Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by Brandon (administrator) on BRANDON-PC on 26-10-2014 20:49:04
Running from C:\Users\Brandon\Desktop
Loaded Profiles: Brandon & UpdatusUser (Available profiles: Brandon & Morgandy & Kammie Jo & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BeFrugal Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2009\QBW32.EXE
(Dropbox, Inc.) C:\Users\Brandon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intuit Inc. All rights reserved.) C:\Users\Brandon\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-11-08] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE [120152 2011-08-14] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\MountPoints2: K - K:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\MountPoints2: {23483045-0a13-11e0-8d4f-00248cbf16db} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\MountPoints2: {9f9ec5ea-790e-11e3-8409-00248cbf16db} - K:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\MountPoints2: {db3885a0-0bf6-11e4-a9eb-00248cbf16db} - K:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...\MountPoints2: {f531c23d-e2a0-11de-ac56-00248cbf16db} - J:\LaunchU3.exe
HKU\S-1-5-21-2046384403-2357638149-873898192-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2009\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Brandon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSmobileSCAN II.lnk
ShortcutTarget: DSmobileSCAN II.lnk -> C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe (Brother Industries, Ltd.)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:8075
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30B14BF28574CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647SearchScopes: HKLM-x32 - {09971cee-01b8-42bc-9d91-456b1faad6be} URL =
search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm029YYus&ptb=7A9AAF44-3266-4CDE-8235-5F655C2267EA&ind=2011042110&ptnrS=CDxdm029YYus&si=17747&n=77de113e&psa=&st=sb&searchfor={searchTerms}SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647SearchScopes: HKCU - DefaultScope {13964C23-8077-4DDE-80DE-D6C0C33B5915} URL =
search.yahoo.com/search?fr=mcafee&type=B011US0D20140109&p={SearchTerms}SearchScopes: HKCU - {09971cee-01b8-42bc-9d91-456b1faad6be} URL =
SearchScopes: HKCU - {13964C23-8077-4DDE-80DE-D6C0C33B5915} URL =
search.yahoo.com/search?fr=mcafee&type=B011US0D20140109&p={SearchTerms}SearchScopes: HKCU - {21B02041-E747-413E-9367-0DD0ABBB819E} URL =
www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647SearchScopes: HKCU - {7F5B6B31-E3C2-4E7A-A6C2-D5E336934773} URL =
websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=021FC6A1-84DA-4848-8104-01EE576C9B77&apn_sauid=5031A73F-A7C1-4762-AE91-CD0F6B688917SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dnldstr_14_34_ie&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0C0B0FtCyC0D0ByE0B0FyEtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtAtCzzzz0AyE0BtG0BtByDtAtG0A0EtDtBtGtA0Dzz0AtGtB0BzztCzz0F0Dzy0E0DtDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyC0D0BtDyEzytCtGtB0AyCyEtGyD0ByBtDtG0AyD0E0BtGtBtB0E0C0FyE0B0FtDyD0AyB2Q&cr=1989031545&ir=BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll No File
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {18367A5B-6876-4EDC-B374-7DDBC266DDC5} -> C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-032.dll No File
BHO-x32: BeFrugalIEHelper -> {2335A057-CBA6-40F6-A712-C6A7C98F7813} -> C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - BeFrugal.com Toolbar - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKCU - No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C}
juniper.net/dana-cached/sc/JuniperSetupClient64.cabDPF: HKLM-x32 {1A5B2479-832B-484A-9401-F484998F63E7}
www.gunbroker.com/WebResource.axd?d=IpApceCcZXLHZq28SGrJDyN-3QQccHm1JLRPCMcSG1IRq1NjGSjN7xviH9R-REMUeE7JK_frHYskBf8WTX1doFUaLLLNbvZBPgu8vmQMSEF3Fm1wTFaSCeaooxyBn5POMzslCENphowfZDljblatKw88a0I6uZu52iEHe9nwKrNfUmIK0&t=635231514572208619DPF: HKLM-x32 {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF}
www.gunbroker.com/WebResource.axd?d=Qydpf0KIwF1Fr6RRPI2vp09Qx7960W1PefrwdgTL1YWRWyUo6in6PN6VS7m59gst6zjhnPK4xtevtkkiPAeNbVdLz1lm1BKvO-eVx_B2d1Lb7EFrywmMr-EfCQUqniwFPL_qr5-6LT50B9lSJqZDgme2Vksu6ajL4Qvm6a-2VX8ROm8K0&t=635024846280000000DPF: HKLM-x32 {8D9563A9-8D5F-459B-87F2-BA842255CB9A}
owa2010.okc.gov/InternalSite/WhlCompMgr.cabDPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353}
70.233.252.135:6102/WebClient.exeDPF: HKLM-x32 {AA570693-00E2-4907-B6F1-60A1199B030C}
DPF: HKLM-x32 {C6A47FBB-2ECA-430E-8466-5523772CA4FA}
www.gunbroker.com/WebResource.axd?d=IpApceCcZXLHZq28SGrJDyN-3QQccHm1JLRPCMcSG1IRq1NjGSjN7xviH9R-REMUeE7JK_frHYskBf8WTX1doFUaLLLNbvZBPgu8vmQMSEF3Fm1wTFaSCeaooxyBn5POMzslCENphowfZDljblatKw88a0I6uZu52iEHe9nwKrNfUmIK0&t=635040331540000000DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
juniper.net/dana-cached/sc/JuniperSetupClient.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: google.com
FF Keyword.URL:
search.yahoo.com/search?fr=mcafee&type=B111US0D20140109&p=FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @edvr/WebClient -> C:\windows\system32\WebClient\npwebclient.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Brandon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\searchplugins\Astromenda.xml
FF SearchPlugin: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\searchplugins\CouponAlert_2p.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Split Browser - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\Extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2010-04-17]
FF Extension: XUL Cache - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\Extensions\{fe628252-6a12-4b1a-b349-d94d238f8477} [2011-08-19]
FF Extension: SSL Version Control - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\0q62i0wv.default\Extensions\jid1-ZM3BerwS6FsQAg@jetpack.xpi [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-01-09]
Chrome:
=======
CHR HomePage: Default -> hxxp://mail.machinegunsplus.com/
CHR StartupUrls: Default -> "hxxp://mail.machinegunsplus.com/", "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (SiteAdvisor) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-01-10]
CHR Extension: (Google Wallet) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-29]
CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\Brandon\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2014-09-29]
CHR StartMenuInternet: Google Chrome - C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BeFrugal.com Toolbar Broker; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [332184 2012-05-18] (Capital Intellect, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 DMService; C:\Windows\Downloaded Program Files\DM.0\DMService.exe [619328 2013-04-02] (Microsoft Corporation)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-11-27] (Macrovision Europe Ltd.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [4901888 2009-05-14] () [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-11-08] (Intuit) [File not signed]
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2011-08-19] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 uagqecsvc; C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [169280 2013-04-02] (Microsoft Corporation)
S2 70e6ca8c; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",SVC
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2012-03-13] (http://libusb-win32.sourceforge.net)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PaniniUSB; C:\Windows\System32\DRIVERS\PaniniUSB.sys [266752 2012-10-22] (Jungo)
R3 PaniniUSB; C:\Windows\SysWOW64\DRIVERS\PaniniUSB.sys [266752 2012-10-22] (Jungo)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [61216 2008-10-30] (SEIKO EPSON CORPORATION)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys [61080 2014-08-19] (StdLib)
S3 WinDriver6; system32\DRIVERS\Windrvr6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-26 20:49 - 2014-10-26 20:50 - 00038729 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-10-26 20:46 - 2014-10-26 20:49 - 00000000 ____D () C:\FRST
2014-10-26 20:44 - 2014-10-26 20:44 - 02113024 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-10-26 20:33 - 2014-10-26 20:33 - 00000739 _____ () C:\Users\Brandon\Desktop\DelFix.txt
2014-10-26 20:32 - 2014-10-26 20:32 - 00070656 _____ () C:\Windows\system32\uescg.dll
2014-10-26 20:32 - 2014-10-26 20:32 - 00003856 _____ () C:\Windows\System32\Tasks\{F753DDFC-F311-BBB0-D742-35C4EF8DD97E}
2014-10-26 20:32 - 2014-10-26 20:32 - 00000739 _____ () C:\DelFix.txt
2014-10-26 20:32 - 2014-10-26 20:32 - 00000000 ____D () C:\Windows\ERUNT
2014-10-26 20:32 - 2014-10-26 20:32 - 00000000 _____ () C:\Windows\system32\rqxphc.dll
2014-10-25 05:16 - 2014-10-25 16:06 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp
2014-10-25 04:19 - 2014-10-25 04:19 - 26300416 _____ () C:\Users\Brandon\Desktop\Benson Firearms (Backup Oct 25,2014 04 18 AM).QBB
2014-10-25 02:56 - 2014-10-25 02:56 - 00173175 _____ () C:\Users\Brandon\Desktop\scan 2 Shortcut.txt
2014-10-25 02:56 - 2014-10-25 02:56 - 00097782 _____ () C:\Users\Brandon\Desktop\scan 2 FRST.txt
2014-10-25 02:56 - 2014-10-25 02:56 - 00047238 _____ () C:\Users\Brandon\Desktop\scan 2 Addition.txt
2014-10-25 02:48 - 2014-10-25 02:48 - 00079543 _____ () C:\Users\Brandon\Desktop\scan 1 FRST.txt
2014-10-25 02:48 - 2014-10-25 02:48 - 00046398 _____ () C:\Users\Brandon\Desktop\scan 1 Addition.txt
2014-10-23 22:26 - 2014-10-23 22:26 - 00008518 _____ () C:\Users\Brandon\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-10-23 22:26 - 2014-10-23 22:26 - 00008518 _____ () C:\Users\Brandon\AppData\DECRYPT_INSTRUCTION.HTML
2014-10-23 22:26 - 2014-10-23 22:26 - 00004200 _____ () C:\Users\Brandon\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-10-23 22:26 - 2014-10-23 22:26 - 00004200 _____ () C:\Users\Brandon\AppData\DECRYPT_INSTRUCTION.TXT
2014-10-23 22:26 - 2014-10-23 22:26 - 00000274 _____ () C:\Users\Brandon\AppData\Roaming\INSTALL_TOR.URL
2014-10-23 22:26 - 2014-10-23 22:26 - 00000274 _____ () C:\Users\Brandon\AppData\INSTALL_TOR.URL
2014-10-23 22:15 - 2014-10-23 22:15 - 00008518 _____ () C:\Users\Brandon\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-10-23 22:15 - 2014-10-23 22:15 - 00004200 _____ () C:\Users\Brandon\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-10-23 22:15 - 2014-10-23 22:15 - 00000274 _____ () C:\Users\Brandon\AppData\Local\INSTALL_TOR.URL
2014-10-23 22:07 - 2014-10-23 22:07 - 00008518 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-10-23 22:07 - 2014-10-23 22:07 - 00004200 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-10-23 22:07 - 2014-10-23 22:07 - 00000274 _____ () C:\ProgramData\INSTALL_TOR.URL
2014-10-22 16:00 - 2014-10-25 16:10 - 00001368 _____ () C:\ProgramData\@system.att
2014-10-22 15:59 - 2014-10-25 17:11 - 00000000 ___HD () C:\b76406f
2014-10-22 15:58 - 2014-10-25 16:11 - 00001104 ____H () C:\ProgramData\@system2.att
2014-10-22 15:58 - 2014-10-22 15:58 - 00000448 ____H () C:\Users\Brandon\AppData\Roaming\麽鎒駓覜
2014-10-20 01:00 - 2014-10-20 01:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 04:28 - 2014-10-16 04:28 - 00002132 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2014-10-16 04:28 - 2014-10-16 04:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2014-10-15 03:23 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-15 03:23 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-15 02:47 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-15 02:47 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-15 02:47 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-15 02:47 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-15 02:47 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-15 02:47 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-15 02:46 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-15 02:46 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-15 02:45 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 02:45 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 02:45 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 02:45 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 02:45 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 02:45 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 02:45 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 02:45 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 02:45 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 02:45 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 02:45 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 02:45 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 02:45 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 02:45 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 02:45 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 02:45 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 02:45 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 02:45 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 02:45 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 02:45 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 02:45 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 02:45 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 02:45 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 02:45 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 02:45 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 02:45 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 02:45 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 02:45 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 02:45 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 02:45 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 02:45 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 02:45 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 02:45 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 02:45 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 02:45 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 02:45 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 02:45 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 02:44 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 02:44 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 02:44 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 02:44 - 2014-08-28 21:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 02:44 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 02:44 - 2014-08-28 21:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 02:44 - 2014-08-28 21:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 02:44 - 2014-08-28 21:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 02:44 - 2014-08-28 20:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 02:44 - 2014-08-28 20:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 02:44 - 2014-08-28 20:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 02:44 - 2014-08-28 20:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 02:44 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 02:44 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 02:44 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 02:44 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 02:44 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 02:44 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 02:44 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 02:44 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 02:44 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 02:44 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 02:44 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 02:44 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-15 02:44 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-15 02:44 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-15 02:44 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-15 02:44 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-15 02:44 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-10-15 02:44 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-10-15 02:44 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-15 02:44 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-10-15 02:44 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 02:44 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 02:44 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 02:44 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 02:44 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-15 02:44 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-15 02:44 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-15 02:44 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-15 02:44 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-10-15 02:43 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 02:43 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 02:43 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 02:43 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-10-15 02:43 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-10-15 02:43 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-15 02:43 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-15 02:43 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-15 02:43 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 02:43 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-15 02:42 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 02:42 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-15 02:42 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 02:42 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 02:42 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-15 02:42 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-15 02:42 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 02:42 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 02:42 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-15 02:42 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-15 02:42 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-15 02:42 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-15 02:42 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-15 02:42 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 02:42 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 02:42 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-15 02:41 - 2014-09-20 00:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 02:41 - 2014-09-20 00:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 02:41 - 2014-09-20 00:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 02:41 - 2014-09-20 00:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 02:41 - 2014-09-20 00:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 02:41 - 2014-09-20 00:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 02:41 - 2014-09-20 00:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 02:41 - 2014-09-19 22:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 02:41 - 2014-09-19 22:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 02:41 - 2014-09-19 22:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 02:41 - 2014-09-19 22:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 02:41 - 2014-09-19 22:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 02:41 - 2014-09-19 22:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 02:41 - 2014-09-19 21:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-15 02:41 - 2014-09-19 21:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-15 02:33 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-15 02:33 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-27 14:19 - 2014-09-27 14:19 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Astromenda
2014-09-27 02:00 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-26 20:51 - 2012-04-02 14:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 20:48 - 2009-07-13 23:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 20:48 - 2009-07-13 23:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 20:47 - 2009-12-03 21:03 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{225E3A09-677A-4ABF-AAE0-3AC8E5ED1809}
2014-10-26 20:39 - 2011-05-17 22:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 20:38 - 2012-12-26 05:17 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\.oit
2014-10-26 20:37 - 2012-07-18 10:58 - 00000452 _____ () C:\Windows\Tasks\BeFrugal.com Toolbar.job
2014-10-26 20:37 - 2011-05-17 22:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 20:37 - 2010-03-08 21:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-26 20:37 - 2009-12-07 12:59 - 01394572 _____ () C:\Windows\PFRO.log
2014-10-26 20:37 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 20:37 - 2009-07-13 23:51 - 00115185 _____ () C:\Windows\setupact.log
2014-10-26 20:22 - 2010-08-06 23:08 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Dropbox
2014-10-26 20:19 - 2014-08-19 21:19 - 00000300 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-10-26 19:37 - 2009-12-04 00:25 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046384403-2357638149-873898192-1000UA.job
2014-10-26 05:37 - 2009-12-04 00:25 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046384403-2357638149-873898192-1000Core.job
2014-10-25 16:19 - 2014-08-24 10:19 - 00000122 _____ () C:\Users\Brandon\AppData\Roaming\WB.CFG
2014-10-25 04:44 - 2010-01-08 03:19 - 00000000 ____D () C:\Users\Brandon\AppData\Local\CrashDumps
2014-10-24 16:28 - 2009-12-03 22:31 - 01659053 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 16:21 - 2014-01-09 04:24 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-23 23:46 - 2011-06-05 14:38 - 00000000 ____D () C:\Users\Brandon\Documents\Driver's Ed
2014-10-23 23:46 - 2010-05-31 14:31 - 00000000 ____D () C:\Users\Brandon\Documents\FBMC
2014-10-23 23:46 - 2009-12-06 17:24 - 00000000 ____D () C:\Users\Brandon\Documents\eFax Messenger 4.4
2014-10-23 23:46 - 2009-12-06 17:24 - 00000000 ____D () C:\Users\Brandon\Documents\eFax Messenger 4.3
2014-10-23 23:44 - 2013-04-02 20:44 - 00000000 ____D () C:\Users\Brandon\Documents\discoveriphone5claim
2014-10-23 23:44 - 2011-05-30 16:09 - 00000000 ____D () C:\Users\Brandon\Documents\CMA Fest
2014-10-23 23:44 - 2009-12-06 17:24 - 00000000 ____D () C:\Users\Brandon\Documents\Christmas
2014-10-23 23:43 - 2014-04-10 01:54 - 00000000 ____D () C:\Users\Brandon\Desktop\the MO
2014-10-23 23:43 - 2013-04-02 20:41 - 00000000 ____D () C:\Users\Brandon\Desktop\SCANS
2014-10-23 23:43 - 2012-11-02 03:33 - 00000000 ____D () C:\Users\Brandon\Desktop\serbu
2014-10-23 23:43 - 2011-09-20 01:08 - 00000000 ____D () C:\Users\Brandon\Desktop\rinehart
2014-10-23 23:41 - 2011-01-29 15:19 - 00000000 ____D () C:\Users\Brandon\Desktop\qs invoices
2014-10-23 23:40 - 2010-03-22 03:03 - 00000000 ____D () C:\Users\Brandon\Desktop\PHOTOS
2014-10-23 23:38 - 2011-10-24 15:38 - 00000000 ____D () C:\Users\Brandon\Desktop\old pics
2014-10-23 23:36 - 2010-12-15 15:46 - 00000000 ____D () C:\Users\Brandon\Desktop\New folder
2014-10-23 23:33 - 2011-10-29 00:30 - 00000000 ____D () C:\Users\Brandon\Desktop\MGP logos
2014-10-23 23:32 - 2013-03-15 03:06 - 00000000 ____D () C:\Users\Brandon\Desktop\HR HANDI RIFLE
2014-10-23 23:32 - 2013-03-04 02:39 - 00000000 ____D () C:\Users\Brandon\Desktop\gunbroker
2014-10-23 23:30 - 2014-02-19 04:26 - 00000000 ____D () C:\Users\Brandon\Desktop\gun pics
2014-10-23 23:26 - 2014-05-11 02:25 - 00000000 ____D () C:\Users\Brandon\Desktop\graduation party
2014-10-23 22:59 - 2014-08-18 16:05 - 00000000 ____D () C:\Users\Brandon\Desktop\DIVORCE
2014-10-23 22:59 - 2014-05-08 23:41 - 00000000 ____D () C:\Users\Brandon\Desktop\go pro update 2
2014-10-23 22:59 - 2014-02-04 01:31 - 00000000 ____D () C:\Users\Brandon\Desktop\GOPRO
2014-10-23 22:59 - 2013-12-15 07:47 - 00000000 ____D () C:\Users\Brandon\Desktop\CUSTOMER FORMS
2014-10-23 22:48 - 2010-08-04 20:27 - 00000000 ____D () C:\Users\Brandon\Desktop\CANCUN
2014-10-23 22:44 - 2009-12-06 17:26 - 00000000 ____D () C:\Users\Brandon\Desktop\.ATF FORMS & FFLs
2014-10-23 22:26 - 2013-08-26 04:11 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Photobucket
2014-10-23 22:26 - 2012-09-18 05:47 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Stamps.com Internet Postage
2014-10-23 22:26 - 2009-12-03 21:05 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Mozilla
2014-10-23 22:24 - 2010-01-26 13:25 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Juniper Networks
2014-10-23 22:24 - 2009-12-15 02:32 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Intuit
2014-10-23 22:22 - 2014-01-02 04:45 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GoPro
2014-10-23 22:20 - 2014-08-19 21:16 - 00000000 ___HD () C:\Users\Brandon\AppData\Roaming\GoldenGate
2014-10-23 22:19 - 2009-12-07 02:57 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Brother
2014-10-23 22:19 - 2009-12-04 00:28 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Apple Computer
2014-10-23 22:15 - 2012-12-26 05:17 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NewSoft
2014-10-23 22:15 - 2011-01-08 23:20 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Symantec
2014-10-23 22:15 - 2009-12-03 21:06 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Adobe
2014-10-23 22:15 - 2009-12-03 21:05 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Mozilla
2014-10-23 22:15 - 2009-12-03 20:51 - 00000000 ____D () C:\Users\Brandon\AppData\Local\VirtualStore
2014-10-23 22:09 - 2009-12-07 02:34 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Intuit
2014-10-23 22:09 - 2009-12-04 00:25 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Google
2014-10-23 22:08 - 2014-08-19 21:15 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Gameo
2014-10-23 22:08 - 2009-12-04 00:28 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Apple Computer
2014-10-23 22:07 - 2011-08-23 01:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-23 22:07 - 2010-05-11 10:21 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-10-23 22:07 - 2009-12-04 00:28 - 00000000 ____D () C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
2014-10-23 22:07 - 2009-12-03 20:51 - 00000000 ____D () C:\Users\Brandon
2014-10-23 22:03 - 2010-01-07 18:34 - 00000000 ____D () C:\ProgramData\Norton
2014-10-23 22:03 - 2009-12-07 02:29 - 00000000 ____D () C:\ProgramData\Intuit
2014-10-23 21:48 - 2014-03-27 04:02 - 00000000 ____D () C:\ProgramData\Carbonite
2014-10-23 21:48 - 2012-09-21 02:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-23 21:48 - 2010-11-27 17:51 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-10-23 21:48 - 2009-12-06 15:05 - 00000000 ____D () C:\Old BU
2014-10-23 20:41 - 2014-01-09 03:57 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-10-23 20:19 - 2010-08-06 23:09 - 00000000 ___RD () C:\Users\Brandon\Documents\My Dropbox
2014-10-22 16:17 - 2012-05-03 02:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-20 05:32 - 2009-12-04 00:25 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2046384403-2357638149-873898192-1000UA
2014-10-20 05:32 - 2009-12-04 00:25 - 00003498 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2046384403-2357638149-873898192-1000Core
2014-10-18 00:34 - 2011-05-17 22:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 00:34 - 2011-05-17 22:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 04:29 - 2009-12-07 15:09 - 00000000 ____D () C:\Windows\rescache
2014-10-16 04:28 - 2014-03-27 04:03 - 00004152 _____ () C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2014-10-15 04:26 - 2014-01-07 08:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 04:23 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-15 04:23 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-15 04:18 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-15 04:14 - 2009-07-13 23:45 - 00462848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 04:10 - 2014-06-05 23:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 04:10 - 2009-07-14 02:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-15 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 03:57 - 2009-12-14 00:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 03:33 - 2011-01-29 04:27 - 00778700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-15 03:33 - 2009-07-14 00:13 - 00778700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 02:38 - 2011-05-17 22:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 23:32 - 2012-09-18 05:44 - 00000036 ____H () C:\Windows\SysWOW64\f9t.dat
2014-10-07 13:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 10:02 - 2010-01-02 01:26 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-01 05:14 - 2014-05-29 12:43 - 00008578 _____ () C:\Windows\wininit.ini
2014-09-29 22:09 - 2009-12-07 03:16 - 00000000 ____D () C:\Users\Brandon\Documents\My Labels
Some content of TEMP:
====================
C:\Users\Brandon\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzwmb5b.dll
C:\Users\Brandon\AppData\Local\Temp\ERUNT.exe
C:\Users\Brandon\AppData\Local\Temp\ose00000.exe
C:\Users\Brandon\AppData\Local\Temp\_is24FE.exe
C:\Users\Brandon\AppData\Local\Temp\_is255C.exe
C:\Users\Brandon\AppData\Local\Temp\_is3769.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 00:29
==================== End Of Log ============================