TechSpot

Internet connectivity issue after malware removal

By Reeves1
Oct 18, 2014
  1. After I removed some malware from a fake Adobe update, my computer will not connect to any network. First my browsers both Crome and IE tell me they cannot connect to the proxy. After I disable that I get a message from Crome:
    DNS_PROBE_FINISHED_NO_INTERNET.

    I've ran mbam, FSS, mini toolbox. Here are the reports.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 10/17/2014
    Scan Time: 6:48:50 PM
    Logfile: Malware Report.txt
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.09.19.05
    Rootkit Database: v2014.09.18.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Reeves Resources

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 352188
    Time Elapsed: 19 min, 6 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Farbar Service Scanner Version: 21-07-2014

    Ran by Reeves Resources (administrator) on 17-10-2014 at 18:46:12

    Running from "G:\MalwareBytes"

    Microsoft Windows 7 Home Premium Service Pack 1 (X64)

    Boot Mode: Normal

    ****************************************************************



    Internet Services:

    ============



    Connection Status:

    ==============

    Localhost is accessible.

    LAN connected.

    Google IP is accessible.

    Attempt to access Google.com returned error: Google.com is unreachable

    Attempt to access Yahoo.com returned error: Yahoo.com is unreachable





    Windows Firewall:

    =============



    Firewall Disabled Policy:

    ==================





    System Restore:

    ============



    System Restore Disabled Policy:

    ========================





    Action Center:

    ============





    Windows Update:

    ============



    Windows Autoupdate Disabled Policy:

    ============================





    Windows Defender:

    ==============



    Other Services:

    ==============





    File Check:

    ========

    C:\Windows\System32\nsisvc.dll => File is digitally signed

    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

    C:\Windows\System32\dhcpcore.dll => File is digitally signed

    C:\Windows\System32\drivers\afd.sys => File is digitally signed

    C:\Windows\System32\drivers\tdx.sys => File is digitally signed

    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

    C:\Windows\System32\dnsrslvr.dll => File is digitally signed

    C:\Windows\System32\mpssvc.dll => File is digitally signed

    C:\Windows\System32\bfe.dll => File is digitally signed

    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

    C:\Windows\System32\SDRSVC.dll => File is digitally signed

    C:\Windows\System32\vssvc.exe => File is digitally signed

    C:\Windows\System32\wscsvc.dll => File is digitally signed

    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

    C:\Windows\System32\wuaueng.dll => File is digitally signed

    C:\Windows\System32\qmgr.dll => File is digitally signed

    C:\Windows\System32\es.dll => File is digitally signed

    C:\Windows\System32\cryptsvc.dll => File is digitally signed

    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

    C:\Windows\System32\ipnathlp.dll => File is digitally signed

    C:\Windows\System32\iphlpsvc.dll => File is digitally signed

    C:\Windows\System32\svchost.exe => File is digitally signed

    C:\Windows\System32\rpcss.dll => File is digitally signed





    **** End of log ****







    MiniToolBox by Farbar Version: 21-07-2014

    Ran by Reeves Resources (administrator) on 17-10-2014 at 18:42:45

    Running from "G:\MalwareBytes"

    Microsoft Windows 7 Home Premium Service Pack 1 (X64)

    Boot Mode: Normal

    ***************************************************************************



    ========================= Flush DNS: ===================================



    Windows IP Configuration



    Successfully flushed the DNS Resolver Cache.



    ========================= IE Proxy Settings: ==============================



    Proxy is not enabled.

    ProxyServer: http=127.0.0.1:63264;https=127.0.0.1:63264



    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= Hosts content: =================================







    ========================= IP Configuration: ================================



    Intel(R) WiFi Link 1000 BGN = Wireless Network Connection (Connected)

    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

    MAC Bridge Miniport = Network Bridge (Media disconnected)





    # ----------------------------------

    # IPv4 Configuration

    # ----------------------------------

    pushd interface ipv4



    reset

    set global icmpredirects=enabled

    setsubinterface interface=?(subinterface=ethernet_9 mtu=1477





    popd

    # End of IPv4 configuration







    Windows IP Configuration



    Host Name . . . . . . . . . . . . : ReevesResources

    Primary Dns Suffix . . . . . . . :

    Node Type . . . . . . . . . . . . : Broadcast

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No



    Ethernet adapter Network Bridge:



    Media State . . . . . . . . . . . : Media disconnected

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : MAC Bridge Miniport

    Physical Address. . . . . . . . . : 1E-C1-DE-A6-58-A2

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes



    Wireless LAN adapter Wireless Network Connection 3:



    Media State . . . . . . . . . . . : Media disconnected

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2

    Physical Address. . . . . . . . . : 00-26-C7-8E-A4-3B

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes



    Wireless LAN adapter Wireless Network Connection 2:



    Media State . . . . . . . . . . . : Media disconnected

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

    Physical Address. . . . . . . . . : 00-26-C7-8E-A4-3B

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes



    Wireless LAN adapter Wireless Network Connection:



    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Intel(R) WiFi Link 1000 BGN

    Physical Address. . . . . . . . . : 00-26-C7-8E-A4-3A

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    Link-local IPv6 Address . . . . . : fe80::d8b:af97:d3bf:5f04%13(Preferred)

    IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Lease Obtained. . . . . . . . . . : Friday, October 17, 2014 6:19:11 PM

    Lease Expires . . . . . . . . . . : Saturday, October 18, 2014 6:19:11 PM

    Default Gateway . . . . . . . . . : 10.0.0.1

    DHCP Server . . . . . . . . . . . : 10.0.0.1

    DHCPv6 IAID . . . . . . . . . . . : 268445383

    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-22-80-F1-1C-C1-DE-A6-58-A2

    DNS Servers . . . . . . . . . . . : 8.8.8.8

    8.8.8.9

    NetBIOS over Tcpip. . . . . . . . : Enabled



    Ethernet adapter Bluetooth Network Connection:



    Media State . . . . . . . . . . . : Media disconnected

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)

    Physical Address. . . . . . . . . : 70-F3-95-98-55-5B

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    Server: UnKnown

    Address: 8.8.8.8



    Ping request could not find host google.com. Please check the name and try again.

    Server: UnKnown

    Address: 8.8.8.8



    Ping request could not find host yahoo.com. Please check the name and try again.



    Pinging with 32 bytes of data:

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



    Ping statistics for ��O_����o:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

    Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    ===========================================================================

    Interface List

    17...1e c1 de a6 58 a2 ......MAC Bridge Miniport

    15...00 26 c7 8e a4 3b ......Microsoft Virtual WiFi Miniport Adapter #2

    14...00 26 c7 8e a4 3b ......Microsoft Virtual WiFi Miniport Adapter

    13...00 26 c7 8e a4 3a ......Intel(R) WiFi Link 1000 BGN

    11...70 f3 95 98 55 5b ......Bluetooth Device (Personal Area Network)

    1...........................Software Loopback Interface 1

    ===========================================================================



    IPv4 Route Table

    ===========================================================================

    Active Routes:

    Network Destination Netmask Gateway Interface Metric

    0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 25

    10.0.0.0 255.255.255.0 On-link 10.0.0.5 281

    10.0.0.5 255.255.255.255 On-link 10.0.0.5 281

    10.0.0.255 255.255.255.255 On-link 10.0.0.5 281

    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

    224.0.0.0 240.0.0.0 On-link 10.0.0.5 281

    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

    255.255.255.255 255.255.255.255 On-link 10.0.0.5 281

    ===========================================================================

    Persistent Routes:

    None



    IPv6 Route Table

    ===========================================================================

    Active Routes:

    If Metric Network Destination Gateway

    1 306 ::1/128 On-link

    13 281 fe80::/64 On-link

    13 281 fe80::d8b:af97:d3bf:5f04/128

    On-link

    1 306 ff00::/8 On-link

    13 281 ff00::/8 On-link

    ===========================================================================

    Persistent Routes:

    None

    ========================= Winsock entries =====================================



    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

    Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)

    Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

    Catalog9 01 C:\Windows\system32\MyOSProtect.dll [File not found] ()

    Catalog9 02 C:\Windows\system32\MyOSProtect.dll [File not found] ()

    Catalog9 03 C:\Windows\system32\MyOSProtect.dll [File not found] ()

    Catalog9 04 C:\Windows\system32\MyOSProtect.dll [File not found] ()

    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

    Catalog9 16 C:\Windows\system32\MyOSProtect.dll [File not found] ()

    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

    x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)

    x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)



    ========================= Event log errors: ===============================



    Application errors:

    ==================

    Error: (10/17/2014 06:26:46 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.



    Error: (10/17/2014 06:26:46 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCountervalue is the second DWORD in the Data section, and LastHelpvalue is the third DWORD in the Data section.



    Error: (10/17/2014 06:24:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.



    Error: (10/17/2014 06:24:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCountervalue is the second DWORD in the Data section, and LastHelpvalue is the third DWORD in the Data section.



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks) (User: )

    Description: An unexpected error has occured in "QuickBooks":Returning NULL QBWinInstance Handle



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks) (User: )

    Description: An unexpected error has occured in "QuickBooks":Returning NULL QBWinInstance Handle



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks) (User: )

    Description: An unexpected error has occured in "QuickBooks":Returning NULL QBWinInstance Handle



    Error: (10/17/2014 05:53:18 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.



    Error: (10/17/2014 05:53:18 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCountervalue is the second DWORD in the Data section, and LastHelpvalue is the third DWORD in the Data section.



    Error: (10/17/2014 05:01:46 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.





    System errors:

    =============

    Error: (10/17/2014 06:20:07 PM) (Source: DCOM) (User: NT AUTHORITY)

    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)



    Error: (10/17/2014 06:20:06 PM) (Source: DCOM) (User: NT AUTHORITY)

    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)



    Error: (10/17/2014 06:17:44 PM) (Source: DCOM) (User: )

    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}



    Error: (10/17/2014 05:33:02 PM) (Source: Service Control Manager) (User: )

    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.



    Error: (10/17/2014 05:32:31 PM) (Source: Service Control Manager) (User: )

    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.



    Error: (10/17/2014 05:32:01 PM) (Source: Service Control Manager) (User: )

    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MOBKbackupservice.



    Error: (10/17/2014 04:58:15 PM) (Source: DCOM) (User: NT AUTHORITY)

    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)



    Error: (10/17/2014 04:58:14 PM) (Source: DCOM) (User: NT AUTHORITY)

    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)



    Error: (10/17/2014 04:57:58 PM) (Source: Service Control Manager) (User: )

    Description: The HP Software Framework Service service failed to start due to the following error:

    %%1053



    Error: (10/17/2014 04:57:58 PM) (Source: Service Control Manager) (User: )

    Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.





    Microsoft Office Sessions:

    =========================

    Error: (10/17/2014 06:26:46 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: WmiApRplWmiApRpl8F20300004D070000



    Error: (10/17/2014 06:26:46 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: Performance1637070000000000000000000009030000



    Error: (10/17/2014 06:24:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: WmiApRplWmiApRpl8F20300004D070000



    Error: (10/17/2014 06:24:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: Performance1637070000000000000000000009030000



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks)(User: )

    Description: QuickBooksReturning NULL QBWinInstanceHandle



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks)(User: )

    Description: QuickBooksReturning NULL QBWinInstanceHandle



    Error: (10/17/2014 06:19:39 PM) (Source: QuickBooks)(User: )

    Description: QuickBooksReturning NULL QBWinInstanceHandle



    Error: (10/17/2014 05:53:18 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: WmiApRplWmiApRpl8F20300004D070000



    Error: (10/17/2014 05:53:18 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: Performance1637070000000000000000000009030000



    Error: (10/17/2014 05:01:46 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

    Description: WmiApRplWmiApRpl8F20300004D070000





    CodeIntegrity Errors:

    ===================================

    Date: 2014-10-09 23:56:50.470

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.



    Date: 2014-10-09 23:56:49.993

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.



    Date: 2014-10-09 23:56:49.500

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.



    Date: 2014-10-09 01:28:21.494

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.



    Date: 2014-10-09 01:28:21.026

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.



    Date: 2014-10-09 01:28:20.527

    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.







    =========================== Installed Programs ============================

    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden

    6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)

    Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden

    Adobe Reader 9.4.7 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.4.7 - Adobe Systems Incorporated)

    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)

    Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)

    Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden

    BioExcess (Version: 7.0.33.0 - Egis Technology Inc.) Hidden

    bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

    BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden

    Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )

    Canon MX350 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series) (Version: - )

    Canon MX350 series User Registration (HKLM-x32\...\Canon MX350 series User Registration) (Version: - )

    Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )

    Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )

    Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )

    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)

    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden

    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden

    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden

    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)

    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden

    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

    Google SketchUp 8 (HKLM-x32\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)

    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

    Hondata s300 ECU Editor (HKLM-x32\...\Hondata s300 ECU Editor_is1) (Version: - Hondata, Inc.)

    HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)

    HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden

    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

    HP Documentation (HKLM-x32\...\{F3DE25BA-16EA-42A5-BC92-786BECBE5CE4}) (Version: 1.1.1.0 - Hewlett-Packard)

    HP Games (HKLM-x32\...\WildTangenthp Master Uninstall) (Version: 1.0.1.3 - WildTangent)

    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)

    HP MediaSmartCinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)

    HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)

    HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden

    HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)

    HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)

    HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden

    HP MediaSmartSmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)

    HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)

    HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden

    HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)

    HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard) Hidden

    HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)

    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)

    HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)

    HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)

    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)

    HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.33.0 - Egis Technology Inc.)

    HP SimplePass Identity Protection (x32 Version: 7.0.33.0 - Egis Technology Inc.) Hidden

    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)

    HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)

    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)

    HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)

    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)

    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

    Intel PROSet Wireless (Version: - ) Hidden

    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)

    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)

    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

    Intel(R) Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)

    Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)

    McAfee Online Backup (Version: 2.26.1.386 - McAfee, Inc.) Hidden

    McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden

    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)

    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)

    Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE})(Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden

    MotoConnect (HKLM-x32\...\{1C643154-0ADF-4B4C-AF17-E315C946A54B}) (Version: 1.1.30 - Motorola)

    MotoHelperMergeModules (x32 Version: 1.2.0 - Motorola) Hidden

    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

    Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

    Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)

    PANTECH USB Modem V2 (HKLM\...\{1C336D20-A089-4818-9C56-96AD81BF5A11}) (Version: 1.2.4151.1109 - PANTECH CO.,LTD)

    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    QuickBooks (x32 Version: 21.0.4005.904 - Intuit Inc.) Hidden

    QuickBooks Premier Edition 2011 (HKLM-x32\...\{11E0AC7D-6824-4F67-865F-EE1C13D28C38}) (Version: 21.0.4005.904 - Intuit Inc.)

    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.25.824.2010 - Realtek)

    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden

    Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden

    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden

    SmartDraw 2012 (HKLM-x32\...\SmartDraw 2012) (Version: - SmartDraw.com)

    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden

    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden

    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden

    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)

    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden

    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden

    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)

    Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)

    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)

    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)

    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)

    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)

    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)

    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)

    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)

    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)

    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)

    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)

    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)

    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)

    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)

    Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)

    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden

    Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

    Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

    Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

    Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden



    ========================= Devices: ================================



    Name: Teredo Tunneling Pseudo-Interface

    Description: Microsoft Teredo Tunneling Adapter

    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

    Manufacturer: Microsoft

    Service: tunnel

    Problem: : This device cannot start. (Code10)

    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.





    ========================= Memory info: ===================================



    Percentage of memory in use: 43%

    Total physical RAM: 3893.86 MB

    Available physical RAM: 2193.79 MB

    Total Pagefile: 7785.9 MB

    Available Pagefile: 5528.76 MB

    Total Virtual: 4095.88 MB

    Available Virtual: 3981.31 MB



    ========================= Partitions: =====================================



    1 Drive c: () (Fixed) (Total:442.32 GB) (Free:283.14 GB) NTFS

    2 Drive d: (RECOVERY) (Fixed) (Total:23.15 GB) (Free:2.77 GB) NTFS

    4 Drive f: () (Removable) (Total:29.71 GB) (Free:23.57 GB) FAT32

    5 Drive g: (USB20FD) (Removable) (Total:1.88 GB) (Free:1.39 GB) FAT



    ========================= Users: ========================================



    User accounts for \\REEVESRESOURCES



    Administrator Guest Reeves Resources



    ========================= Minidump Files ==================================



    No minidump file found



    ========================= Restore Points ==================================



    02-09-2014 13:07:55 Windows Update

    09-09-2014 11:25:52 Windows Update

    11-09-2014 12:02:52 Windows Update

    16-09-2014 12:07:08 Windows Update

    22-09-2014 11:21:26 Windows Update

    25-09-2014 11:12:35 Windows Update

    01-10-2014 11:52:56 Windows Update

    02-10-2014 18:55:15 Windows Update

    07-10-2014 11:24:13 Windows Update

    15-10-2014 04:00:02 Scheduled Checkpoint

    15-10-2014 04:26:15 Windows Update

    15-10-2014 07:00:41 Windows Update

    17-10-2014 13:31:22 Restore Operation

    **** End of log ****
     
  2. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.


    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ======================================

    Please open all logs in Notepad instead of Wordpad because Wordpad creates double spaces making pasted logs very long.
     
  3. Reeves1

    Reeves1 TS Rookie Topic Starter

    I already ran Malware bytes and posted the report.
    I will attach again.

    I cannot DL DDS, the link wont work and the second one is in a different language.

    Someone messaged me and told me to login as admin, get a command prompt and enter
    netsh winsock reset.

    This worked for about an hour and kicked me off again.

    This is where I am.
     

    Attached Files:

  4. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Please observe forum rules...all logs have to pasted not attached.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [​IMG] Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
     
  5. Reeves1

    Reeves1 TS Rookie Topic Starter

    RogueKiller V10.0.2.0 [Oct 16 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Reeves Resources [Administrator]
    Mode : Delete -- Date : 10/18/2014 15:49:25

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 6 ¤¤¤
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-718789289-862937527-1542724854-1000\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Not selected
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-718789289-862937527-1542724854-1000\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Not selected
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

    ¤¤¤ Tasks : 4 ¤¤¤
    [Suspicious.Path] \\{01DD103B-2773-400E-B456-D5842E621679} -- C:\Users\Reeves Resources\Desktop\hidemyipaddress_dl.exe -> Deleted
    [Suspicious.Path] \\{9D77B18F-2333-4F74-9337-64AFBBA34F52} -- C:\Users\Reeves Resources\Desktop\hidemyipaddress_dl.exe -> Deleted
    [Suspicious.Path] \\{E8E47654-809D-4B19-BCB2-C8160D6A00B0} -- C:\Users\Reeves Resources\Desktop\hidemyipaddress_dl.exe -> Deleted
    [Suspicious.Path] \\{F92468FB-D029-486E-8E38-E0550EAFE7AE} -- C:\Users\Reeves Resources\Desktop\hidemyipaddress_dl.exe -> Deleted

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 70 (Driver: Not loaded [0xc000036b]) ¤¤¤
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueA : C:\Windows\system32\version.DLL @ 0x72f61b72
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromString : C:\Windows\syswow64\ole32.dll @ 0x7658e599
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUnmarshalInterface : C:\Windows\syswow64\ole32.dll @ 0x7659f150
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoSetProxyBlanket : C:\Windows\syswow64\ole32.dll @ 0x76585ea5
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromCLSID : C:\Windows\syswow64\ole32.dll @ 0x7658eb17
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoCreateGuid : C:\Windows\syswow64\ole32.dll @ 0x765b15d5
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetTreatAsClass : C:\Windows\syswow64\ole32.dll @ 0x7659a72f
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetMarshalSizeMax : C:\Windows\syswow64\ole32.dll @ 0x7659f1eb
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoMarshalInterface : C:\Windows\syswow64\ole32.dll @ 0x7659ef03
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromGUID2 : C:\Windows\syswow64\ole32.dll @ 0x765b22ec
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - FreePropVariantArray : C:\Windows\syswow64\ole32.dll @ 0x76582d6d
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoInitializeEx : C:\Windows\syswow64\ole32.dll @ 0x765b09ad
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoFreeUnusedLibraries : C:\Windows\syswow64\ole32.dll @ 0x76600cc2
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemAlloc : C:\Windows\syswow64\ole32.dll @ 0x765bea4c
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemFree : C:\Windows\syswow64\ole32.dll @ 0x765c6f41
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromProgID : C:\Windows\syswow64\ole32.dll @ 0x7659503c
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUninitialize : C:\Windows\syswow64\ole32.dll @ 0x765b86d3
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ IEFRAME.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueA : C:\Windows\system32\version.DLL @ 0x72f61b72
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromString : C:\Windows\syswow64\ole32.dll @ 0x7658e599
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUnmarshalInterface : C:\Windows\syswow64\ole32.dll @ 0x7659f150
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoSetProxyBlanket : C:\Windows\syswow64\ole32.dll @ 0x76585ea5
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromCLSID : C:\Windows\syswow64\ole32.dll @ 0x7658eb17
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoCreateGuid : C:\Windows\syswow64\ole32.dll @ 0x765b15d5
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetTreatAsClass : C:\Windows\syswow64\ole32.dll @ 0x7659a72f
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetMarshalSizeMax : C:\Windows\syswow64\ole32.dll @ 0x7659f1eb
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoMarshalInterface : C:\Windows\syswow64\ole32.dll @ 0x7659ef03
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromGUID2 : C:\Windows\syswow64\ole32.dll @ 0x765b22ec
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - FreePropVariantArray : C:\Windows\syswow64\ole32.dll @ 0x76582d6d
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoInitializeEx : C:\Windows\syswow64\ole32.dll @ 0x765b09ad
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoFreeUnusedLibraries : C:\Windows\syswow64\ole32.dll @ 0x76600cc2
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemAlloc : C:\Windows\syswow64\ole32.dll @ 0x765bea4c
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemFree : C:\Windows\syswow64\ole32.dll @ 0x765c6f41
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromProgID : C:\Windows\syswow64\ole32.dll @ 0x7659503c
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUninitialize : C:\Windows\syswow64\ole32.dll @ 0x765b86d3
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ MSHTML.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x72f61b51
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x72f618e9
    [IAT:Addr] (iexplore.exe @ jscript9.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x72f61a15

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: TOSHIBA MK5056GSY +++++
    --- User ---
    [MBR] 9d84565bc9a8749f667fa3110b319a9a
    [BSP] 9e5a9bfeeff639a3cfb89e3bae643a3c : Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 452933 MB
    2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 928016384 | Size: 23703 MB
    3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: USB Disk +++++
    --- User ---
    [MBR] 9316104665a782f81734208e2c0e3e52
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8192 | Size: 30432 MB
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )


    ============================================
    RKreport_SCN_10182014_154750.log

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.07.0.1012

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 11.0.9600.17358

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 2.394000 GHz
    Memory total: 4083007488, free: 739336192

    Downloaded database version: v2014.10.18.06
    Downloaded database version: v2014.10.17.01
    Initializing...
    ======================
    Done!
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 333CC7B8

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 407552
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600 Numsec = 927606784

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 928016384 Numsec = 48543744

    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 976560128 Numsec = 210992

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
    Done!
    Drive 1
    Scanning MBR on drive 1...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 0

    Partition information:

    Partition 0 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 8192 Numsec = 62325760

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 31914983424 bytes
    Sector size: 512 bytes

    Done!
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
    Removal finished


    Malwarebytes Anti-Rootkit BETA 1.07.0.1012
    www.malwarebytes.org

    Database version: v2014.10.18.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17358
    Reeves Resources :: REEVESRESOURCES [administrator]

    10/18/2014 3:53:47 PM
    mbar-log-2014-10-18 (15-53-47).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled:
    Objects scanned: 360774
    Time elapsed: 23 minute(s), 52 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)
     
  6. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  7. Reeves1

    Reeves1 TS Rookie Topic Starter

    ComboFix 14-10-20.01 - Reeves Resources 10/20/2014 22:00:34.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1301 [GMT -4:00]
    Running from: c:\users\Reeves Resources\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YCF2I14Y\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\security\Database\tmp.edb
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-09-21 to 2014-10-21 )))))))))))))))))))))))))))))))
    .
    .
    2014-10-18 19:53 . 2014-10-19 04:46 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2014-10-18 19:16 . 2014-10-18 19:16 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2014-10-18 19:16 . 2014-10-18 19:16 -------- d-----w- c:\programdata\RogueKiller
    2014-10-17 22:26 . 2014-10-17 22:26 -------- d-----w- c:\programdata\Panda Security
    2014-10-17 22:26 . 2014-10-17 22:26 -------- d-----w- c:\program files (x86)\Panda USB Vaccine
    2014-10-17 21:53 . 2014-10-21 03:28 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-10-17 21:52 . 2014-10-18 19:52 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-10-17 21:52 . 2014-10-01 15:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-10-17 21:52 . 2014-10-01 15:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-10-17 21:52 . 2014-10-17 21:52 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
    2014-10-17 21:52 . 2014-10-17 21:52 -------- d-----w- c:\programdata\Malwarebytes
    2014-10-17 13:49 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D9BB483-B3BB-42BE-8FE5-F6EF920D627E}\mpengine.dll
    2014-10-16 15:39 . 2014-05-20 12:21 67808 ----a-w- c:\windows\system32\drivers\MOBK.sys
    2014-10-16 15:39 . 2014-10-16 15:39 -------- d-----w- c:\program files (x86)\McAfee Online Backup
    2014-10-16 15:39 . 2013-09-23 17:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
    2014-10-16 15:37 . 2014-10-16 15:39 -------- d-----w- c:\program files\McAfee
    2014-10-16 15:37 . 2014-10-17 13:11 -------- d-----w- c:\program files (x86)\McAfee
    2014-10-16 15:37 . 2014-10-16 15:38 -------- d-----w- c:\program files (x86)\Common Files\McAfee
    2014-10-16 14:43 . 2014-07-18 13:01 189912 ----a-w- c:\windows\system32\mfevtps.exe
    2014-10-16 14:43 . 2014-10-16 15:39 -------- d-----w- c:\program files\Common Files\McAfee
    2014-10-15 04:36 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
    2014-10-15 04:36 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll
    2014-10-15 04:36 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll
    2014-10-15 04:36 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
    2014-10-15 04:36 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
    2014-10-15 04:36 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
    2014-10-15 04:36 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll
    2014-10-15 04:34 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll
    2014-10-08 18:06 . 2014-10-17 13:16 -------- d-----w- c:\program files (x86)\Browser Features
    2014-10-08 18:02 . 2014-10-08 18:02 -------- d-----w- c:\users\Reeves Resources\AppData\Local\Programs
    2014-10-08 18:01 . 2014-09-01 18:28 304776 ----a-w- c:\windows\SysWow64\MyPROBLEM.dll
    2014-10-01 11:52 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
    2014-10-01 11:52 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
    2014-09-24 16:09 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
    2014-09-24 16:09 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-09-15 13:06 . 2013-10-02 19:55 278152 ------w- c:\windows\system32\MpSigStub.exe
    2014-09-11 12:31 . 2012-07-17 19:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2014-08-23 02:07 . 2014-08-28 19:45 404480 ----a-w- c:\windows\system32\gdi32.dll
    2014-08-23 01:45 . 2014-08-28 19:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
    2014-08-01 11:53 . 2014-09-10 16:04 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
    2014-08-01 11:35 . 2014-09-10 16:04 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
    2014-07-25 06:35 . 2014-07-25 06:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
    2014-07-25 03:47 . 2014-07-25 03:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
    2014-07-24 18:33 . 2014-07-24 18:33 11336 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
    2014-07-24 18:32 . 2014-07-24 18:32 96592 ----a-w- c:\windows\system32\drivers\mfencrk.sys
    2014-07-24 18:31 . 2014-07-24 18:31 444720 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2014-01-23 15:53 220632 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2014-01-23 15:53 220632 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2014-01-23 15:53 220632 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
    "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
    "VitaKeyTSR"="c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe" [2010-06-09 380272]
    "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2010-12-20 1483016]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
    "mcpltui_exe"="c:\program files\Common~1\McAfee\Platform\mcuicnt.exe" [2014-08-05 642040]
    .
    c:\users\Reeves Resources\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
    Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe /Startup [2010-8-25 6152056]
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
    QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2010-12-29 1156384]
    QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2011\QBW32.EXE -silent [2010-12-29 1178400]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
    R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
    R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
    R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
    R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
    R3 cpuz134;cpuz134;c:\users\REEVES~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\REEVES~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
    R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
    R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
    R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
    R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
    R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
    R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]
    R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\pnetmdm64.sys [x]
    R3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;c:\windows\system32\DRIVERS\PTUMWBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWBus.sys [x]
    R3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;c:\windows\system32\DRIVERS\PTUMWCDF.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWCDF.sys [x]
    R3 PTUMWCSP;PANTECH USB Modem V2 Connection Port;c:\windows\system32\DRIVERS\PTUMWCSP.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWCSP.sys [x]
    R3 PTUMWFLT;PTUMWNET Filter Driver;c:\windows\system32\DRIVERS\PTUMWFLT.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWFLT.sys [x]
    R3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;c:\windows\system32\DRIVERS\PTUMWMdm.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWMdm.sys [x]
    R3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;c:\windows\system32\DRIVERS\PTUMWNET.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWNET.sys [x]
    R3 PTUMWNSP;PANTECH USB Modem V2 NMEA Port;c:\windows\system32\DRIVERS\PTUMWNSP.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWNSP.sys [x]
    R3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;c:\windows\system32\DRIVERS\PTUMWVsp.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWVsp.sys [x]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys;c:\windows\SYSNATIVE\DRIVERS\dvmio.sys [x]
    S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK.sys [x]
    S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
    S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
    S2 EgisTec Service;EgisTec Service;c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe;c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [x]
    S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 MOBKbackup;McAfee Online Backup Service;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [x]
    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [x]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
    S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
    S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
    S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - MBAMSWISSARMY
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-09-25 11:13 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 15:04]
    .
    2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 15:04]
    .
    2014-10-21 c:\windows\Tasks\SDMsgUpdate (TE).job
    - c:\progra~2\SMARTD~2\Messages\SDNotify.exe [2012-02-01 18:22]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2014-01-23 15:53 244696 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2014-01-23 15:53 244696 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2014-01-23 15:53 244696 ----a-w- c:\users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
    @="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
    [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
    2014-05-20 12:22 6486376 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
    @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
    [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
    2014-05-20 12:22 6486376 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
    @="{b4caf489-1eec-c617-49ad-8d7088598c06}"
    [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
    2014-05-20 12:22 6486376 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
    "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2710856]
    "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
    "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-06-01 324096]
    "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <-loopback>
    uSearchAssistant = www.google.com
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{85953376-87AC-4AD5-8A0A-849EBA1EBBEF}: NameServer = 8.8.8.8,8.8.8.9
    TCP: Interfaces\{85953376-87AC-4AD5-8A0A-849EBA1EBBEF}\E45445745414252323: NameServer = 8.8.8.8,8.8.8.9
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKCU-Run-Secure Reminder - c:\program files (x86)\MoRUN.net\Secure Reminder\reminder.exe
    Wow6432Node-HKCU-Run-ares - c:\program files (x86)\Ares\Ares.exe
    Wow6432Node-HKCU-Run-iCloudServices - c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    Wow6432Node-HKCU-Run-ApplePhotoStreams - c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    c:\windows\SysWOW64\rundll32.exe
    c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
    c:\program files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
    c:\program files (x86)\Panda USB Vaccine\USBVaccine.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    .
    **************************************************************************
    .
    Completion time: 2014-10-20 23:37:30 - machine was rebooted
    ComboFix-quarantined-files.txt 2014-10-21 03:37
    .
    Pre-Run: 305,193,689,088 bytes free
    Post-Run: 304,559,562,752 bytes free
    .
    - - End Of File - - 756CB4C60DD319CC52A42DF264C1F856
     
  8. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Looks good.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.



    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    [​IMG] Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
     
  9. Reeves1

    Reeves1 TS Rookie Topic Starter

    # AdwCleaner v4.001 - Report created 21/10/2014 at 07:20:03
    # Updated 20/10/2014 by Xplode
    # Database : 2014-10-20.3
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Reeves Resources - REEVESRESOURCES
    # Running from : C:\Users\Reeves Resources\Downloads\adwcleaner_4.001.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\user.js
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Found : C:\Users\Reeves Resources\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
    File Found : C:\Windows\Reimage.ini
    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\ProgramData\Babylon
    Folder Found : C:\ProgramData\WeCareReminder
    Folder Found : C:\Users\Guest\AppData\LocalLow\HPAppData
    Folder Found : C:\Users\Reeves Resources\AppData\Local\Conduit
    Folder Found : C:\Users\Reeves Resources\AppData\LocalLow\Conduit
    Folder Found : C:\Users\Reeves Resources\AppData\LocalLow\HPAppData
    Folder Found : C:\Users\Reeves Resources\AppData\Roaming\Babylon
    Folder Found : C:\Users\Reeves Resources\AppData\Roaming\FinalTorrent
    Folder Found : C:\Users\Reeves Resources\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidekick Manager
    Folder Found : C:\Users\Reeves Resources\AppData\Roaming\xVidly
    Folder Found : C:\Users\Reeves Resources\Documents\Optimizer Pro

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AppDataLow\Software\Toolbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Delta
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Optimizer Pro
    Key Found : HKCU\Software\Reimage
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\UpdateFiles
    Key Found : HKCU\Software\WebProtect
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Delta
    Key Found : [x64] HKCU\Software\IM
    Key Found : [x64] HKCU\Software\ImInstaller
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : [x64] HKCU\Software\Optimizer Pro
    Key Found : [x64] HKCU\Software\Reimage
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\UpdateFiles
    Key Found : [x64] HKCU\Software\WebProtect
    Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\Delta
    Key Found : HKLM\SOFTWARE\e0d7d1b735ea40
    Key Found : HKLM\SOFTWARE\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_iphonebrowser[1]_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_iphonebrowser[1]_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_smartdraw[1]_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_smartdraw[1]_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\weDownload Manager Pro-codedownloader_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\weDownload Manager Pro-codedownloader_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\WebProtect
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Found : [x64] HKLM\SOFTWARE\Reimage

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17344

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=TJ&userid=af92233d-b43a-4855-8c10-a2c76e665fef&searchtype=ds&q={searchTerms}
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=TJ&userid=af92233d-b43a-4855-8c10-a2c76e665fef&searchtype=ds&q={searchTerms}

    -\\ Google Chrome v37.0.2062.124


    *************************

    AdwCleaner[R0].txt - [16958 octets] - [21/10/2014 07:20:03]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [17019 octets] ##########



    # AdwCleaner v4.001 - Report created 21/10/2014 at 07:26:52
    # DB v2014-10-20.3
    # Updated 20/10/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Reeves Resources - REEVESRESOURCES
    # Running from : C:\Users\Reeves Resources\Downloads\adwcleaner_4.001.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\Users\Reeves Resources\AppData\Roaming\Babylon
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Users\Reeves Resources\AppData\Local\Conduit
    Folder Deleted : C:\Users\Reeves Resources\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Reeves Resources\AppData\Roaming\FinalTorrent
    Folder Deleted : C:\Users\Guest\AppData\LocalLow\HPAppData
    Folder Deleted : C:\Users\Reeves Resources\AppData\LocalLow\HPAppData
    Folder Deleted : C:\Users\Reeves Resources\Documents\Optimizer Pro
    Folder Deleted : C:\Users\Reeves Resources\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidekick Manager
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Users\Reeves Resources\AppData\Roaming\xVidly
    File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Deleted : C:\Users\Reeves Resources\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
    File Deleted : C:\Windows\Reimage.ini
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\weDownload Manager Pro-codedownloader_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\weDownload Manager Pro-codedownloader_RASMANCS
    Key Deleted : HKLM\SOFTWARE\e0d7d1b735ea40
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_iphonebrowser[1]_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_iphonebrowser[1]_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_smartdraw[1]_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_smartdraw[1]_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Delta
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\WebProtect
    Key Deleted : HKCU\Software\Reimage
    Key Deleted : HKCU\Software\UpdateFiles
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\Delta
    Key Deleted : HKLM\SOFTWARE\Freeze.com
    Key Deleted : HKLM\SOFTWARE\WebProtect
    Key Deleted : [x64] HKLM\SOFTWARE\Reimage
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17344

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

    -\\ Google Chrome v37.0.2062.124


    *************************

    AdwCleaner[R0].txt - [17316 octets] - [21/10/2014 07:20:03]
    AdwCleaner[S0].txt - [16628 octets] - [21/10/2014 07:26:52]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16689 octets] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.3.3 (10.14.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Reeves Resources on Tue 10/21/2014 at 7:38:30.36
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BetterBrowseSetup_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BetterBrowseSetup_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BetterBrowse_Setup_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BetterBrowse_Setup_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateBetterBrowse_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateBetterBrowse_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBetterBrowse_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBetterBrowse_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_installer_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_installer_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BetterBrowseSetup_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BetterBrowseSetup_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BetterBrowse_Setup_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BetterBrowse_Setup_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateBetterBrowse_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateBetterBrowse_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilBetterBrowse_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilBetterBrowse_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_installer_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_installer_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CADE06FE-7C60-4317-B9A6-264E44CB5838}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CADE06FE-7C60-4317-B9A6-264E44CB5838}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Reeves Resources\appdata\local\cre"



    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 10/21/2014 at 7:47:15.01
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
    Ran by Reeves Resources (administrator) on REEVESRESOURCES on 21-10-2014 08:00:43
    Running from C:\Users\Reeves Resources\Downloads
    Loaded Profile: Reeves Resources (Available profiles: Reeves Resources & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Hewlett-Packard) C:\Windows\System32\hpservice.exe
    (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
    (Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
    (Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
    (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    () C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    (Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
    (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
    (Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2010-12-30] (Synaptics Incorporated)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
    HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
    HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
    HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2011-06-01] (Alcor Micro Corp.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
    HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe [380272 2010-06-08] (Egis Technology Inc. )
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1483016 2010-12-20] (Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
    ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
    ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
    ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
    Startup: C:\Users\Reeves Resources\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
  10. Reeves1

    Reeves1 TS Rookie Topic Starter

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM - {67AD2CC7-F332-4942-9355-42D971B842E7} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.p...tByCtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=703972741
    SearchScopes: HKLM - {A72EDBD1-D070-4F16-ABDF-1617FB98F89C} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM - {CADE06FE-7C60-4317-B9A6-264E44CB5838} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    SearchScopes: HKLM-x32 - {67AD2CC7-F332-4942-9355-42D971B842E7} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
    SearchScopes: HKLM-x32 - {A72EDBD1-D070-4F16-ABDF-1617FB98F89C} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKCU - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    SearchScopes: HKCU - {67AD2CC7-F332-4942-9355-42D971B842E7} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKCU - {A72EDBD1-D070-4F16-ABDF-1617FB98F89C} URL =
    SearchScopes: HKCU - {C5917736-451C-41C1-BFD3-D3805D1A5EF8} URL =
    SearchScopes: HKCU - {DABC2E02-3C18-43CD-A7EB-CAD5EFC85D2A} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US739D20141016&p={SearchTerms}
    BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - No File
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
    Tcpip\..\Interfaces\{85953376-87AC-4AD5-8A0A-849EBA1EBBEF}: [NameServer] 8.8.8.8,8.8.8.9

    FireFox:
    ========
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt
    FF Extension: SimplePass Online Accounts Extension - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010-09-15]
    FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-14]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-10-16]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-16]
    FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    Chrome:
    =======
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.671\_platform_specific\win_x86\widevinecdmadapter.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
    CHR Plugin: (Free Download Manager Click Catcher Plug-In for Netscape, Opera, Mozilla) - C:\Program Files (x86)\Google\Chrome\Application\plugins\npfdm.dll (FreeDownloadManager.org)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    CHR Profile: C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-09]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
    CHR Extension: (YouTube) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-09]
    CHR Extension: (Google Search) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-09]
    CHR Extension: (Google Wallet) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
    CHR Extension: (Gmail) - C:\Users\Reeves Resources\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-16]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-08] (Egis Technology Inc. )
    S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2012-02-21] (Macrovision Europe Ltd.) [File not signed]
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
    R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [184168 2014-05-20] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2010-12-26] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
    R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1251840 2010-09-17] () [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
    R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-21] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
    R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [67808 2014-05-20] (Mozy, Inc.)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-18] ()
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S3 androidusb; System32\Drivers\motoandroid.sys [X]
    S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
    S3 btwampfl; system32\drivers\btwampfl.sys [X]
    S3 btwaudio; system32\drivers\btwaudio.sys [X]
    S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
    S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
    S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 cpuz134; \??\C:\Users\REEVES~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
    S3 motccgp; system32\DRIVERS\motccgp.sys [X]
    S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
    S3 MotDev; system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
    S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
    S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-21 07:59 - 2014-10-21 08:00 - 00030052 _____ () C:\Users\Reeves Resources\Downloads\Addition.txt
    2014-10-21 07:57 - 2014-10-21 08:01 - 00030464 _____ () C:\Users\Reeves Resources\Downloads\FRST.txt
    2014-10-21 07:57 - 2014-10-21 08:00 - 00000000 ____D () C:\FRST
    2014-10-21 07:57 - 2014-10-21 07:57 - 02110976 _____ (Farbar) C:\Users\Reeves Resources\Downloads\FRST64.exe
    2014-10-21 07:47 - 2014-10-21 07:47 - 00003809 _____ () C:\Users\Reeves Resources\Desktop\JRT.txt
    2014-10-21 07:38 - 2014-10-21 07:38 - 00000000 ____D () C:\Windows\ERUNT
    2014-10-21 07:19 - 2014-10-21 07:27 - 00000000 ____D () C:\AdwCleaner
    2014-10-21 07:18 - 2014-10-21 07:18 - 01705698 _____ (Thisisu) C:\Users\Reeves Resources\Desktop\JRT.exe
    2014-10-21 07:18 - 2014-10-21 07:18 - 01102336 _____ (Farbar) C:\Users\Reeves Resources\Desktop\FRST.exe
    2014-10-21 07:15 - 2014-10-21 07:15 - 01962496 _____ () C:\Users\Reeves Resources\Downloads\adwcleaner_4.001.exe
    2014-10-20 23:37 - 2014-10-20 23:37 - 00027671 _____ () C:\ComboFix.txt
    2014-10-20 21:50 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-10-20 21:50 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-10-20 21:50 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-10-20 21:50 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-10-20 21:50 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-10-20 21:50 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-10-20 21:50 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-10-20 21:50 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-10-20 21:49 - 2014-10-20 23:37 - 00000000 ____D () C:\Qoobox
    2014-10-20 21:47 - 2014-10-20 23:33 - 00000000 ____D () C:\Windows\erdnt
    2014-10-18 15:54 - 2014-10-18 15:54 - 00013523 _____ () C:\Users\Reeves Resources\Desktop\RKreport_DEL_10182014_154924.log
    2014-10-18 15:53 - 2014-10-19 00:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-10-18 15:51 - 2014-10-19 00:46 - 00000000 ____D () C:\Users\Reeves Resources\Desktop\mbar
    2014-10-18 15:16 - 2014-10-18 15:16 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
    2014-10-18 15:16 - 2014-10-18 15:16 - 00000000 ____D () C:\ProgramData\RogueKiller
    2014-10-18 14:29 - 2014-10-18 14:29 - 00712240 _____ ( ) C:\Users\Reeves Resources\Downloads\FileOpenerSetup (1).exe
    2014-10-18 14:26 - 2014-10-18 14:30 - 00001124 _____ () C:\Users\Reeves Resources\Desktop\Continue File Opener Installation.lnk
    2014-10-18 14:26 - 2014-10-18 14:26 - 00712240 _____ ( ) C:\Users\Reeves Resources\Downloads\FileOpenerSetup.exe
    2014-10-17 19:10 - 2014-10-17 19:10 - 00001077 _____ () C:\Users\Reeves Resources\Desktop\Malware Report.txt
    2014-10-17 18:26 - 2014-10-17 18:26 - 00003042 _____ () C:\Windows\System32\Tasks\PandaUSBVaccine
    2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 ____D () C:\ProgramData\Panda Security
    2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
    2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
    2014-10-17 17:53 - 2014-10-21 07:29 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-10-17 17:52 - 2014-10-18 15:52 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-10-17 17:52 - 2014-10-17 17:52 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-10-17 17:52 - 2014-10-17 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-10-17 17:52 - 2014-10-17 17:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-10-17 17:52 - 2014-10-17 17:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-10-17 17:52 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-10-17 17:52 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-10-16 11:40 - 2014-10-16 11:40 - 00001916 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
    2014-10-16 11:40 - 2014-10-16 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-10-16 11:39 - 2014-10-16 11:39 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
    2014-10-16 11:39 - 2014-10-16 11:39 - 00000000 ____D () C:\Program Files (x86)\McAfeeMOBK
    2014-10-16 11:39 - 2014-10-16 11:39 - 00000000 ____D () C:\Program Files (x86)\McAfee Online Backup
    2014-10-16 11:39 - 2014-05-20 08:21 - 00067808 _____ (Mozy, Inc.) C:\Windows\system32\Drivers\MOBK.sys
    2014-10-16 11:39 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
    2014-10-16 11:38 - 2014-10-16 11:38 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
    2014-10-16 11:37 - 2014-10-17 09:11 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2014-10-16 11:37 - 2014-10-16 11:39 - 00000000 ____D () C:\Program Files\McAfee
    2014-10-16 11:37 - 2014-10-16 11:37 - 00000000 ____D () C:\Program Files\McAfee.com
    2014-10-16 10:43 - 2014-10-16 11:39 - 00000000 ____D () C:\Program Files\Common Files\McAfee
    2014-10-16 10:43 - 2014-10-16 10:43 - 05296056 _____ (McAfee, Inc.) C:\Users\Reeves Resources\Downloads\Setup_serial_2gvKwuxtnODttys75Mh3aA2_key.exe
    2014-10-16 10:43 - 2014-07-18 09:01 - 00189912 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
    2014-10-15 00:36 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-10-15 00:36 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-10-15 00:36 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2014-10-15 00:36 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
    2014-10-15 00:36 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-10-15 00:36 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
    2014-10-15 00:36 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2014-10-15 00:35 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-10-15 00:35 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-10-15 00:35 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-10-15 00:35 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-10-15 00:35 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-10-15 00:35 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-10-15 00:35 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-10-15 00:35 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-10-15 00:35 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-10-15 00:35 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-10-15 00:35 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-10-15 00:35 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-10-15 00:35 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-10-15 00:35 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-10-15 00:35 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-10-15 00:35 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-10-15 00:35 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-10-15 00:35 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-10-15 00:35 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-10-15 00:35 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-10-15 00:35 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-10-15 00:35 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-10-15 00:35 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-10-15 00:35 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-10-15 00:35 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-10-15 00:35 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-10-15 00:35 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-10-15 00:35 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-10-15 00:35 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-10-15 00:35 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-10-15 00:35 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-10-15 00:35 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-10-15 00:35 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-10-15 00:35 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-10-15 00:35 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-10-15 00:35 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-10-15 00:35 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-10-15 00:35 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-10-15 00:35 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-10-15 00:35 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-10-15 00:35 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-10-15 00:35 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-10-15 00:35 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-10-15 00:35 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-10-15 00:35 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-10-15 00:35 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-10-15 00:35 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-10-15 00:35 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-10-15 00:35 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-10-15 00:35 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-10-15 00:35 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-10-15 00:35 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-10-15 00:35 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-10-15 00:35 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-10-15 00:35 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-10-15 00:35 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-10-15 00:35 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-10-15 00:35 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-10-15 00:35 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2014-10-15 00:35 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2014-10-15 00:35 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2014-10-15 00:35 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2014-10-15 00:35 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2014-10-15 00:35 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2014-10-15 00:35 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2014-10-15 00:35 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2014-10-15 00:35 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2014-10-15 00:35 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2014-10-15 00:35 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2014-10-15 00:35 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-10-15 00:35 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2014-10-15 00:35 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-10-15 00:35 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2014-10-15 00:35 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2014-10-15 00:35 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2014-10-15 00:35 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2014-10-15 00:35 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2014-10-15 00:35 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-10-15 00:35 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2014-10-15 00:35 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2014-10-15 00:35 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2014-10-15 00:35 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2014-10-15 00:35 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2014-10-15 00:35 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2014-10-15 00:35 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2014-10-15 00:35 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2014-10-15 00:35 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2014-10-15 00:35 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2014-10-15 00:35 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2014-10-15 00:35 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2014-10-15 00:35 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-10-15 00:35 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-10-15 00:35 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2014-10-15 00:34 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-10-15 00:34 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-10-15 00:34 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-10-15 00:34 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-10-15 00:34 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-10-15 00:34 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-10-15 00:34 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-10-15 00:34 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-10-15 00:34 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-10-15 00:34 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
    2014-10-15 00:34 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-10-15 00:34 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-10-15 00:34 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2014-10-15 00:34 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-10-15 00:34 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-10-15 00:34 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-10-15 00:34 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-10-10 10:44 - 2014-10-17 10:52 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-10-08 14:06 - 2014-10-17 09:16 - 00000000 ____D () C:\Program Files (x86)\Browser Features
    2014-10-08 14:06 - 2014-10-16 10:20 - 00118784 ____H () C:\Users\Reeves Resources\AppData\Local\ChromeHitoryDB
    2014-10-08 14:01 - 2014-09-01 14:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyPROBLEM.dll
    2014-10-01 07:52 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-10-01 07:52 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-09-24 12:09 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-24 12:09 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-21 07:53 - 2010-09-15 09:25 - 01381009 _____ () C:\Windows\WindowsUpdate.log
    2014-10-21 07:36 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-21 07:36 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-21 07:33 - 2009-07-14 01:13 - 00006206 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-10-21 07:31 - 2010-10-13 18:11 - 00000000 ____D () C:\Users\Reeves Resources\Documents\Reeves Business Park
    2014-10-21 07:29 - 2012-02-01 14:56 - 00000494 _____ () C:\Windows\Tasks\SDMsgUpdate (TE).job
    2014-10-21 07:29 - 2012-01-17 11:04 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-21 07:28 - 2010-09-15 09:33 - 01273632 _____ () C:\Windows\PFRO.log
    2014-10-21 07:28 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-21 07:28 - 2009-07-14 00:51 - 00087777 _____ () C:\Windows\setupact.log
    2014-10-21 07:26 - 2012-02-01 13:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-10-21 07:14 - 2012-01-17 11:04 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-20 23:37 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
    2014-10-20 23:29 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
    2014-10-20 23:25 - 2009-07-13 22:34 - 93847552 _____ () C:\Windows\system32\config\SOFTWARE.bak
    2014-10-20 23:25 - 2009-07-13 22:34 - 24903680 _____ () C:\Windows\system32\config\SYSTEM.bak
    2014-10-20 23:25 - 2009-07-13 22:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
    2014-10-20 23:25 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
    2014-10-20 23:25 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
    2014-10-20 21:49 - 2010-10-27 08:24 - 00000000 ___HD () C:\Users\Reeves Resources\AppData\Local\CrashDumps
    2014-10-18 12:09 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
    2014-10-17 18:18 - 2011-03-02 17:54 - 00000000 ____D () C:\Windows\Minidump
    2014-10-17 18:17 - 2013-09-22 12:48 - 00000000 ____D () C:\Users\Reeves Resources\AppData\Roaming\523f1f51160ba03a43011a54
    2014-10-17 17:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-10-17 16:43 - 2012-11-27 10:24 - 00000000 ____D () C:\ProgramData\McAfee
    2014-10-17 10:03 - 2010-10-11 11:17 - 00000000 ____D () C:\Users\Reeves Resources\Desktop\Jamison Reeves
    2014-10-17 09:23 - 2012-11-09 09:29 - 00001487 _____ () C:\Users\Reeves Resources\Desktop\Chrome.lnk
    2014-10-17 08:28 - 2013-10-21 20:33 - 00000000 ____D () C:\Users\Reeves Resources\Documents\Outlook Files
    2014-10-16 09:23 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-10-15 04:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-10-15 03:29 - 2009-07-14 00:45 - 00439296 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-10-15 03:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-10-15 03:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-10-15 03:07 - 2010-10-05 15:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-10-10 10:47 - 2011-12-14 16:17 - 00121112 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
    2014-10-10 07:34 - 2009-07-13 22:34 - 00000580 _____ () C:\Windows\win.ini
    2014-10-09 15:22 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy

    Files to move or delete:
    ====================
    C:\ProgramData\QuickTimeInstaller.exe
    C:\Users\Reeves Resources\gotomypc_540.exe


    Some content of TEMP:
    ====================
    C:\Users\Reeves Resources\AppData\Local\Temp\Quarantine.exe
    C:\Users\Reeves Resources\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-10-16 00:41

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
    Ran by Reeves Resources at 2014-10-21 08:01:41
    Running from C:\Users\Reeves Resources\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
     
  11. Reeves1

    Reeves1 TS Rookie Topic Starter

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
    Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
    Adobe Reader 9.4.7 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.4.7 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden
    BioExcess (Version: 7.0.33.0 - Egis Technology Inc.) Hidden
    bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
    BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
    Canon MX350 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series) (Version: - )
    Canon MX350 series User Registration (HKLM-x32\...\Canon MX350 series User Registration) (Version: - )
    Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
    Google SketchUp 8 (HKLM-x32\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hondata s300 ECU Editor (HKLM-x32\...\Hondata s300 ECU Editor_is1) (Version: - Hondata, Inc.)
    HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
    HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Documentation (HKLM-x32\...\{F3DE25BA-16EA-42A5-BC92-786BECBE5CE4}) (Version: 1.1.1.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
    HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
    HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
    HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
    HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
    HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
    HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
    HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
    HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)
    HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard) Hidden
    HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.33.0 - Egis Technology Inc.)
    HP SimplePass Identity Protection (x32 Version: 7.0.33.0 - Egis Technology Inc.) Hidden
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Intel PROSet Wireless (Version: - ) Hidden
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
    Intel(R) Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)
    Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
    McAfee Online Backup (Version: 2.26.1.386 - McAfee, Inc.) Hidden
    McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
    Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MotoConnect (HKLM-x32\...\{1C643154-0ADF-4B4C-AF17-E315C946A54B}) (Version: 1.1.30 - Motorola)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
    PANTECH USB Modem V2 (HKLM\...\{1C336D20-A089-4818-9C56-96AD81BF5A11}) (Version: 1.2.4151.1109 - PANTECH CO.,LTD)
    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    QuickBooks (x32 Version: 21.0.4005.904 - Intuit Inc.) Hidden
    QuickBooks Premier Edition 2011 (HKLM-x32\...\{11E0AC7D-6824-4F67-865F-EE1C13D28C38}) (Version: 21.0.4005.904 - Intuit Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.25.824.2010 - Realtek)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
    SmartDraw 2012 (HKLM-x32\...\SmartDraw 2012) (Version: - SmartDraw.com)
    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
    Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation No File
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe No File
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll No File
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Reeves Resources\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    11-09-2014 12:02:52 Windows Update
    16-09-2014 12:07:08 Windows Update
    22-09-2014 11:21:26 Windows Update
    25-09-2014 11:12:35 Windows Update
    01-10-2014 11:52:56 Windows Update
    02-10-2014 18:55:15 Windows Update
    07-10-2014 11:24:13 Windows Update
    15-10-2014 04:00:02 Scheduled Checkpoint
    15-10-2014 04:26:15 Windows Update
    15-10-2014 07:00:41 Windows Update
    17-10-2014 13:31:22 Restore Operation
    18-10-2014 19:32:05 1018
    21-10-2014 01:51:05 ComboFix created restore point

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2014-10-20 23:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {19BA176A-6909-4E20-A27C-E5898A0FD438} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
    Task: {1E34AB97-CC73-4D83-AAC3-73327AA94585} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
    Task: {42EB9CF6-9C09-42CD-BED2-ABDD973178F8} - System32\Tasks\SDMsgUpdate (TE) => C:\Program Files (x86)\SmartDraw 2012\Messages\SDNotify.exe [2011-09-26] ()
    Task: {48786727-986D-4DC3-B148-848BAAFE3C4D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
    Task: {5F1B2848-99EF-4671-9632-79FFF37CB5C1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-25] (CyberLink)
    Task: {6F591128-0FA0-4371-989A-55C47E81B360} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
    Task: {ABAA5D61-44EF-436D-95A6-CB97F92D3467} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
    Task: {E6717111-0F7E-4AE6-8E87-FA0B68EE50A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17] (Google Inc.)
    Task: {F06EBDA6-EBEC-4C3D-818C-8FE1F255D70B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
    Task: {FA20756C-91E8-4B7F-9ABA-E519B17CB85E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17] (Google Inc.)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~2\SMARTD~2\Messages\SDNotify.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-03-05 12:21 - 2010-03-05 12:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
    2011-03-05 21:03 - 2010-09-17 18:04 - 01251840 _____ () C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    2010-03-05 12:21 - 2010-03-05 12:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
    2010-01-20 19:20 - 2010-01-20 19:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    2010-06-18 19:26 - 2010-06-18 19:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2010-06-18 19:26 - 2010-06-18 19:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
    2010-06-18 19:26 - 2010-06-18 19:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00268064 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00020256 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBCompressor.dll
    2005-07-19 23:18 - 2005-07-19 23:18 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\zlib1.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00337184 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\BackupLib.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00124704 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBMAPILibrary.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00175904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll
    2010-12-29 15:31 - 2010-12-29 15:31 - 00041760 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\mbpopup.dll
    2010-09-15 09:28 - 2010-03-03 23:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
    2014-09-25 07:17 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
    2014-09-25 07:17 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
    2014-09-25 07:17 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
    2014-09-25 07:17 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
    2014-09-25 07:17 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
    2014-09-25 07:17 - 2014-09-23 00:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-718789289-862937527-1542724854-500 - Administrator - Disabled)
    Guest (S-1-5-21-718789289-862937527-1542724854-501 - Limited - Enabled) => C:\Users\Guest
    Reeves Resources (S-1-5-21-718789289-862937527-1542724854-1000 - Administrator - Enabled) => C:\Users\Reeves Resources

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============
    Error: (10/21/2014 07:53:43 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-10-20 23:22:50.814
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-10-20 23:22:50.710
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-10-19 12:34:25.730
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-19 12:34:25.196
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-19 12:34:24.810
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-18 15:58:58.648
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-18 15:58:58.397
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-18 15:58:58.156
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-18 11:53:39.956
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-10-18 11:53:39.550
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-718789289-862937527-1542724854-1000\$RROA1J7\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
    Percentage of memory in use: 55%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 1737.39 MB
    Total Pagefile: 7785.9 MB
    Available Pagefile: 5154.99 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:442.32 GB) (Free:283.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:23.15 GB) (Free:2.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive f: () (Removable) (Total:29.71 GB) (Free:23.57 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 333CC7B8)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=442.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=23.1 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

    ========================================================
    Disk: 1 (Size: 29.7 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  12. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  13. Reeves1

    Reeves1 TS Rookie Topic Starter

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-10-2014
    Ran by Reeves Resources at 2014-10-21 20:40:07 Run:1
    Running from C:\Users\Reeves Resources\Desktop
    Loaded Profile: Reeves Resources (Available profiles: Reeves Resources & Guest)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.p...tByCtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=703972741
    SearchScopes: HKLM - {CADE06FE-7C60-4317-B9A6-264E44CB5838} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    SearchScopes: HKCU - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    SearchScopes: HKCU - {A72EDBD1-D070-4F16-ABDF-1617FB98F89C} URL =
    SearchScopes: HKCU - {C5917736-451C-41C1-BFD3-D3805D1A5EF8} URL =
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
    BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
    Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - No File
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
    FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
    S3 androidusb; System32\Drivers\motoandroid.sys [X]
    S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
    S3 btwampfl; system32\drivers\btwampfl.sys [X]
    S3 btwaudio; system32\drivers\btwaudio.sys [X]
    S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
    S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
    S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 cpuz134; \??\C:\Users\REEVES~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
    S3 motccgp; system32\DRIVERS\motccgp.sys [X]
    S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
    S3 MotDev; system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
    S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
    S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
    C:\ProgramData\QuickTimeInstaller.exe
    C:\Users\Reeves Resources\gotomypc_540.exe
    C:\Users\Reeves Resources\AppData\Local\Temp\Quarantine.exe
    C:\Users\Reeves Resources\AppData\Local\Temp\sqlite3.dll
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation No File
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe No File
    CustomCLSID: HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll No File

    *****************

    C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
    C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
    "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
    "HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CADE06FE-7C60-4317-B9A6-264E44CB5838}" => Key deleted successfully.
    "HKCR\CLSID\{CADE06FE-7C60-4317-B9A6-264E44CB5838}" => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A72EDBD1-D070-4F16-ABDF-1617FB98F89C}" => Key deleted successfully.
    "HKCR\CLSID\{A72EDBD1-D070-4F16-ABDF-1617FB98F89C}" => Key not found.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5917736-451C-41C1-BFD3-D3805D1A5EF8}" => Key deleted successfully.
    "HKCR\CLSID\{C5917736-451C-41C1-BFD3-D3805D1A5EF8}" => Key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    "HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
    "HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => value deleted successfully.
    "HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => Key not found.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
    "HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
    "HKCR\PROTOCOLS\Handler\intu-help-qb4" => Key deleted successfully.
    "HKCR\CLSID\{ACE22922-D07C-4860-B51B-8CF472FEC2CB}" => Key not found.
    "HKCR\PROTOCOLS\Handler\qbwc" => Key deleted successfully.
    "HKCR\CLSID\{FC598A64-626C-4447-85B8-53150405FD57}" => Key not found.
    "HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0" => Key deleted successfully.
    androidusb => Service deleted successfully.
    BTCFilterService => Service deleted successfully.
    btwampfl => Service deleted successfully.
    btwaudio => Service deleted successfully.
    btwavdt => Service deleted successfully.
    btwl2cap => Service deleted successfully.
    btwrchid => Service deleted successfully.
    catchme => Service deleted successfully.
    cpuz134 => Service deleted successfully.
    motandroidusb => Service deleted successfully.
    motccgp => Service deleted successfully.
    motccgpfl => Service deleted successfully.
    MotDev => Service deleted successfully.
    motmodem => Service deleted successfully.
    MotoSwitchService => Service deleted successfully.
    Motousbnet => Service deleted successfully.
    motusbdevice => Service deleted successfully.
    C:\ProgramData\QuickTimeInstaller.exe => Moved successfully.
    C:\Users\Reeves Resources\gotomypc_540.exe => Moved successfully.
    C:\Users\Reeves Resources\AppData\Local\Temp\Quarantine.exe => Moved successfully.
    C:\Users\Reeves Resources\AppData\Local\Temp\sqlite3.dll => Moved successfully.
    "HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}" => Key deleted successfully.
    "HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}" => Key deleted successfully.
    "HKU\S-1-5-21-718789289-862937527-1542724854-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}" => Key deleted successfully.


    The system needed a reboot.

    ==== End of Fixlog ====
     
  14. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    How is computer doing?

    Last scans...

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    [​IMG] Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Internet Explorer users - Click on this link to open ESET OnlineScan.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on ESET Smart Installer to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the [img=[url]http://www.bleepstatic.com/fhost/uploads/0/esetsmartinstaller_enu.png][/url] icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.[/*]
    • Check "Enable detection of potentially unwanted applications".
    • Click Advanced settings and make sure all 4 boxes are checkmarked (two of them are already checkmarked by default).
      Do NOT checkmark "Use custom proxy settings"
    • Click the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats[/*]
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
     
  15. Reeves1

    Reeves1 TS Rookie Topic Starter

    Excellent, maybe a little slow but no more ad ware and my internet connectivity issues are gone, and have been sine the first few scans. Thank you very much.

    Downloading the last scans now and will post reports.
     
  16. Broni

    Broni Malware Annihilator Posts: 52,898   +344

  17. Reeves1

    Reeves1 TS Rookie Topic Starter

    Results of screen317's Security Check version 0.99.89
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    McAfee Anti-Virus and Anti-Spyware
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    McAfee SiteAdvisor
    Adobe Reader 9 Adobe Reader out of Date!
    Google Chrome 37.0.2062.120
    Google Chrome 37.0.2062.124
    Google Chrome Plugins...
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbam.exe
    Malwarebytes Anti-Malware mbamscheduler.exe
    Symantec Norton Online Backup NOBuAgent.exe
    McAfee Online Backup MOBKbackup.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 1%
    ````````````````````End of Log``````````````````````

    Farbar Service Scanner Version: 21-07-2014
    Ran by Reeves Resources (administrator) on 21-10-2014 at 21:07:39
    Running from "C:\Users\Reeves Resources\Desktop"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is unreachable
    Google.com is accessible.
    Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     
  18. Reeves1

    Reeves1 TS Rookie Topic Starter

    I'm still waiting on the ESET Scan
     
  19. Broni

    Broni Malware Annihilator Posts: 52,898   +344

  20. Reeves1

    Reeves1 TS Rookie Topic Starter

    C:\Documents and Settings\Reeves Resources\AppData\Local\Ares\My Shared Folder\! sexy porno goth teen nude hot naked cheerleader schoolgirl spank *** bdsm.zip a variant of Win32/MoliVampire.B trojan
    C:\Documents and Settings\Reeves Resources\Local Settings\Ares\My Shared Folder\! sexy porno goth teen nude hot naked cheerleader schoolgirl spank *** bdsm.zip a variant of Win32/MoliVampire.B trojan
    C:\Users\Reeves Resources\AppData\Local\Ares\My Shared Folder\! sexy porno goth teen nude hot naked cheerleader schoolgirl spank *** bdsm.zip a variant of Win32/MoliVampire.B trojan
    C:\Users\Reeves Resources\Desktop\Jamison Reeves\s300Manager.exe a variant of Win32/Injector.DQS trojan
    C:\Users\Reeves Resources\Downloads\FileOpenerSetup (1).exe a variant of Win32/InstallCore.QB potentially unwanted application
    C:\Users\Reeves Resources\Downloads\FileOpenerSetup.exe a variant of Win32/InstallCore.QB potentially unwanted application
    C:\Users\Reeves Resources\Downloads\flv_installer.exe a variant of Win32/SquareNet.A potentially unwanted application
    C:\Users\Reeves Resources\Downloads\gimp-setup.exe Win32/DownloadAdmin.G potentially unwanted application
    C:\Users\Reeves Resources\Downloads\jvlsetup (1).exe a variant of Win32/SoftPulse.H potentially unwanted application
    C:\Users\Reeves Resources\Downloads\jvlsetup (2).exe a variant of Win32/SoftPulse.H potentially unwanted application
    C:\Users\Reeves Resources\Downloads\jvlsetup (3).exe a variant of Win32/SoftPulse.H potentially unwanted application
    C:\Users\Reeves Resources\Downloads\jvlsetup (4).exe a variant of Win32/SoftPulse.H potentially unwanted application
    C:\Users\Reeves Resources\Downloads\jvlsetup.exe a variant of Win32/SoftPulse.H potentially unwanted application
    C:\Users\Reeves Resources\Downloads\RealPlayer_RocketFuelInstaller.exe a variant of Win32/Verti.G potentially unwanted application
    C:\Users\Reeves Resources\Downloads\ReimageRepair.exe Win32/DownWare.AC potentially unwanted application
    C:\Users\Reeves Resources\Local Settings\Ares\My Shared Folder\! sexy porno goth teen nude hot naked cheerleader schoolgirl spank *** bdsm.zip a variant of Win32/MoliVampire.B trojan
    C:\Windows\SysWOW64\MyPROBLEM.dll Win32/AdWare.Loadshop.C application
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\AppData\Local\Application Data\Ares\My Shared Folder\! sexy porno goth teen nude hot naked cheerleader schoolgirl spank *** bdsm.zip a variant of Win32/MoliVampire.B trojan deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Desktop\Jamison Reeves\s300Manager.exe a variant of Win32/Injector.DQS trojan cleaned by deleting - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\FileOpenerSetup (1).exe a variant of Win32/InstallCore.QB potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\FileOpenerSetup.exe a variant of Win32/InstallCore.QB potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\flv_installer.exe a variant of Win32/SquareNet.A potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\gimp-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\jvlsetup (1).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\jvlsetup (2).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\jvlsetup (3).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\jvlsetup (4).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\jvlsetup.exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\RealPlayer_RocketFuelInstaller.exe a variant of Win32/Verti.G potentially unwanted application deleted - quarantined
    C:\Documents and Settings\Reeves Resources\Downloads\ReimageRepair.exe Win32/DownWare.AC potentially unwanted application deleted - quarantined
    C:\Program Files (x86)\SManager\SManager.exe a variant of Win32/Injector.DQS trojan cleaned by deleting - quarantined
    C:\Program Files (x86)\Uninstall Information\ib_uninst_342\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application deleted - quarantined
    C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application deleted - quarantined
    C:\Program Files (x86)\Uninstall Information\ib_uninst_555\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application deleted - quarantined
    C:\Windows\System32\MyPROBLEM.dll Win32/AdWare.Loadshop.C application cleaned by deleting - quarantined
     
  21. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Update Adobe Reader

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions (if present).
    Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

    ==================================

    Your computer is clean [​IMG]

    1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
    This is a very crucial step so make sure you don't skip it.
    Download [​IMG]DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

    Double-click Delfix.exe to start the tool.
    Make sure the following items are checked:
    • Activate UAC (optional; some users prefer to keep it off)
    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    • Reset system settings
    Now click "Run" and wait patiently.
    Once finished a logfile will be created. You don't have to attach it to your next reply.

    2. Make sure Windows Updates are current.

    3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    4. Check if your browser plugins are up to date.
    Firefox - https://www.mozilla.org/en-US/plugincheck/
    other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    11. Read:
    How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
    Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
    About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

    12. Please, let me know, how your computer is doing.
     
  22. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    The issue seems to be resolved.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...