-21 19:13 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2014-10-21 19:03 - 2014-05-03 01:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
    2014-10-21 19:03 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
    2014-10-21 19:03 - 2014-04-30 02:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2014-10-21 19:03 - 2014-04-30 00:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2014-10-21 19:03 - 2014-04-30 00:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2014-10-21 19:03 - 2014-04-30 00:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2014-10-21 19:03 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2014-10-21 19:03 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2014-10-21 19:03 - 2014-04-29 23:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2014-10-21 19:03 - 2014-04-28 18:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2014-10-21 19:03 - 2014-04-26 12:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2014-10-21 19:03 - 2014-04-14 05:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2014-10-21 19:03 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2014-10-21 19:02 - 2014-05-03 01:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2014-10-21 19:02 - 2014-05-03 01:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
    2014-10-21 19:02 - 2014-05-03 01:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
    2014-10-21 19:02 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
    2014-10-21 19:02 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
    2014-10-21 19:02 - 2014-05-02 19:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
    2014-10-21 19:02 - 2014-04-30 02:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
    2014-10-21 19:02 - 2014-04-30 02:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
    2014-10-21 19:02 - 2014-04-30 02:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
    2014-10-21 19:02 - 2014-04-30 01:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
    2014-10-21 19:02 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
    2014-10-21 19:02 - 2014-04-30 00:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2014-10-21 19:02 - 2014-04-30 00:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2014-10-21 19:02 - 2014-04-29 23:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2014-10-21 19:02 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2014-10-21 19:02 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2014-10-21 19:02 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
    2014-10-21 18:55 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2014-10-21 18:55 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2014-10-21 18:55 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
    2014-10-21 18:55 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
    2014-10-21 18:55 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2014-10-21 18:55 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2014-10-21 18:55 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2014-10-21 18:55 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2014-10-21 18:55 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2014-10-21 18:52 - 2014-08-16 00:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2014-10-21 18:52 - 2014-08-15 23:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2014-10-21 18:52 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2014-10-21 18:52 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2014-10-21 18:52 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2014-10-21 18:52 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2014-10-21 18:52 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2014-10-21 18:52 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2014-10-21 18:52 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2014-10-21 18:51 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2014-10-21 18:51 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2014-10-21 18:51 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2014-10-21 18:51 - 2014-08-15 23:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2014-10-21 18:51 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2014-10-21 18:51 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2014-10-21 18:51 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2014-10-21 18:51 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
    2014-10-21 18:51 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2014-10-21 18:51 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2014-10-21 18:51 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
    2014-10-21 18:51 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2014-10-21 18:51 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
    2014-10-21 18:51 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2014-10-21 18:51 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2014-10-21 18:51 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
    2014-10-21 18:51 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-10-21 18:51 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2014-10-21 18:51 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
    2014-10-21 18:51 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-10-21 18:51 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
    2014-10-21 18:51 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2014-10-21 18:51 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2014-10-21 18:51 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2014-10-21 18:51 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2014-10-21 18:51 - 2014-07-31 19:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
    2014-10-21 18:46 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
    2014-10-21 18:46 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
    2014-10-21 18:32 - 2014-06-01 22:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2014-10-21 18:32 - 2014-05-31 02:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
    2014-10-21 18:32 - 2014-05-31 02:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
    2014-10-21 18:32 - 2014-05-31 00:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
    2014-10-21 18:32 - 2014-05-31 00:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2014-10-21 18:32 - 2014-05-31 00:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
    2014-10-21 18:32 - 2014-05-27 05:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
    2014-10-21 18:32 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
    2014-10-21 18:31 - 2014-10-09 18:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2014-10-21 18:31 - 2014-10-08 18:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2014-10-21 18:31 - 2014-09-18 21:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2014-10-21 18:31 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2014-10-21 18:31 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2014-10-21 18:31 - 2014-07-10 00:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
    2014-10-21 18:28 - 2014-07-12 00:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2014-10-20 19:23 - 2014-10-20 19:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2014-10-20 19:08 - 2014-10-28 16:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-10-20 19:07 - 2014-10-20 19:07 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-10-20 19:07 - 2014-10-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-10-20 19:06 - 2014-10-20 19:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-10-20 19:06 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-10-20 19:06 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2014-10-20 19:06 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-10-20 19:01 - 2014-10-20 19:02 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.3.1025.exe
    2014-10-20 18:17 - 2014-10-20 18:17 - 00000000 __SHD () C:\Users\jimmy\AppData\Local\EmieUserList
    2014-10-20 18:17 - 2014-10-20 18:17 - 00000000 __SHD () C:\Users\jimmy\AppData\Local\EmieSiteList
    2014-10-20 18:16 - 2014-10-28 12:53 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9791AE5-E39C-4E49-8217-4386C0483A75}
    2014-10-20 02:01 - 2014-10-19 22:08 - 00000000 __SHD () C:\Recovery
    2014-10-20 02:00 - 2014-10-20 19:11 - 00000000 ___DC () C:\WINDOWS\Panther
    2014-10-20 01:56 - 2014-10-20 01:56 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2014-10-20 01:56 - 2014-10-20 01:56 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2014-10-20 01:56 - 2014-10-20 01:56 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2014-10-20 01:56 - 2014-10-20 01:56 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2014-10-20 01:55 - 2014-10-20 01:55 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-10-20 01:55 - 2014-10-20 01:55 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
    2014-10-20 01:55 - 2014-10-20 01:55 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
    2014-10-20 01:55 - 2014-10-20 01:55 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-10-20 01:54 - 2014-10-20 01:54 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-10-20 01:54 - 2014-10-20 01:54 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-10-20 01:54 - 2014-10-20 01:54 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2014-10-20 01:54 - 2014-10-20 01:54 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
    2014-10-20 01:53 - 2014-10-20 01:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2014-10-20 01:53 - 2014-10-20 01:53 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2014-10-20 01:51 - 2014-10-20 01:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
    2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
    2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files\MSBuild
    2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
    2014-10-20 01:49 - 2014-10-20 01:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
    2014-10-20 01:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2014-10-20 01:48 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2014-10-20 01:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2014-10-20 01:48 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2014-10-19 23:06 - 2014-10-19 23:06 - 00001449 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-10-19 23:05 - 2014-10-19 23:05 - 00000020 ___SH () C:\Users\jimmy\ntuser.ini
    2014-10-19 22:57 - 2014-10-19 22:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
    2014-10-19 22:30 - 2014-10-19 22:30 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2014-10-19 22:30 - 2014-10-19 22:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
    2014-10-19 22:30 - 2014-10-19 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
    2014-10-19 22:18 - 2014-10-19 22:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
    2014-10-19 22:14 - 2014-10-28 09:53 - 00000000 ____D () C:\Users\jimmy
    2014-10-19 22:14 - 2014-10-19 22:58 - 00032388 _____ () C:\WINDOWS\diagwrn.xml
    2014-10-19 22:14 - 2014-10-19 22:58 - 00032388 _____ () C:\WINDOWS\diagerr.xml
    2014-10-19 22:14 - 2014-10-19 22:40 - 00000000 ____D () C:\Users\Administrator
    2014-10-19 22:14 - 2014-10-19 22:18 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-10-19 22:14 - 2014-10-19 22:18 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-10-19 22:14 - 2014-10-19 22:15 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-10-19 22:14 - 2014-10-19 22:15 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2014-10-19 22:14 - 2014-09-24 03:23 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2014-10-19 22:14 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2014-10-19 22:07 - 2014-10-19 22:07 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201410192207066014.log
    2014-10-19 22:06 - 2014-10-19 22:26 - 00000000 ____D () C:\ProgramData\AMD
    2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\Program Files\ATI Technologies
    2014-10-19 22:06 - 2014-10-19 22:06 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-10-19 22:05 - 2014-10-28 14:17 - 01567429 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\Program Files\Realtek
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\Program Files\AMD
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 ____D () C:\AMD
    2014-10-19 22:04 - 2014-10-19 22:04 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
    2014-10-19 19:40 - 2014-10-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
    2014-10-19 19:39 - 2014-10-19 19:39 - 07054336 _____ () C:\Users\jimmy\Downloads\xnafx40_redist.msi
    2014-10-19 19:37 - 2014-10-19 19:37 - 00000006 _____ () C:\Users\jimmy\Downloads\ID.dat
    2014-10-19 19:32 - 2014-10-19 19:41 - 00000000 ____D () C:\Users\jimmy\Downloads\Pokemon
    2014-10-19 19:30 - 2014-10-19 19:30 - 00000110 _____ () C:\Users\jimmy\Downloads\launcher_settings.dat
    2014-10-19 19:27 - 2014-10-19 19:27 - 00217088 _____ (Kolben Games) C:\Users\jimmy\Downloads\Pokémon3D.exe
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003730 _____ () C:\WINDOWS\System32\Tasks\boosterpop
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003626 _____ () C:\WINDOWS\System32\Tasks\IEError
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003472 _____ () C:\WINDOWS\System32\Tasks\AI_Updater
    2014-10-17 15:24 - 2014-10-28 11:37 - 00000000 ____D () C:\Program Files (x86)\Portable Booster
    2014-10-17 15:24 - 2014-10-19 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster
    2014-10-15 18:54 - 2014-10-20 20:22 - 00000000 ____D () C:\ProgramData\fgtyHUPuUn
    2014-10-15 18:54 - 2014-10-20 20:15 - 00000000 ____D () C:\ProgramData\InstaShare
    2014-10-14 22:10 - 2014-10-14 22:10 - 12853208 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.8.1.1.exe
    2014-10-14 22:04 - 2014-10-14 22:05 - 12616928 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.7.9.0.exe
    2014-10-14 20:56 - 2014-10-14 20:56 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Daring_Development_Inc
    2014-10-14 20:54 - 2014-10-14 20:54 - 12788656 _____ (Daring Development Inc. ) C:\Users\jimmy\Downloads\Horizon.Setup.v2.7.3.0.exe
    2014-10-14 20:47 - 2014-10-14 20:48 - 65234731 _____ () C:\Users\jimmy\Downloads\Vertoak V12 Stuff Inside.zip
    2014-10-11 07:53 - 2014-10-19 22:58 - 00009796 _____ () C:\WINDOWS\comsetup.log
    2014-10-10 06:21 - 2014-10-10 06:21 - 07233024 _____ () C:\Users\jimmy\Downloads\Leviathan2.ppt
    2014-10-06 23:06 - 2014-10-06 23:06 - 00068823 _____ () C:\Users\jimmy\Downloads\16 Ready to go Youth Group Meetings.zip
    2014-10-06 20:06 - 2014-08-26 12:50 - 00076064 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys
    2014-10-06 20:05 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
    2014-10-04 22:35 - 2014-10-04 22:34 - 00355310 _____ () C:\Users\jimmy\Downloads\feab0935ff9659316e4afc6305d09c39_Minecraft.zip
    2014-10-04 22:33 - 2014-10-04 22:33 - 00771624 _____ ( ) C:\Users\jimmy\Downloads\MinecraftSetup.exe
    2014-10-04 14:11 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2014-10-04 14:11 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2014-10-04 14:11 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2014-10-04 14:11 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2014-10-04 14:11 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2014-10-04 11:51 - 2014-10-04 11:51 - 00000000 ____D () C:\Users\jimmy\Documents\SimCity
    2014-10-04 11:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2014-10-04 10:34 - 2014-10-04 10:34 - 00000000 ____D () C:\Users\jimmy\Documents\Electronic Arts
    2014-10-04 10:33 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
    2014-10-04 10:32 - 2014-10-04 10:32 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-10-04 10:26 - 2014-10-18 09:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
    2014-10-04 10:25 - 2014-10-04 23:29 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Origin
    2014-10-04 10:23 - 2014-10-18 09:57 - 00000000 ____D () C:\ProgramData\Origin
    2014-10-04 10:22 - 2014-10-04 10:22 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\jimmy\Downloads\OriginThinSetup.exe
    2014-10-02 06:15 - 2014-10-02 06:15 - 00793240 _____ ( ) C:\Users\jimmy\Downloads\Free_Download_Setup.exe
    2014-09-30 21:55 - 2014-09-30 21:55 - 01660008 _____ () C:\Users\jimmy\Downloads\The Avengers.mp4
    2014-09-29 19:40 - 2014-09-29 19:40 - 00057126 _____ () C:\Users\jimmy\Downloads\Rhythm Manipulatives.notebook
    2014-09-28 20:17 - 2014-09-28 20:17 - 00027887 _____ () C:\Users\jimmy\Downloads\mortal kombat.htm
    2014-09-28 07:20 - 2014-09-28 07:20 - 07107753 _____ () C:\Users\jimmy\Downloads\daft punk.htm
    2014-09-28 07:12 - 2014-09-28 07:12 - 00081503 _____ () C:\Users\jimmy\Downloads\video killed the radio star pentatonix.htm
    2014-09-28 07:12 - 2014-09-28 07:12 - 00081435 _____ () C:\Users\jimmy\Downloads\pentatonix problem.htm
    2014-09-28 07:11 - 2014-09-28 07:11 - 00081869 _____ () C:\Users\jimmy\Downloads\natural disaster.htm
    2014-09-28 07:10 - 2014-09-28 07:10 - 00081561 _____ () C:\Users\jimmy\Downloads\music evolution.htm
    2014-09-28 07:09 - 2014-09-28 07:09 - 00081129 _____ () C:\Users\jimmy\Downloads\save the world.htm
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-28 18:10 - 2013-02-22 18:01 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1271087293-465154865-2948633367-1002
    2014-10-28 18:06 - 2014-05-07 14:45 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job
    2014-10-28 18:05 - 2013-12-15 21:17 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-10-28 18:05 - 2013-12-15 21:16 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-28 18:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-10-28 17:45 - 2013-03-16 09:30 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-10-28 09:54 - 2013-11-21 21:01 - 00000000 ____D () C:\Users\jimmy\Desktop\mods
    2014-10-28 06:37 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-10-28 06:13 - 2014-09-24 03:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-10-28 06:12 - 2013-08-22 10:46 - 00326061 _____ () C:\WINDOWS\setupact.log
    2014-10-27 18:09 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-10-26 19:47 - 2013-12-07 16:51 - 00000000 __RSD () C:\Users\jimmy\Documents\McAfee Vaults
    2014-10-26 19:46 - 2013-12-30 13:55 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2014-10-26 19:39 - 2014-09-24 03:03 - 00099718 _____ () C:\WINDOWS\PFRO.log
    2014-10-26 19:39 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-10-26 14:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-10-26 14:16 - 2014-09-24 05:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-10-26 14:16 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-10-26 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-10-26 07:52 - 2013-10-08 21:12 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2014-10-26 07:46 - 2013-11-21 21:01 - 00000000 ____D () C:\Users\jimmy\Desktop\html
    2014-10-26 07:46 - 2013-09-27 18:23 - 00000000 ____D () C:\Users\jimmy\Desktop\free doodle frames
    2014-10-26 07:46 - 2013-09-27 18:17 - 00000000 ____D () C:\Users\jimmy\Desktop\Wavy Swirl Doodle Frame
    2014-10-26 07:46 - 2013-09-22 21:40 - 00000000 ____D () C:\Users\jimmy\Desktop\doodle frames
    2014-10-26 07:45 - 2014-06-27 17:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
    2014-10-26 07:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-10-25 07:11 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2014-10-24 21:12 - 2013-02-21 22:18 - 00000000 ____D () C:\Users\jimmy\AppData\Local\VirtualStore
    2014-10-24 20:20 - 2014-09-09 19:24 - 00000000 ____D () C:\Marvel Heroes Game
    2014-10-24 18:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2014-10-22 15:58 - 2013-01-28 18:05 - 00000000 ____D () C:\Users\jimmy\Documents\Christians Work
    2014-10-21 22:58 - 2012-12-22 18:03 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Packages
    2014-10-21 20:13 - 2013-08-24 20:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-10-21 19:44 - 2013-02-23 00:11 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-10-21 19:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
    2014-10-20 20:16 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppCompat
    2014-10-20 19:06 - 2013-10-22 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-10-20 01:59 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
    2014-10-20 01:59 - 2013-02-22 01:13 - 00000000 ____D () C:\Windows.old(1)
    2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
    2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
    2014-10-20 01:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
    2014-10-20 01:55 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
    2014-10-19 22:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration
    2014-10-19 22:48 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
    2014-10-19 22:48 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-10-19 22:34 - 2013-08-22 10:44 - 00429632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-10-19 22:32 - 2014-09-24 02:53 - 00000000 ____D () C:\WINDOWS\ShellNew
    2014-10-19 22:32 - 2014-09-08 06:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-10-19 22:32 - 2014-07-15 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-10-19 22:32 - 2014-06-27 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series User Registration
    2014-10-19 22:32 - 2014-06-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual
    2014-10-19 22:32 - 2013-12-30 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-10-19 22:32 - 2013-12-27 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-10-19 22:32 - 2013-12-15 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
    2014-10-19 22:32 - 2013-12-15 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-10-19 22:32 - 2013-12-07 16:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
    2014-10-19 22:32 - 2013-10-11 17:12 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
    2014-10-19 22:32 - 2013-09-20 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
    2014-10-19 22:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help
    2014-10-19 22:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
    2014-10-19 22:32 - 2013-03-16 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies
    2014-10-19 22:32 - 2013-02-21 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2014-10-19 22:32 - 2012-09-11 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon Weblink
    2014-10-19 22:32 - 2012-09-11 13:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
    2014-10-19 22:32 - 2012-09-11 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
    2014-10-19 22:32 - 2012-08-03 05:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
    2014-10-19 22:32 - 2012-08-03 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway
    2014-10-19 22:32 - 2012-08-03 05:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-10-19 22:30 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
    2014-10-19 22:30 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
    2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
    2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
    2014-10-19 22:29 - 2014-09-24 02:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
    2014-10-19 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME
    2014-10-19 22:29 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
    2014-10-19 22:29 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
    2014-10-19 22:29 - 2013-02-21 22:26 - 00000000 ____D () C:\WINDOWS\system32\kodak
    2014-10-19 22:29 - 2013-02-21 22:15 - 00000000 ____D () C:\WINDOWS\system32\ek
    2014-10-19 22:29 - 2012-09-11 13:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
    2014-10-19 22:27 - 2014-08-26 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    2014-10-19 22:27 - 2014-06-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
    2014-10-19 22:27 - 2013-11-21 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
    2014-10-19 22:27 - 2013-11-20 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
    2014-10-19 22:27 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
    2014-10-19 22:27 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources
    2014-10-19 22:27 - 2012-08-03 05:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
    2014-10-19 22:27 - 2012-08-03 05:38 - 00000000 ____D () C:\ProgramData\PRICache
    2014-10-19 22:26 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
    2014-10-19 22:26 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
    2014-10-19 22:26 - 2012-09-11 13:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
    2014-10-19 22:18 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
    2014-10-19 22:15 - 2012-08-03 05:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
    2014-10-19 22:02 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default
    2014-10-19 21:37 - 2013-02-21 22:16 - 01593040 _____ () C:\WINDOWS\WindowsUpdate (1).log
    2014-10-18 18:01 - 2014-05-07 14:45 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2
    2014-10-18 18:00 - 2013-12-15 21:16 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-10-18 09:55 - 2012-07-26 01:26 - 00000194 _____ () C:\WINDOWS\win.ini
    2014-10-17 20:20 - 2013-02-21 22:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-10-17 15:17 - 2013-04-19 18:21 - 00000000 ____D () C:\Users\jimmy\AppData\Local\CrashDumps
    2014-10-17 14:35 - 2013-03-24 13:33 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Audacity
    2014-10-17 07:10 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
    2014-10-15 21:36 - 2013-03-11 01:06 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Spotify
    2014-10-15 18:30 - 2013-03-11 01:06 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Spotify
    2014-10-10 17:50 - 2012-09-11 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2014-10-06 20:04 - 2013-12-07 16:39 - 00000000 ____D () C:\Program Files\Common Files\McAfee
    2014-10-06 20:03 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
    2014-10-04 14:10 - 2013-11-23 08:49 - 00030941 _____ () C:\WINDOWS\DirectX.log
    2014-10-01 17:45 - 2014-09-07 20:40 - 07857310 _____ () C:\Users\jimmy\Downloads\Pokedex (1) (1) (1).rar
    2014-09-30 05:31 - 2014-09-27 10:15 - 00332161 _____ () C:\Users\jimmy\Documents\Fall Leaves.notebook
    2014-09-28 12:55 - 2014-09-27 10:41 - 00002343 _____ () C:\Users\jimmy\Documents\Fall_Leaves.mscz
     
    Some content of TEMP:
    ====================
    C:\Users\jimmy\AppData\Local\Temp\Quarantine.exe
    C:\Users\jimmy\AppData\Local\Temp\sqlite3.dll
    C:\Users\jimmy\AppData\Local\Temp\Uninstaller-388.exe
    C:\Users\jimmy\AppData\Local\Temp\Uninstaller-6968.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-10-19 22:02
     
    ==================== End Of Log ============================
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
    Ran by jimmy at 2014-10-28 18:28:44
    Running from C:\Users\jimmy\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Ableton Live 9 Trial (HKLM-x32\...\{A29BB48D-59ED-411C-AB20-3FA488D08161}) (Version: 9.0.0.0 - Ableton)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
    Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
    AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
    AMD AVIVO64 Codecs (Version: 12.5.100.20719 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{19CB64EB-ACFE-681D-B571-A8A3398F1943}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    AMD VISION Engine Control Center (x32 Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
    Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
    Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
    Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
    Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
    Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
    Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)
    DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
    DC Universe Online Live (HKCU\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
    Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Free YouTube Downloader 3.5.181 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
    Game Channels (x32 Version: 7.1.0.17 - WildTangent, Inc.) Hidden
    Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Gateway Incorporated)
    Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
    Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Gateway Incorporated)
    Hunting Unlimited 2010 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hunting Unlimited 2011 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Gateway Incorporated)
    iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
    Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
    Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
    Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Gateway Incorporated)
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
    McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
    McAfee Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
    Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
    Nero BackItUp (x32 Version: 12.0.0016 - Nero AG) Hidden
    Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
    Nero BackItUp Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
    Nero ControlCenter (x32 Version: 11.0.14500.0.45 - Nero AG) Hidden
    Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
    Nero Core Components (x32 Version: 11.0.16900.1.27 - Nero AG) Hidden
    Nero Express (x32 Version: 12.0.16001 - Nero AG) Hidden
    Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
    Nero Launcher (x32 Version: 12.0.3000 - Nero AG) Hidden
    Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
    Nero RescueAgent Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
    Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
    Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION
    Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
    ROBLOX Player for jimmy (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    ROBLOX Studio 2013 for jimmy (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)
    SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)
    SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)
    SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)
    SMART Response Software (HKLM-x32\...\{02885557-ACA5-4B6F-85D2-3F1A9B8580F5}) (Version: 4.0.450.1 - SMART Technologies ULC)
    SMART Sync Teacher (HKLM-x32\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)
    Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
    WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
    Wondershare Video Editor(Build 4.5.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1271087293-465154865-2948633367-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-c2a7e6748ad54a86\RobloxProxy64.dll (ROBLOX Corporation)
     
    ==================== Restore Points  =========================
     
    21-10-2014 23:30:22 Windows Update
    25-10-2014 00:21:47 Removed PCBooster
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
    Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
    Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
    Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {2BE533A9-3E5C-4C87-927B-6722A22B6B5F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-21] (Microsoft Corporation)
    Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
    Task: {360A0CDF-FE35-4A24-8D14-560A1196F977} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
    Task: {37708282-8E36-43EB-A771-BE49A6ED466E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
    Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
    Task: {408DBE6A-D817-4107-8EAD-08D1427CBDDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
    Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
    Task: {644CD833-9DCE-42EC-9DCA-A4DBAEBFE5E7} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\\WarningPopUp.exe [2014-10-04] (Microsoft)
    Task: {691C5007-EADB-411E-A1C3-D155647E5129} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
    Task: {69A79124-8170-4D64-B9F3-3F8F85126E0A} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2012-06-21] ()
    Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
    Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {7A8200C9-C4E1-438E-805B-9919B752D53D} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-10-04] (Portable Booster)
    Task: {83D19DC0-FBCD-4324-B710-A40A48E9C9F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-04] (AVAST Software)
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
    Task: {8BBB856F-24E0-41A8-8297-EEB1825C9FC1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
    Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
    Task: {8EA43C2D-1C36-4648-8A81-D6A27EB6A0F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
    Task: {90FA3452-9D0D-4E28-AB4F-438CDD128B8D} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)
    Task: {97089067-B7A4-420D-888C-87E98252E71A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
    Task: {9A823740-E6AF-448A-B61C-3FB16097D69D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
    Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
    Task: {A0772BF0-15D3-43E1-833D-676DD0FA37AD} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
    Task: {AA4C659F-5A11-4E0A-A27A-0A7D56D5491E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
    Task: {D61D7859-723F-44DC-AC2C-7413E2995BD0} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2012-08-24] ()
    Task: {D6E6E288-AAE5-44E8-88D5-0A5F846E476D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
    Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
    Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
    Task: {E97D4480-F704-4182-BD49-197159EAF3F5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
    Task: {F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-10-01] ()
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-06-27 17:50 - 2012-03-27 23:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2010-04-13 21:11 - 2010-04-13 21:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll
    2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-08-04 18:03 - 2014-08-04 18:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
    2014-10-26 17:14 - 2014-10-26 17:14 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102600\algo.dll
    2014-10-28 06:38 - 2014-10-28 06:38 - 02898432 _____ () C:\Program Files\AVAST Software\Avast\defs\14102800\algo.dll
    2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 00022440 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 00054184 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 00053680 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_signals.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_8ce60f5e6bc42419\boost_signals-vc100-mt-1_44.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 02296736 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtCore4.dll
    2014-10-19 22:30 - 2014-10-19 22:30 - 02364840 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_none_1bed397492abdaf4\xqilla-vc100-1_0.dll
    2014-10-19 22:30 - 2014-10-19 22:30 - 00066976 _____ () C:\WINDOWS\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_none_a9eddec61c291613\zlib1-vc100-mt-1.2.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 02310056 _____ () C:\WINDOWS\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_none_abdcef110f80cf28\redland-vc100-1_0_9.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 00145328 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll
    2014-10-19 22:31 - 2014-10-19 22:31 - 00051120 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 07546272 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtGui4.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 02027424 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtCore4.dll
    2014-10-19 22:32 - 2014-10-19 22:32 - 00524712 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll
    2012-10-24 14:11 - 2012-10-24 14:11 - 01435544 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\activation2.dll
    2014-10-19 22:30 - 2014-10-19 22:30 - 02996648 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.2.1_9ca15c999435ee05_1.0.1.0_none_1bed22ac92abf495\xqilla21.dll
    2011-06-22 08:19 - 2011-06-22 08:19 - 00070656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\libLogger-vc100-2_0.dll
    2014-08-04 18:03 - 2014-08-04 18:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-08-26 21:30 - 2014-07-09 12:01 - 01459712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
    2014-08-26 21:30 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
    2012-10-17 08:40 - 2012-10-17 08:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
    2012-10-17 08:40 - 2012-10-17 08:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
    2014-10-19 22:32 - 2014-10-19 22:32 - 01030048 _____ () C:\WINDOWS\WinSxS\x86_smarttech.js.vc70.1.8_37a8c5fef6a21868_1.0.2.1_none_e909cd048128eadf\js32.dll
    2012-10-24 14:11 - 2012-10-24 14:11 - 00466840 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\ziparchive-vc100-3_1_1a.dll
    2014-10-28 04:20 - 2014-10-22 00:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
    2014-10-28 04:20 - 2014-10-22 00:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
    2014-10-28 04:20 - 2014-10-22 00:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
    2014-10-28 04:20 - 2014-10-22 00:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1271087293-465154865-2948633367-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-1271087293-465154865-2948633367-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1271087293-465154865-2948633367-1004 - Limited - Enabled)
    jimmy (S-1-5-21-1271087293-465154865-2948633367-1002 - Administrator - Enabled) => C:\Users\jimmy
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (10/28/2014 10:33:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
    Description: Activation of app Evernote.Skitch_q4d96b2w5wcc2!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (10/28/2014 10:33:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
    Description: Activation of app Evernote.Skitch_q4d96b2w5wcc2!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
     
    System errors:
    =============
    Error: (10/28/2014 06:15:54 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 06:15:23 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 06:14:53 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 06:14:22 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 06:13:52 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 06:13:21 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 10:25:40 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 10:25:10 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 10:24:39 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (10/28/2014 10:24:06 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
     
    Microsoft Office Sessions:
    =========================
    Error: (10/28/2014 10:33:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
    Description: Evernote.Skitch_q4d96b2w5wcc2!App-2144927151
     
    Error: (10/28/2014 10:33:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
    Description: Evernote.Skitch_q4d96b2w5wcc2!App-2144927151
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD E1-1200 APU with Radeon™ HD Graphics
    Percentage of memory in use: 54%
    Total physical RAM: 3810.07 MB
    Available physical RAM: 1716.1 MB
    Total Pagefile: 4770.07 MB
    Available Pagefile: 1744.1 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.85 MB
     
    ==================== Drives ================================
     
    Drive c: (Gateway) (Fixed) (Total:446.51 GB) (Free:323.64 GB) NTFS
    Drive g: () (Removable) (Total:0.98 GB) (Free:0.13 GB) FAT
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 70D4E092)
     
    Partition: GPT Partition Type.
     
    ========================================================
    Disk: 1 (Size: 1000 MB) (Disk ID: 00000000)
     
    Partition: GPT Partition Type.
     
    ==================== End Of Log ============================


    #6 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 28 October 2014 - 05:58 PM

    You have McAfee and Avast Anti Virus installed, with AV software more is not better, Microsoft recommends just one, keep it updated and run regular scans, more than one will severely hamper system performance, your call but you need to uninstall one

     

    You can use this program to uninstall the one you choose

     

     
    Run AppRemover
     
    Vista , Win 7 users, right click on the icon and select "run as administrator"
     
    Please download AppRemover and save it to your desktop.
    •  
    • Double click on AppRemover.exe to run it.
    • Uncheck "Enable anonymous usage statistics. No personal data will be recorded."
    • Click on the Next button.
    • Click on "Remove Security Application" or "Clean Up a Failed Uninstall" depending on what you want to do. 
    • Click on the Next button.
    • A scan begins, please wait. Once done, click on the Next button.
    • Now you should have a list of your installed security programs, choose the one  you want to uninstall and click on the Next button.
    • Follow the last step and reboot if asked to do so.
     
     
     
     
     
     

     
    Open notepad (Start --> All Programs --> Accessories --> Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.
    You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.
     
    Start
    CloseProcesses:
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003730 _____ () C:\WINDOWS\System32\Tasks\boosterpop
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003626 _____ () C:\WINDOWS\System32\Tasks\IEError
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003472 _____ () C:\WINDOWS\System32\Tasks\AI_Updater
    2014-10-17 15:24 - 2014-10-28 11:37 - 00000000 ____D () C:\Program Files (x86)\Portable Booster
    2014-10-17 15:24 - 2014-10-19 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster
    PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION
    Task: {7A8200C9-C4E1-438E-805B-9919B752D53D} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-10-04] (Portable Booster)
    Task: {F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-10-01] ()
    Hosts:
    EmptyTemp:
    End
    
     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST or FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
     
     
     
    After removing one AV and the fix with FRST, let me know how your system is behaving now
     


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #7 curlee1982

    curlee1982

      Authentic Member

    • Authentic Member
    • PipPip
    • 22 posts

    Posted 29 October 2014 - 07:23 PM

    I just ran this so I will give it some time to see how it is functioning. Thank you so much for your help!
     
     
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014
    Ran by jimmy at 2014-10-29 20:53:44 Run:1
    Running from C:\Users\jimmy\Desktop
    Loaded Profile: jimmy (Available profiles: jimmy & Administrator)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003730 _____ () C:\WINDOWS\System32\Tasks\boosterpop
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003626 _____ () C:\WINDOWS\System32\Tasks\IEError
    2014-10-17 15:26 - 2014-10-17 15:26 - 00003472 _____ () C:\WINDOWS\System32\Tasks\AI_Updater
    2014-10-17 15:24 - 2014-10-28 11:37 - 00000000 ____D () C:\Program Files (x86)\Portable Booster
    2014-10-17 15:24 - 2014-10-19 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster
    PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION
    Task: {7A8200C9-C4E1-438E-805B-9919B752D53D} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\\updater.exe [2014-10-04] (Portable Booster)
    Task: {F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe [2014-10-01] ()
    Hosts:
    EmptyTemp:
    End
    *****************
     
    Processes closed successfully.
    C:\WINDOWS\System32\Tasks\boosterpop => Moved successfully.
    C:\WINDOWS\System32\Tasks\IEError => Moved successfully.
    C:\WINDOWS\System32\Tasks\AI_Updater => Moved successfully.
    C:\Program Files (x86)\Portable Booster => Moved successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCBooster => Moved successfully.
    PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION => Error: No automatic fix found for this entry.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A8200C9-C4E1-438E-805B-9919B752D53D}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A8200C9-C4E1-438E-805B-9919B752D53D}" => Key deleted successfully.
    C:\Windows\System32\Tasks\AI_Updater not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AI_Updater" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15275A4-CDE2-42A9-AD00-1D5B18CA9D0C}" => Key deleted successfully.
    C:\Windows\System32\Tasks\IEError not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IEError" => Key deleted successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 674.3 MB temporary data.
     
     
    The system needed a reboot. 
     
    ==== End of Fixlog ====


    #8 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 30 October 2014 - 05:11 AM

    Looks good, lets see if it fixed it



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #9 curlee1982

    curlee1982

      Authentic Member

    • Authentic Member
    • PipPip
    • 22 posts

    Posted 30 October 2014 - 04:31 PM

    Did not see any pop ups or open IE windows this afternoon! Awesome! Thank you so much!



    #10 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 30 October 2014 - 05:03 PM

    :thumbup:

     

    Great, glad things are back to normal for you

     

     

    Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
  •  
     
    ==========================================================
     
     
    Please download DelFix and save the file to your Desktop.
     
  • Windows XP Double Click DelFix.exe to run the program. 
  • Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR 
  • Place a checkmark next to the following items
  • Activate UAC
  • Remove Disinfection Tools
  • Create registry backup
  • Reset System Settings
  •  
    Click the Run button
     
    This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually
     
     
     
    ==========================================================
     
     
     
    How did I get infected in the first place ?    
    Read these links and find out how to prevent getting infected again.
  • Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
  •  
     
    Safe Surfn
    Ken


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #11 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 31 October 2014 - 01:29 PM

    Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

    If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

    Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
    and start a New Topic.

     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users