Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2015 02
Ran by youth (administrator) on YOUTH-PC on 23-04-2015 20:25:58
Running from C:\Users\youth\Desktop
Loaded Profiles: youth (Available profiles: youth)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\stacsv.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\youth\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(My Weather) C:\Program Files\desktop weather\desktopweather_2456554.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\youth\AppData\Local\Akamai\netsession_win.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1602856 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-04-06] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3873648 2010-01-15] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5249024 2010-09-18] (Dell Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM\...\Run: [QuickFinder Scheduler] => c:\Program Files\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [136600 2010-03-11] (Corel Corporation)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-15] (Kaspersky Lab ZAO)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Run: [Akamai NetSession Interface] => C:\Users\youth\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: D - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {04730691-1e15-11e3-8602-f04da29296b5} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {04f2721b-ed7e-11e2-a448-f04da29296b5} - D:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {403ca24a-7e90-11e3-b80f-f04da29296b5} - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {d42b1ffd-e63d-11e0-9820-f04da29296b5} - F:\setup.exe -a
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {f86e359d-c5d5-11e0-aca1-f04da29296b5} - E:\TL-Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-01-16]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\youth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop weather.lnk [2010-10-27]
ShortcutTarget: desktop weather.lnk -> C:\Program Files\desktop weather\desktopweather_2456554.exe (My Weather)
Startup: C:\Users\youth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-10-07]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-01-09] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {74CDA376-141C-4F67-BF78-DA975E80060B} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?c...pn_sauid=7BAD692D-4531-48D4-8148-EC3F7F7CB094
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {36D9B682-5384-4EE5-A74C-F8EA40FE0C7F} URL = http://www.mysearchresults.com/search?&c=2641&t=03&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {4C6B7B63-B86D-4D2C-B0DC-122A75C0899A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {4CA07D0E-AFFF-4231-AE51-62BF09AD55AC} URL = http://search.yahoo.com/search?p={s...e=W3i_DS,136,0_0,Search,20121041,17841,0,18,0
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {6819D6AA-2614-4228-BBA4-84182B7A981D} URL = http://search.avg.com/route/?d=4cb3...e&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {74CDA376-141C-4F67-BF78-DA975E80060B} URL =
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid=...2056f47c9bf&lang=en&ds=AVG&pr=pr&d=2012-07-29 21:38:38&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80677&lng=en
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: GetDislike.BHO -> {2c28e48b-1d93-3aa7-8b5f-82576c04a7bb} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-07-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 208.67.222.222
FireFox:
========
FF ProfilePath: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default
FF DefaultSearchEngine: Yahoo US
FF SelectedSearchEngine: Yahoo US
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-07-14] ()
FF Plugin: @funwebproducts.com/Plugin -> C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\user.js [2014-11-30]
FF SearchPlugin: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\searchplugins\inbox-search.xml [2012-04-30]
FF SearchPlugin: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\searchplugins\mywebsearch.xml [2011-05-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-09-03]
FF Extension: Plus-HD-1.2 C - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\dad2ada441be422fac3577@d1e84d4570e6419885b2032.com [2015-03-03]
FF Extension: Default Manager - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\DefaultManager@Microsoft [2013-08-19]
FF Extension: WordExtra - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\korey@markus.me [2013-12-23]
FF Extension: Search Tool - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\{de1be284-67f6-4b2b-90e0-b38fb4af2ae1}.xpi [2015-01-29]
FF Extension: Mozilla Framework Assistant - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\{e98387f8-e232-4874-9e07-be2d46eddcd5}.xpi [2013-02-22]
FF Extension: GetDislike.com - C:\Program Files\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0} [2011-07-19]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-20]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-16]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-04-27]
FF HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Firefox\Extensions: [{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}] - C:\Program Files\getdislike\getdislike
FF HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2011-07-14]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Online Storage plug-in) - C:\Users\youth\AppData\Roaming\Mozilla\plugins\npoff.dll No File
CHR Plugin: (Workspace Webmail plug-in 1.0.21.46) - C:\Users\youth\AppData\Roaming\Mozilla\plugins\npwbe.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll No File
CHR Profile: C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-03-06]
CHR Extension: (Safe Money) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-08]
CHR Extension: (Content Blocker) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-03-03]
CHR Extension: (Virtual Keyboard) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-03-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Anti-Banner) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-03-06]
CHR HKLM\...\Chrome\Extension: [bkleoojholhbbbpfmfaefpohnhhhjeap] - C:\Program Files\getdislike\chrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\12.2.5.32\avg.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avp; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-15] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-11-29] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4539392 2010-09-18] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [41648 2009-12-02] (ST Microelectronics)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2010-09-18] (Broadcom Corporation)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2015-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2015-01-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2015-01-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-15] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-07-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145224 2015-02-17] (Kaspersky Lab ZAO)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [9472 2009-07-24] (Primax Ltd)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2015-01-09] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-23 20:24 - 2015-04-23 20:25 - 00036013 _____ () C:\Users\youth\Desktop\Addition.txt
2015-04-23 20:23 - 2015-04-23 20:26 - 00029689 _____ () C:\Users\youth\Desktop\FRST.txt
2015-04-23 20:22 - 2015-04-23 20:26 - 00000000 ____D () C:\FRST
2015-04-23 20:22 - 2015-04-23 20:22 - 01139200 _____ (Farbar) C:\Users\youth\Desktop\FRST.exe
2015-04-14 14:50 - 2015-03-22 22:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 14:50 - 2015-03-22 21:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 14:50 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-14 14:50 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 14:50 - 2015-03-17 00:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 14:50 - 2015-03-17 00:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 14:50 - 2015-03-16 23:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 14:50 - 2015-03-16 23:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 14:50 - 2015-03-16 23:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 14:50 - 2015-03-16 23:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 14:50 - 2015-03-16 23:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 14:50 - 2015-03-16 23:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 14:50 - 2015-03-16 23:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 14:50 - 2015-03-03 23:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 14:50 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 14:49 - 2015-04-01 18:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 14:49 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 14:49 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 14:49 - 2015-03-12 22:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 14:49 - 2015-03-12 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 14:49 - 2015-03-12 22:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 14:49 - 2015-03-12 22:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 14:49 - 2015-03-12 22:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 14:49 - 2015-03-12 22:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 14:49 - 2015-03-12 22:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 14:49 - 2015-03-12 22:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 14:49 - 2015-03-12 22:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 14:49 - 2015-03-12 22:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 14:49 - 2015-03-12 22:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 14:49 - 2015-03-12 22:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 14:49 - 2015-03-12 22:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 14:49 - 2015-03-12 22:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 14:49 - 2015-03-12 22:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 14:49 - 2015-03-12 22:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 14:49 - 2015-03-12 22:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 14:49 - 2015-03-12 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 14:49 - 2015-03-12 21:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 14:49 - 2015-03-12 21:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 14:49 - 2015-03-12 21:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 14:49 - 2015-03-12 21:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 14:49 - 2015-03-12 21:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 14:49 - 2015-03-12 21:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 14:49 - 2015-03-12 21:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 14:49 - 2015-03-12 21:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 14:49 - 2015-03-12 21:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 14:49 - 2015-03-12 21:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 14:49 - 2015-03-12 21:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 14:49 - 2015-03-12 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 14:49 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 14:49 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 14:49 - 2015-03-04 23:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 14:49 - 2015-02-24 22:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-12 20:26 - 2015-04-12 20:42 - 00000343 _____ () C:\Users\youth\Desktop\E-S 12U Roster format.csv
2015-04-09 12:08 - 2015-04-12 20:26 - 00017640 _____ () C:\Users\youth\Desktop\E-S 12U Roster format.xlsx
2015-04-07 11:13 - 2015-04-07 11:14 - 00019055 _____ () C:\Users\youth\Desktop\E-S Majors Roster for CVBL.xlsx
2015-04-04 19:16 - 2015-04-04 19:16 - 00000000 ___SD () C:\Windows\system32\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-23 20:25 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\tracing
2015-04-23 20:20 - 2012-08-28 09:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-23 20:12 - 2013-02-23 16:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-23 19:53 - 2013-01-16 17:55 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-23 19:53 - 2010-10-13 14:08 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-23 15:51 - 2009-07-13 23:55 - 01908220 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 14:10 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Baseball_Softball
2015-04-23 12:43 - 2010-10-13 14:08 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 09:29 - 2009-07-13 23:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 09:29 - 2009-07-13 23:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 09:27 - 2010-09-18 18:25 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 09:20 - 2011-09-27 13:25 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-04-23 09:20 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 09:20 - 2009-07-13 23:39 - 00081139 _____ () C:\Windows\setupact.log
2015-04-22 20:13 - 2010-12-31 23:12 - 00000000 ____D () C:\Users\youth\AppData\Local\CutePDF Writer
2015-04-22 13:02 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Football
2015-04-15 13:30 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Administration
2015-04-15 13:25 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2015-04-15 13:23 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 12:23 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 10:22 - 2014-12-11 09:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:22 - 2014-07-08 22:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 01:09 - 2013-07-26 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:01 - 2010-10-12 18:02 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 01:00 - 2010-10-11 15:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-14 23:53 - 2013-01-16 17:57 - 00000000 ____D () C:\Users\youth\Documents\My Scans
2015-04-14 22:37 - 2012-04-02 18:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-14 22:37 - 2011-08-23 09:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-09 14:47 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Soccer
2015-04-07 23:59 - 2014-05-13 08:33 - 00473600 ___SH () C:\Users\youth\Desktop\Thumbs.db
2015-03-28 19:52 - 2012-10-11 20:42 - 00000000 ____D () C:\Program Files\Yahoo!
2015-03-28 19:52 - 2010-10-13 14:07 - 00000000 ____D () C:\Program Files\Google
2015-03-28 19:52 - 2010-09-18 20:16 - 00249240 _____ () C:\Windows\PFRO.log
2015-03-28 11:14 - 2010-10-13 14:08 - 00000000 ____D () C:\Users\youth\AppData\Local\Google
2015-03-28 11:14 - 2010-10-13 14:07 - 00000000 ____D () C:\ProgramData\Google
2015-03-28 11:09 - 2010-09-18 18:34 - 00000000 ____D () C:\Program Files\Creative
2015-03-28 11:09 - 2010-09-18 18:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-28 10:44 - 2013-01-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-28 10:44 - 2013-01-16 17:37 - 00000000 ____D () C:\Program Files\HP
2015-03-28 10:44 - 2013-01-16 17:35 - 00002729 _____ () C:\ProgramData\hpzinstall.log
2015-03-28 10:43 - 2013-07-30 20:17 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2010-11-18 18:02 - 2010-11-18 18:02 - 0038440 _____ () C:\Users\youth\AppData\Roaming\Comma Separated Values (Windows).ADR
2012-01-17 16:08 - 2012-01-17 16:33 - 0005934 _____ () C:\Users\youth\AppData\Roaming\d9bb06c8
2014-04-30 23:14 - 2014-11-12 02:33 - 0000099 _____ () C:\Users\youth\AppData\Roaming\WB.CFG
2012-01-17 16:08 - 2012-01-17 16:33 - 0005986 _____ () C:\Users\youth\AppData\Local\c04aab88
2011-01-06 23:01 - 2014-04-13 20:26 - 0018944 _____ () C:\Users\youth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-22 01:01 - 2013-02-22 01:25 - 0006527 _____ () C:\Users\youth\AppData\Local\e98387f8-e232-4874-9e07-be2d46eddcd5.crx
2011-07-19 22:37 - 2011-07-19 22:37 - 0004096 ____H () C:\Users\youth\AppData\Local\keyfile3.drm
2010-11-11 15:14 - 2013-02-09 11:16 - 0007593 _____ () C:\Users\youth\AppData\Local\Resmon.ResmonCfg
2013-02-23 16:49 - 2013-02-23 16:49 - 0017408 _____ () C:\Users\youth\AppData\Local\WebpageIcons.db
2012-01-22 21:30 - 2012-01-22 21:30 - 0000000 _____ () C:\Users\youth\AppData\Local\{1C8E8ABE-A1C0-4DFF-B0F6-E37AF4610134}
2010-10-13 17:42 - 2014-02-07 09:47 - 0000168 __RSH () C:\ProgramData\522410D066.sys
2012-01-17 16:08 - 2012-01-17 16:33 - 0005943 _____ () C:\ProgramData\70450d60
2013-01-16 17:35 - 2015-03-28 10:44 - 0002729 _____ () C:\ProgramData\hpzinstall.log
2010-10-13 17:42 - 2014-02-07 09:47 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3619502975-363000331-2560232528-1000\$1a605c4fea5404b64f56f2133257c1f6
Files to move or delete:
====================
C:\Users\youth\jagex_cl_runescape_LIVE.dat
C:\Users\youth\jagex_runescape_preferences.dat
C:\Users\youth\jagex_runescape_preferences2.dat
C:\Users\youth\msvcr71.dll
C:\Users\youth\setup_aascommoncontrols.exe
Some content of TEMP:
====================
C:\Users\youth\AppData\Local\Temp\APNSetup.exe
C:\Users\youth\AppData\Local\Temp\avguidx.dll
C:\Users\youth\AppData\Local\Temp\BackupSetup.exe
C:\Users\youth\AppData\Local\Temp\CommonInstaller.exe
C:\Users\youth\AppData\Local\Temp\install_flashplayer17x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\youth\AppData\Local\Temp\jna3335300963533812730.dll
C:\Users\youth\AppData\Local\Temp\jna5601508395992441490.dll
C:\Users\youth\AppData\Local\Temp\lowproc.exe
C:\Users\youth\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\youth\AppData\Local\Temp\nsc108D.exe
C:\Users\youth\AppData\Local\Temp\nscCD50.exe
C:\Users\youth\AppData\Local\Temp\nscD2B2.exe
C:\Users\youth\AppData\Local\Temp\nse8914.exe
C:\Users\youth\AppData\Local\Temp\nseD76F.exe
C:\Users\youth\AppData\Local\Temp\nsjC017.exe
C:\Users\youth\AppData\Local\Temp\nsjEF05.exe
C:\Users\youth\AppData\Local\Temp\nsk6FE9.exe
C:\Users\youth\AppData\Local\Temp\nspA4C0.exe
C:\Users\youth\AppData\Local\Temp\nsr345D.exe
C:\Users\youth\AppData\Local\Temp\nsr878C.exe
C:\Users\youth\AppData\Local\Temp\nsrC567.exe
C:\Users\youth\AppData\Local\Temp\nsx8666.exe
C:\Users\youth\AppData\Local\Temp\oi_{85F4DEDE-8CD0-4B4C-9B34-4DB20199BA57}.exe
C:\Users\youth\AppData\Local\Temp\RDVAlert.exe
C:\Users\youth\AppData\Local\Temp\SCC.dll
C:\Users\youth\AppData\Local\Temp\stubhelper.dll
C:\Users\youth\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\youth\AppData\Local\Temp\uninst1.exe
C:\Users\youth\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\youth\AppData\Local\Temp\{8300BA8A-5080-44DC-984B-743CBE2FC1F1}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 07:41
==================== End Of Log ============================
Ran by youth (administrator) on YOUTH-PC on 23-04-2015 20:25:58
Running from C:\Users\youth\Desktop
Loaded Profiles: youth (Available profiles: youth)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\stacsv.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\youth\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(My Weather) C:\Program Files\desktop weather\desktopweather_2456554.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\youth\AppData\Local\Akamai\netsession_win.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1602856 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-04-06] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3873648 2010-01-15] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5249024 2010-09-18] (Dell Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM\...\Run: [QuickFinder Scheduler] => c:\Program Files\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [136600 2010-03-11] (Corel Corporation)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-15] (Kaspersky Lab ZAO)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Run: [Akamai NetSession Interface] => C:\Users\youth\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: D - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {04730691-1e15-11e3-8602-f04da29296b5} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {04f2721b-ed7e-11e2-a448-f04da29296b5} - D:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {403ca24a-7e90-11e3-b80f-f04da29296b5} - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {d42b1ffd-e63d-11e0-9820-f04da29296b5} - F:\setup.exe -a
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\MountPoints2: {f86e359d-c5d5-11e0-aca1-f04da29296b5} - E:\TL-Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-01-16]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\youth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop weather.lnk [2010-10-27]
ShortcutTarget: desktop weather.lnk -> C:\Program Files\desktop weather\desktopweather_2456554.exe (My Weather)
Startup: C:\Users\youth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-10-07]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-01-09] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-3619502975-363000331-2560232528-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {74CDA376-141C-4F67-BF78-DA975E80060B} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?c...pn_sauid=7BAD692D-4531-48D4-8148-EC3F7F7CB094
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {36D9B682-5384-4EE5-A74C-F8EA40FE0C7F} URL = http://www.mysearchresults.com/search?&c=2641&t=03&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {4C6B7B63-B86D-4D2C-B0DC-122A75C0899A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {4CA07D0E-AFFF-4231-AE51-62BF09AD55AC} URL = http://search.yahoo.com/search?p={s...e=W3i_DS,136,0_0,Search,20121041,17841,0,18,0
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {6819D6AA-2614-4228-BBA4-84182B7A981D} URL = http://search.avg.com/route/?d=4cb3...e&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {74CDA376-141C-4F67-BF78-DA975E80060B} URL =
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid=...2056f47c9bf&lang=en&ds=AVG&pr=pr&d=2012-07-29 21:38:38&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
SearchScopes: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80677&lng=en
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: GetDislike.BHO -> {2c28e48b-1d93-3aa7-8b5f-82576c04a7bb} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2015-01-09] (Kaspersky Lab ZAO)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
Toolbar: HKU\S-1-5-21-3619502975-363000331-2560232528-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-07-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 208.67.222.222
FireFox:
========
FF ProfilePath: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default
FF DefaultSearchEngine: Yahoo US
FF SelectedSearchEngine: Yahoo US
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-07-14] ()
FF Plugin: @funwebproducts.com/Plugin -> C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\user.js [2014-11-30]
FF SearchPlugin: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\searchplugins\inbox-search.xml [2012-04-30]
FF SearchPlugin: C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\searchplugins\mywebsearch.xml [2011-05-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-09-03]
FF Extension: Plus-HD-1.2 C - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\dad2ada441be422fac3577@d1e84d4570e6419885b2032.com [2015-03-03]
FF Extension: Default Manager - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\DefaultManager@Microsoft [2013-08-19]
FF Extension: WordExtra - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\korey@markus.me [2013-12-23]
FF Extension: Search Tool - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\{de1be284-67f6-4b2b-90e0-b38fb4af2ae1}.xpi [2015-01-29]
FF Extension: Mozilla Framework Assistant - C:\Users\youth\AppData\Roaming\Mozilla\Firefox\Profiles\wygetq8q.default\Extensions\{e98387f8-e232-4874-9e07-be2d46eddcd5}.xpi [2013-02-22]
FF Extension: GetDislike.com - C:\Program Files\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0} [2011-07-19]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-20]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-16]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-04-27]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-04-27]
FF HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Firefox\Extensions: [{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}] - C:\Program Files\getdislike\getdislike
FF HKU\S-1-5-21-3619502975-363000331-2560232528-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2011-07-14]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Online Storage plug-in) - C:\Users\youth\AppData\Roaming\Mozilla\plugins\npoff.dll No File
CHR Plugin: (Workspace Webmail plug-in 1.0.21.46) - C:\Users\youth\AppData\Roaming\Mozilla\plugins\npwbe.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll No File
CHR Profile: C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-03-06]
CHR Extension: (Safe Money) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-08]
CHR Extension: (Content Blocker) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-03-03]
CHR Extension: (Virtual Keyboard) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-03-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Anti-Banner) - C:\Users\youth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-03-06]
CHR HKLM\...\Chrome\Extension: [bkleoojholhbbbpfmfaefpohnhhhjeap] - C:\Program Files\getdislike\chrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2012-12-28]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\12.2.5.32\avg.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avp; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-15] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-11-29] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4539392 2010-09-18] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [41648 2009-12-02] (ST Microelectronics)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2010-09-18] (Broadcom Corporation)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2015-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2015-01-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2015-01-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-15] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-07-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145224 2015-02-17] (Kaspersky Lab ZAO)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [9472 2009-07-24] (Primax Ltd)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2015-01-09] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-23 20:24 - 2015-04-23 20:25 - 00036013 _____ () C:\Users\youth\Desktop\Addition.txt
2015-04-23 20:23 - 2015-04-23 20:26 - 00029689 _____ () C:\Users\youth\Desktop\FRST.txt
2015-04-23 20:22 - 2015-04-23 20:26 - 00000000 ____D () C:\FRST
2015-04-23 20:22 - 2015-04-23 20:22 - 01139200 _____ (Farbar) C:\Users\youth\Desktop\FRST.exe
2015-04-14 14:50 - 2015-03-22 22:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 14:50 - 2015-03-22 22:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 14:50 - 2015-03-22 21:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 14:50 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-14 14:50 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 14:50 - 2015-03-17 00:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 14:50 - 2015-03-17 00:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 14:50 - 2015-03-16 23:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 14:50 - 2015-03-16 23:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 14:50 - 2015-03-16 23:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 14:50 - 2015-03-16 23:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 14:50 - 2015-03-16 23:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 14:50 - 2015-03-16 23:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 14:50 - 2015-03-16 23:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 14:50 - 2015-03-16 23:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 14:50 - 2015-03-16 23:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 14:50 - 2015-03-03 23:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 14:50 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 14:49 - 2015-04-01 18:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 14:49 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 14:49 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 14:49 - 2015-03-24 22:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 14:49 - 2015-03-12 22:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 14:49 - 2015-03-12 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 14:49 - 2015-03-12 22:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 14:49 - 2015-03-12 22:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 14:49 - 2015-03-12 22:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 14:49 - 2015-03-12 22:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 14:49 - 2015-03-12 22:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 14:49 - 2015-03-12 22:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 14:49 - 2015-03-12 22:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 14:49 - 2015-03-12 22:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 14:49 - 2015-03-12 22:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 14:49 - 2015-03-12 22:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 14:49 - 2015-03-12 22:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 14:49 - 2015-03-12 22:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 14:49 - 2015-03-12 22:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 14:49 - 2015-03-12 22:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 14:49 - 2015-03-12 22:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 14:49 - 2015-03-12 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 14:49 - 2015-03-12 21:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 14:49 - 2015-03-12 21:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 14:49 - 2015-03-12 21:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 14:49 - 2015-03-12 21:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 14:49 - 2015-03-12 21:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 14:49 - 2015-03-12 21:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 14:49 - 2015-03-12 21:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 14:49 - 2015-03-12 21:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 14:49 - 2015-03-12 21:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 14:49 - 2015-03-12 21:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 14:49 - 2015-03-12 21:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 14:49 - 2015-03-12 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 14:49 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 14:49 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 14:49 - 2015-03-04 23:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 14:49 - 2015-02-24 22:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-12 20:26 - 2015-04-12 20:42 - 00000343 _____ () C:\Users\youth\Desktop\E-S 12U Roster format.csv
2015-04-09 12:08 - 2015-04-12 20:26 - 00017640 _____ () C:\Users\youth\Desktop\E-S 12U Roster format.xlsx
2015-04-07 11:13 - 2015-04-07 11:14 - 00019055 _____ () C:\Users\youth\Desktop\E-S Majors Roster for CVBL.xlsx
2015-04-04 19:16 - 2015-04-04 19:16 - 00000000 ___SD () C:\Windows\system32\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-23 20:25 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\tracing
2015-04-23 20:20 - 2012-08-28 09:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-23 20:12 - 2013-02-23 16:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-23 19:53 - 2013-01-16 17:55 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-23 19:53 - 2010-10-13 14:08 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-23 15:51 - 2009-07-13 23:55 - 01908220 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 14:10 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Baseball_Softball
2015-04-23 12:43 - 2010-10-13 14:08 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 09:29 - 2009-07-13 23:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 09:29 - 2009-07-13 23:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 09:27 - 2010-09-18 18:25 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 09:20 - 2011-09-27 13:25 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-04-23 09:20 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 09:20 - 2009-07-13 23:39 - 00081139 _____ () C:\Windows\setupact.log
2015-04-22 20:13 - 2010-12-31 23:12 - 00000000 ____D () C:\Users\youth\AppData\Local\CutePDF Writer
2015-04-22 13:02 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Football
2015-04-15 13:30 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Administration
2015-04-15 13:25 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2015-04-15 13:23 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 12:23 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 10:22 - 2014-12-11 09:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:22 - 2014-07-08 22:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 01:09 - 2013-07-26 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:01 - 2010-10-12 18:02 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 01:00 - 2010-10-11 15:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-14 23:53 - 2013-01-16 17:57 - 00000000 ____D () C:\Users\youth\Documents\My Scans
2015-04-14 22:37 - 2012-04-02 18:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-14 22:37 - 2011-08-23 09:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-09 14:47 - 2010-10-13 22:55 - 00000000 ____D () C:\Users\youth\Documents\ESYA Soccer
2015-04-07 23:59 - 2014-05-13 08:33 - 00473600 ___SH () C:\Users\youth\Desktop\Thumbs.db
2015-03-28 19:52 - 2012-10-11 20:42 - 00000000 ____D () C:\Program Files\Yahoo!
2015-03-28 19:52 - 2010-10-13 14:07 - 00000000 ____D () C:\Program Files\Google
2015-03-28 19:52 - 2010-09-18 20:16 - 00249240 _____ () C:\Windows\PFRO.log
2015-03-28 11:14 - 2010-10-13 14:08 - 00000000 ____D () C:\Users\youth\AppData\Local\Google
2015-03-28 11:14 - 2010-10-13 14:07 - 00000000 ____D () C:\ProgramData\Google
2015-03-28 11:09 - 2010-09-18 18:34 - 00000000 ____D () C:\Program Files\Creative
2015-03-28 11:09 - 2010-09-18 18:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-28 10:44 - 2013-01-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-28 10:44 - 2013-01-16 17:37 - 00000000 ____D () C:\Program Files\HP
2015-03-28 10:44 - 2013-01-16 17:35 - 00002729 _____ () C:\ProgramData\hpzinstall.log
2015-03-28 10:43 - 2013-07-30 20:17 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2010-11-18 18:02 - 2010-11-18 18:02 - 0038440 _____ () C:\Users\youth\AppData\Roaming\Comma Separated Values (Windows).ADR
2012-01-17 16:08 - 2012-01-17 16:33 - 0005934 _____ () C:\Users\youth\AppData\Roaming\d9bb06c8
2014-04-30 23:14 - 2014-11-12 02:33 - 0000099 _____ () C:\Users\youth\AppData\Roaming\WB.CFG
2012-01-17 16:08 - 2012-01-17 16:33 - 0005986 _____ () C:\Users\youth\AppData\Local\c04aab88
2011-01-06 23:01 - 2014-04-13 20:26 - 0018944 _____ () C:\Users\youth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-22 01:01 - 2013-02-22 01:25 - 0006527 _____ () C:\Users\youth\AppData\Local\e98387f8-e232-4874-9e07-be2d46eddcd5.crx
2011-07-19 22:37 - 2011-07-19 22:37 - 0004096 ____H () C:\Users\youth\AppData\Local\keyfile3.drm
2010-11-11 15:14 - 2013-02-09 11:16 - 0007593 _____ () C:\Users\youth\AppData\Local\Resmon.ResmonCfg
2013-02-23 16:49 - 2013-02-23 16:49 - 0017408 _____ () C:\Users\youth\AppData\Local\WebpageIcons.db
2012-01-22 21:30 - 2012-01-22 21:30 - 0000000 _____ () C:\Users\youth\AppData\Local\{1C8E8ABE-A1C0-4DFF-B0F6-E37AF4610134}
2010-10-13 17:42 - 2014-02-07 09:47 - 0000168 __RSH () C:\ProgramData\522410D066.sys
2012-01-17 16:08 - 2012-01-17 16:33 - 0005943 _____ () C:\ProgramData\70450d60
2013-01-16 17:35 - 2015-03-28 10:44 - 0002729 _____ () C:\ProgramData\hpzinstall.log
2010-10-13 17:42 - 2014-02-07 09:47 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3619502975-363000331-2560232528-1000\$1a605c4fea5404b64f56f2133257c1f6
Files to move or delete:
====================
C:\Users\youth\jagex_cl_runescape_LIVE.dat
C:\Users\youth\jagex_runescape_preferences.dat
C:\Users\youth\jagex_runescape_preferences2.dat
C:\Users\youth\msvcr71.dll
C:\Users\youth\setup_aascommoncontrols.exe
Some content of TEMP:
====================
C:\Users\youth\AppData\Local\Temp\APNSetup.exe
C:\Users\youth\AppData\Local\Temp\avguidx.dll
C:\Users\youth\AppData\Local\Temp\BackupSetup.exe
C:\Users\youth\AppData\Local\Temp\CommonInstaller.exe
C:\Users\youth\AppData\Local\Temp\install_flashplayer17x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\youth\AppData\Local\Temp\jna3335300963533812730.dll
C:\Users\youth\AppData\Local\Temp\jna5601508395992441490.dll
C:\Users\youth\AppData\Local\Temp\lowproc.exe
C:\Users\youth\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\youth\AppData\Local\Temp\nsc108D.exe
C:\Users\youth\AppData\Local\Temp\nscCD50.exe
C:\Users\youth\AppData\Local\Temp\nscD2B2.exe
C:\Users\youth\AppData\Local\Temp\nse8914.exe
C:\Users\youth\AppData\Local\Temp\nseD76F.exe
C:\Users\youth\AppData\Local\Temp\nsjC017.exe
C:\Users\youth\AppData\Local\Temp\nsjEF05.exe
C:\Users\youth\AppData\Local\Temp\nsk6FE9.exe
C:\Users\youth\AppData\Local\Temp\nspA4C0.exe
C:\Users\youth\AppData\Local\Temp\nsr345D.exe
C:\Users\youth\AppData\Local\Temp\nsr878C.exe
C:\Users\youth\AppData\Local\Temp\nsrC567.exe
C:\Users\youth\AppData\Local\Temp\nsx8666.exe
C:\Users\youth\AppData\Local\Temp\oi_{85F4DEDE-8CD0-4B4C-9B34-4DB20199BA57}.exe
C:\Users\youth\AppData\Local\Temp\RDVAlert.exe
C:\Users\youth\AppData\Local\Temp\SCC.dll
C:\Users\youth\AppData\Local\Temp\stubhelper.dll
C:\Users\youth\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\youth\AppData\Local\Temp\uninst1.exe
C:\Users\youth\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\youth\AppData\Local\Temp\{8300BA8A-5080-44DC-984B-743CBE2FC1F1}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 07:41
==================== End Of Log ============================