Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Owner (administrator) on OWNER-PC on 23-01-2015 07:55:51
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool:
www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1675160 2011-11-22] (McAfee, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [SearchProtection] => C:\ProgramData\Search Protection\_run.bat [168 2013-03-02] ()
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [DATAMNGR] => C:\PROGRA~2\SETTIN~1\Datamngr\DATAMN~1.EXE
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc.)
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\MountPoints2: {b45a83b0-7c3f-11e4-8842-dc0ea10bf152} - E:\LGAutoRun.exe
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\MountPoints2: {b45a83bc-7c3f-11e4-8842-dc0ea10bf152} - E:\windows\AutoRun.exe
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\MountPoints2: {c177cc3d-e58c-11e2-8463-dc0ea10bf152} - E:\LGAutoRun.exe
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\MountPoints2: {d61f72ac-be1c-11e1-877b-dc0ea10bf152} - E:\TL-Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-02-07] ()
AppInit_DLLs: C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll => C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs: C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll => C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-02-07] ()
AppInit_DLLs-x32: C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll => "C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll" File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll => "C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnbHKU\S-1-5-21-4059772642-3558261170-1923146660-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
Vosteran.com/?f=1&a=vst_wnzp01_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtD0B0FtCyDtB0AtDzz0BtN0D0Tzu0StCtDzyyCtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2StBtDtDtCtAyByC0EtG0EtDtC0DtGyC0A0CzztGyB0EtD0FtGtAyCyD0E0CzytCyE0BzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByBtAtD0AyDzytG0E0B0ByCtGyEyDzzzytG0BtAyBzytGtByCyDtBzytDyDzyzy0Ezz0B2Q&cr=832639186&ir=URLSearchHook: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2440} URL =
isearch.fantastigames.com/web?src=ieb&gct=ds&appid=100&systemid=440&q={searchTerms}SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBoxSearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2440} URL =
isearch.fantastigames.com/web?src=ieb&gct=ds&appid=100&systemid=440&q={searchTerms}SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2440} URL =
isearch.fantastigames.com/web?src=ieb&gct=ds&appid=100&systemid=440&q={searchTerms}SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2440} URL =
isearch.fantastigames.com/web?src=ieb&gct=ds&appid=100&systemid=440&q={searchTerms}SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> DefaultScope {C8DF3399-DD58-4208-A75D-0F9F36E73FC5} URL =
Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_wnzp01_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtD0B0FtCyDtB0AtDzz0BtN0D0Tzu0StCtDzyyCtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2StBtDtDtCtAyByC0EtG0EtDtC0DtGyC0A0CzztGyB0EtD0FtGtAyCyD0E0CzytCyE0BzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByBtAtD0AyDzytG0E0B0ByCtGyEyDzzzytG0BtAyBzytGtByCyDtBzytDyDzyzy0Ezz0B2Q&cr=832639186&ir=SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {0FA204D4-5326-43C7-A4D2-EDFB78E6EA59} URL =
www.ask.com/web?q={searchterms}&l=dis&o=ushplSearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
lavasoft.blekko.com/ws/?source=f439e2c0&tbp=rbox&toolbarid=adawaretb&u=A5BB9B885A3F9DF92FA82B51324B229D&q={searchTerms}SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enSearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2440} URL =
isearch.fantastigames.com/web?src=ieb&gct=ds&appid=100&systemid=440&q={searchTerms}SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {C8DF3399-DD58-4208-A75D-0F9F36E73FC5} URL =
Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_wnzp01_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtD0B0FtCyDtB0AtDzz0BtN0D0Tzu0StCtDzyyCtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2StBtDtDtCtAyByC0EtG0EtDtC0DtGyC0A0CzztGyB0EtD0FtGtAyCyD0E0CzytCyE0BzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByBtAtD0AyDzytG0E0B0ByCtGyEyDzzzytG0BtAyBzytGtByCyDtBzytDyDzyzy0Ezz0B2Q&cr=832639186&ir=SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
search.yahoo.com/search?fr=mcafee&type=B011US662D20120119&p={SearchTerms}SearchScopes: HKU\S-1-5-21-4059772642-3558261170-1923146660-1000 -> {FAD0F07E-A06F-44E1-BB02-E22A1320D4BF} URL =
www.bing.com/search?FORM=HPNTDF&PC=IP2TDF&q={searchTerms}&src=IE-SearchBoxBHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120119214937.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: DataMngr -> {F2D6C718-7E52-428E-8852-365C4B1A6E36} -> C:\PROGRA~2\SETTIN~1\Datamngr\x64\BROWSE~1.DLL No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Ad-Aware Security Add-on -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\adawaretb\adawareDx.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120730000743.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Coupon-Matcher BHO -> {F0B3FA34-C3B2-4B72-B8FE-A4148C2FA663} -> C:\Program Files (x86)\CouponMatcher\1.1\Extension.dll (Coupon-Matcher)
BHO-x32: DataMngr -> {F2D6C718-7E52-428E-8852-365C4B1A6E36} -> C:\PROGRA~2\SETTIN~1\Datamngr\BROWSE~1.DLL No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
Toolbar: HKLM-x32 - Coupon-Matcher - {AC5183D8-28A9-4A36-850D-8C8846855EED} - C:\Program Files (x86)\CouponMatcher\1.1\Extension.dll (Coupon-Matcher)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default
FF DefaultSearchEngine: Vosteran
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Vosteran
FF Homepage: hxxp://Vosteran.com/?f=1&a=vst_wnzp01_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtD0B0FtCyDtB0AtDzz0BtN0D0Tzu0StCtDzyyCtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2StBtDtDtCtAyByC0EtG0EtDtC0DtGyC0A0CzztGyB0EtD0FtGtAyCyD0E0CzytCyE0BzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByBtAtD0AyDzytG0E0B0ByCtGyEyDzzzytG0BtAyBzytGtByCyDtBzytDyDzyzy0Ezz0B2Q&cr=832639186&ir=
FF Keyword.URL:
search.yahoo.com/search?fr=mcafee&type=B111US662D20120119&p=FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wildtangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4059772642-3558261170-1923146660-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4059772642-3558261170-1923146660-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4059772642-3558261170-1923146660-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4059772642-3558261170-1923146660-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Owner\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\searchplugins\Vosteran.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Lavasoft Search Plugin - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-03-02]
FF Extension: Ad-Aware Security Add-on - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2013-03-02]
FF Extension: Coupon-Matcher - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sjp3f2y6.default\Extensions\{71988F2A-67DE-4A7F-B20F-B6D0CF8469AF}.xpi [2013-07-28]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-01-19]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-06]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Cast) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2013-12-24]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-23]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-06]
CHR Extension: (SiteAdvisor) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-03-02]
CHR Extension: (Always Smile) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpaapignoneonaghhkoddkghglbppdmg [2014-04-26]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-05-23]
CHR Extension: (Smile Always) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgpmhnmjbhgkhpbgelalfpplebgfjmbf [2014-07-23]
CHR Extension: (GoToMeeting Free Sharing) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbgncfoanhgdfmkgfehkfdlbdnbhafpp [2015-01-19]
CHR Extension: (SecureSearch) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik [2013-03-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-05]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (SiteAdvisor) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-03-02]
CHR Extension: (SecureSearch) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik [2013-03-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-04]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-12]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKU\S-1-5-21-4059772642-3558261170-1923146660-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-12]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-02-21] (Lavasoft Limited)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [501768 2011-03-17] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199272 2011-12-06] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [208536 2011-12-06] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [161168 2011-12-06] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-02] (GFI Software)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 07:55 - 2015-01-23 07:56 - 00036060 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-01-23 07:55 - 2015-01-23 07:55 - 00000000 ____D () C:\FRST
2015-01-22 21:04 - 2015-01-22 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-22 17:46 - 2015-01-22 17:46 - 02126848 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2015-01-22 17:12 - 2015-01-22 17:12 - 02126848 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-01-19 12:57 - 2015-01-19 12:58 - 07677632 _____ (TeamViewer GmbH) C:\Users\Owner\Downloads\TeamViewer_Setup_en (1).exe
2015-01-19 12:56 - 2015-01-19 12:56 - 05333352 _____ (TeamViewer) C:\Users\Owner\Downloads\TeamViewerQS_en.exe
2015-01-19 12:54 - 2015-01-19 12:54 - 07677632 _____ (TeamViewer GmbH) C:\Users\Owner\Downloads\TeamViewer_Setup_en.exe
2015-01-14 22:40 - 2015-01-14 22:40 - 00012940 _____ () C:\Users\Owner\Downloads\Devereux CARES 2015 Joe Corbi's sales.xlsx
2015-01-14 15:23 - 2015-01-14 15:23 - 01511346 _____ () C:\Users\Owner\Downloads\Expressions and Equations.pptx
2015-01-14 12:47 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 12:47 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 12:47 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 12:47 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 12:47 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 12:46 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 12:46 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 12:46 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 12:46 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 12:46 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 12:46 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 12:46 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 12:46 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 12:45 - 2015-01-14 12:45 - 00044793 _____ () C:\Users\Owner\Downloads\EBPvs.Research.pptx
2015-01-13 23:33 - 2015-01-13 23:33 - 03064320 _____ () C:\Users\Owner\Downloads\les5e_ppt_11.ppt
2015-01-13 12:58 - 2015-01-13 12:58 - 00013824 _____ () C:\Users\Owner\Downloads\MATH221_W2 LabData Minitab (2).MPJ
2015-01-12 11:09 - 2015-01-12 11:09 - 00013824 _____ () C:\Users\Owner\Downloads\MATH221_W2 LabData Minitab (1).MPJ
2015-01-12 11:07 - 2015-01-12 11:07 - 00013824 _____ () C:\Users\Owner\Downloads\MATH221_W2 LabData Minitab.MPJ
2015-01-12 00:25 - 2015-01-12 00:25 - 01061753 _____ () C:\Users\Owner\Downloads\Math+221+Week+2+Lecture+Jan+2015.pptx
2015-01-12 00:25 - 2015-01-12 00:25 - 00136864 _____ () C:\Users\Owner\Downloads\3by9onW_Week_2.pptx
2015-01-11 23:43 - 2015-01-11 23:43 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (7).ppt
2015-01-11 23:14 - 2015-01-11 23:14 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (6).ppt
2015-01-11 22:32 - 2015-01-11 22:32 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (5).ppt
2015-01-11 15:10 - 2015-01-11 15:10 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (4).ppt
2015-01-11 15:10 - 2015-01-11 15:10 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (3).ppt
2015-01-11 15:07 - 2015-01-11 15:07 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (2).ppt
2015-01-11 15:01 - 2015-01-11 15:01 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09 (1).ppt
2015-01-11 14:58 - 2015-01-11 14:58 - 02940416 _____ () C:\Users\Owner\Downloads\les5e_ppt_09.ppt
2015-01-08 12:16 - 2015-01-08 12:16 - 02130432 _____ () C:\Users\Owner\Downloads\les5e_PPT_01 (2).ppt
2015-01-08 08:50 - 2015-01-08 08:50 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-08 08:50 - 2015-01-08 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-08 08:50 - 2015-01-08 08:50 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-08 08:47 - 2015-01-08 08:47 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-08 08:47 - 2015-01-08 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-08 08:45 - 2015-01-08 08:45 - 00000000 ____D () C:\Program Files\iPod
2015-01-08 08:44 - 2015-01-08 08:47 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-08 08:44 - 2015-01-08 08:47 - 00000000 ____D () C:\Program Files\iTunes
2015-01-08 08:44 - 2015-01-08 08:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-07 11:14 - 2015-01-07 11:14 - 04445696 _____ () C:\Users\Owner\Downloads\les5e_ppt_02 (4).ppt
2015-01-07 11:02 - 2015-01-07 11:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ICAClient
2015-01-07 11:02 - 2015-01-07 11:02 - 00001512 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-01-07 11:01 - 2015-01-07 11:02 - 00000000 ____D () C:\ProgramData\Citrix
2015-01-07 10:59 - 2015-01-07 11:02 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-01-07 10:58 - 2015-01-07 10:58 - 00001456 _____ () C:\Users\Owner\Downloads\REMxIFhENyBTZXJ2ZXIuTWluaXRhYiAxNiBTdGF0aXN0aQ-- (1).ica
2015-01-07 10:57 - 2015-01-07 10:57 - 00001456 _____ () C:\Users\Owner\Downloads\REMxIFhENyBTZXJ2ZXIuTWluaXRhYiAxNiBTdGF0aXN0aQ--.ica
2015-01-06 23:36 - 2015-01-06 23:38 - 53860688 _____ (Citrix Systems, Inc.) C:\Users\Owner\Downloads\CitrixReceiver.exe
2015-01-06 10:41 - 2015-01-06 10:41 - 04445696 _____ () C:\Users\Owner\Downloads\les5e_ppt_02 (3).ppt
2015-01-05 17:09 - 2015-01-05 17:09 - 04445696 _____ () C:\Users\Owner\Downloads\les5e_ppt_02 (2).ppt
2015-01-05 17:08 - 2015-01-05 17:09 - 04445696 _____ () C:\Users\Owner\Downloads\les5e_ppt_02 (1).ppt
2015-01-04 15:40 - 2015-01-04 15:40 - 04445696 _____ () C:\Users\Owner\Downloads\les5e_ppt_02.ppt
2015-01-04 15:40 - 2015-01-04 15:40 - 02136064 _____ () C:\Users\Owner\Downloads\les5e_ppt_01 (1).ppt
2015-01-04 14:00 - 2015-01-04 14:00 - 02134016 _____ () C:\Users\Owner\Downloads\les5e_ppt_01.ppt
2015-01-04 09:35 - 2015-01-04 09:35 - 00022528 _____ () C:\Users\Owner\AppData\Local\dsisetup8229588442.exe
2015-01-04 09:35 - 2015-01-04 09:35 - 00000001 _____ () C:\Users\Owner\AppData\Local\DSI.DAT
2015-01-03 12:12 - 2015-01-03 12:22 - 00000000 ____D () C:\Users\Owner\Documents\Radio Stuff
2015-01-02 17:01 - 2015-01-02 17:01 - 00000000 ____D () C:\Program Files (x86)\Prolific
2015-01-02 17:00 - 2007-07-31 19:04 - 00090112 _____ (Prolific Technology Inc.) C:\Windows\system32\Drivers\ser2pl64.sys
2015-01-02 16:57 - 2015-01-02 17:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\CHIRP
2015-01-02 16:56 - 2015-01-02 16:56 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CHIRP
2015-01-02 16:56 - 2015-01-02 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIRP
2015-01-02 16:55 - 2015-01-02 16:56 - 00000000 ____D () C:\Program Files (x86)\CHIRP
2015-01-02 16:55 - 2015-01-02 16:55 - 10666829 _____ () C:\Users\Owner\Downloads\chirp-0.4.1-installer.exe
2015-01-02 15:35 - 2015-01-23 00:40 - 00000126 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
2015-01-01 20:53 - 2015-01-01 20:54 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-01 20:53 - 2015-01-01 20:53 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-01 20:53 - 2015-01-01 20:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TuneUp Software
2015-01-01 20:51 - 2015-01-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baofeng
2015-01-01 20:50 - 2015-01-02 17:04 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2015-01-01 20:50 - 2015-01-02 17:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2015-01-01 20:50 - 2015-01-01 20:51 - 00000000 ____D () C:\Program Files (x86)\UV5R_W64_VIP
2015-01-01 20:50 - 2015-01-01 20:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baofeng
2015-01-01 20:49 - 2015-01-01 20:49 - 00000000 ____D () C:\Program Files\20130918085301786
2015-01-01 20:47 - 2015-01-01 20:49 - 02602967 _____ () C:\Users\Owner\Downloads\20130918085301786 (1).rar
2015-01-01 20:46 - 2015-01-01 20:46 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IHlpr
2015-01-01 20:45 - 2015-01-01 20:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Philipp Winterberg
2015-01-01 20:45 - 2015-01-01 20:45 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\OpenCandy
2015-01-01 20:44 - 2015-01-01 20:44 - 01450496 _____ (Philipp Winterberg) C:\Users\Owner\Downloads\InstallFreeRARExtractFrog (1).exe
2015-01-01 20:41 - 2015-01-01 20:41 - 01450496 _____ (Philipp Winterberg) C:\Users\Owner\Downloads\InstallFreeRARExtractFrog.exe
2015-01-01 20:40 - 2015-01-23 07:40 - 00000292 _____ () C:\Windows\Tasks\WSE_Vosteran.job
2015-01-01 20:40 - 2015-01-01 20:40 - 00003232 _____ () C:\Windows\System32\Tasks\WSE_Vosteran
2015-01-01 20:40 - 2015-01-01 20:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WSE_Vosteran
2015-01-01 20:40 - 2015-01-01 20:40 - 00000000 ____D () C:\Program Files (x86)\WSE_Vosteran
2015-01-01 20:39 - 2015-01-01 20:40 - 00000000 ____D () C:\ProgramData\WinZip
2015-01-01 20:39 - 2015-01-01 20:39 - 00002291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-01-01 20:39 - 2015-01-01 20:39 - 00002285 _____ () C:\Users\Public\Desktop\WinZip.lnk
2015-01-01 20:39 - 2015-01-01 20:39 - 00000000 ____D () C:\Users\Owner\AppData\Local\WinZip
2015-01-01 20:39 - 2015-01-01 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-01-01 20:39 - 2015-01-01 20:39 - 00000000 ____D () C:\Program Files\WinZip
2015-01-01 20:39 - 2015-01-01 20:39 - 00000000 ____D () C:\Program Files\File Association Helper
2015-01-01 20:37 - 2015-01-01 20:37 - 00906024 _____ ( ) C:\Users\Owner\Downloads\winzip19-lan_en.exe
2015-01-01 13:13 - 2015-01-01 13:14 - 02602967 _____ () C:\Users\Owner\Downloads\20130918085301786.rar
2014-12-25 21:01 - 2014-12-25 21:01 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 07:46 - 2012-01-19 05:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4059772642-3558261170-1923146660-1000UA.job
2015-01-23 07:14 - 2012-05-13 08:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 07:00 - 2012-12-13 10:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 06:06 - 2012-01-19 03:12 - 01341463 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 01:14 - 2012-05-13 08:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 01:14 - 2012-05-13 08:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 01:14 - 2011-08-12 09:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 21:04 - 2011-08-12 09:04 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2015-01-22 17:19 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 17:19 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 16:45 - 2012-01-19 05:33 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4059772642-3558261170-1923146660-1000Core.job
2015-01-22 16:44 - 2012-12-13 10:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-19 13:01 - 2014-12-15 11:47 - 00000000 ____D () C:\Users\Owner\AppData\Local\join.me
2015-01-18 16:49 - 2009-07-13 23:51 - 00098063 _____ () C:\Windows\setupact.log
2015-01-15 10:20 - 2009-07-14 00:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 10:16 - 2012-12-13 10:56 - 00000000 ___RD () C:\Users\Owner\Google Drive
2015-01-15 10:16 - 2012-07-12 17:47 - 00000000 ____D () C:\Users\Owner\AppData\Local\Htc
2015-01-15 10:15 - 2013-03-02 13:56 - 00001872 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-01-15 10:15 - 2013-03-02 13:55 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2015-01-15 10:15 - 2012-01-19 05:29 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-15 10:14 - 2010-11-20 22:47 - 00324144 _____ () C:\Windows\PFRO.log
2015-01-15 10:14 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 09:45 - 2013-08-03 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 08:07 - 2012-06-09 07:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 12:48 - 2013-09-27 17:13 - 00000000 ____D () C:\Users\Owner\Documents\Outlook Files
2015-01-08 08:45 - 2012-02-13 21:25 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-08 08:44 - 2014-05-20 20:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-07 11:02 - 2012-01-21 23:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\Citrix
2015-01-02 17:01 - 2011-08-12 08:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-01 20:40 - 2013-04-23 18:52 - 00000000 ____D () C:\Program Files (x86)\Settings Alerter
2014-12-27 11:23 - 2014-10-30 14:28 - 00000000 ____D () C:\Users\Owner\Desktop\DA_S5
2014-12-26 19:53 - 2013-07-28 12:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-01-02 15:35 - 2015-01-23 00:40 - 0000126 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
2013-11-18 13:20 - 2013-11-18 13:20 - 0893239 _____ () C:\Users\Owner\AppData\Local\a.zip
2013-11-18 13:20 - 2013-11-18 13:20 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Owner\AppData\Local\BcsKtYcHW.dll
2015-01-04 09:35 - 2015-01-04 09:35 - 0000001 _____ () C:\Users\Owner\AppData\Local\DSI.DAT
2015-01-04 09:35 - 2015-01-04 09:35 - 0022528 _____ () C:\Users\Owner\AppData\Local\dsisetup8229588442.exe
2014-09-13 20:08 - 2014-09-13 20:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-01-19 03:41 - 2012-01-19 03:43 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-10-29 10:40 - 2014-09-13 16:42 - 0008890 _____ () C:\ProgramData\hpzinstall.log
2012-01-21 14:18 - 2014-04-03 09:20 - 0000935 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\2aa3848c-c8c9-4bb6-b697-b1e0fea1633b.exe
C:\Users\Owner\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Owner\AppData\Local\Temp\contentDATs.exe
C:\Users\Owner\AppData\Local\Temp\CouponMatcher.exe
C:\Users\Owner\AppData\Local\Temp\EasyTorrent.exe
C:\Users\Owner\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Owner\AppData\Local\Temp\GUR46F3.exe
C:\Users\Owner\AppData\Local\Temp\installhelper.dll
C:\Users\Owner\AppData\Local\Temp\install_flashplayer11x32au_mssa_aaa_aih.exe
C:\Users\Owner\AppData\Local\Temp\install_flashplayer11x32ax_mssd_au_aih.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\mssinstaller.exe
C:\Users\Owner\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Owner\AppData\Local\Temp\propsys.dll
C:\Users\Owner\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Owner\AppData\Local\Temp\setup_3.2.20.exe
C:\Users\Owner\AppData\Local\Temp\SRAssetsHelper.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 13:10
==================== End Of Log ============================