==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\AutoUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
(Pear Media, LLC) C:\Program Files (x86)\Chatango\Chatango.exe
() C:\Program Files (x86)\PrtScr\PrtScr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PC Health Labs) C:\Program Files (x86)\PC Driver Kit\PCDKSmartScan.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\449949d56ebf4cd1391f2ce0af1788b0\windowsstoresetupbox.exe
(Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [McAfeeWrapperApplication] => C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe [459232 2013-09-09] (McAfee, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [Akamai NetSession Interface] => C:\Users\charles\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-04] (Pear Media, LLC)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [PC Driver Kit] => C:\Program Files (x86)\PC Driver Kit\PCDKLauncher.exe [201528 2013-10-07] (PC Health Labs)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [PrtScr by FireStarter] => C:\Program Files (x86)\PrtScr\PrtScr.exe [2766336 2013-07-14] ()
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [GoogleChromeAutoLaunch_CBA2C5310C118ECC05EB8FEFA7A0A17D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713114901-669005825-1231334889-1001\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2713114901-669005825-1231334889-1001 -> {1189CDF7-9ABF-4DAF-9264-54CB4D7FA961} URL =
SearchScopes: HKU\S-1-5-21-2713114901-669005825-1231334889-1001 -> {63CABBA1-96AC-4BA0-8692-CCDA4307137B} URL =
https://search.yahoo.com/search?fr=mcafee&type=B011US0D20140901&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2713114901-669005825-1231334889-1001 -> {F4F1FE2F-F774-4980-9E9C-659D6AA80CCD} URL =
https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: prizecoUpon -> {0a29d46f-cb6c-4dc1-a05a-637805deadc9} -> C:\ProgramData\prizecoUpon\IS1VA23mLJhkPo.x64.dll No File
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: saelEprrIzes -> {d0ff97bd-f37c-4ff3-b7e6-2f3d71072732} -> C:\ProgramData\saelEprrIzes\BeH3420HZRwjzC.x64.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2713114901-669005825-1231334889-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\charles\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2713114901-669005825-1231334889-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: WordExtra - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
korey@markus.me [2014-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-02-09]
FF HKLM-x32\...\Thunderbird\Extensions: [
msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-02-09]
FF HKU\S-1-5-21-2713114901-669005825-1231334889-1001\...\Firefox\Extensions: [{101D0638-7E62-14BF-50E7-776091933EA1}] - C:\Program Files (x86)\-Re-MarkableS\174.xpi
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-20]
CHR Extension: (Google Docs) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-20]
CHR Extension: (Google Drive) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-20]
CHR Extension: (YouTube) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-20]
CHR Extension: (Google Search) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-20]
CHR Extension: (Yahoo Extension) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2015-01-12]
CHR Extension: (Google Sheets) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-20]
CHR Extension: (SiteAdvisor) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-13]
CHR Extension: (Skype Click to Call) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-12]
CHR Extension: (Gmail) - C:\Users\charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [eihhgekonheiliaidomffpplfhecmkag] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-01-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-06-21] ()
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 0287651421717166mcinstcleanup; C:\Windows\TEMP\028765~1.EXE -cleanup -nolog [X]
S2 57e40902; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\wincheck\wincheck.dll",serv
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2012-12-28] (Atheros)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 qca_shb; C:\Windows\System32\drivers\qca_shb.sys [99328 2012-12-28] (Qualcomm Atheros Communications Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32136 2012-12-21] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-29] ()
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [35064 2015-01-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 iscFlash; \??\C:\Users\charles\AppData\Local\Temp\7zSB25D.tmp\iscflashx64.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 23:18 - 2015-01-21 23:19 - 00026768 _____ () C:\Users\charles\Downloads\FRST.txt
2015-01-21 23:18 - 2015-01-21 23:18 - 02126848 _____ (Farbar) C:\Users\charles\Downloads\FRST64.exe
2015-01-21 23:18 - 2015-01-21 23:18 - 00000000 ____D () C:\FRST
2015-01-21 23:08 - 2015-01-21 23:11 - 00001143 _____ () C:\Users\charles\Desktop\JRT.txt
2015-01-21 23:02 - 2015-01-21 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-21 23:00 - 2015-01-21 23:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-21 22:58 - 2015-01-21 22:58 - 01707939 _____ (Thisisu) C:\Users\charles\Downloads\JRT.exe
2015-01-21 22:57 - 2015-01-21 22:57 - 00008638 _____ () C:\Users\charles\Desktop\AdwCleaner[S0].txt
2015-01-21 22:45 - 2015-01-21 22:52 - 00000000 ____D () C:\AdwCleaner
2015-01-21 22:44 - 2015-01-21 22:44 - 02186752 _____ () C:\Users\charles\Downloads\adwcleaner_4.108.exe
2015-01-21 22:43 - 2015-01-21 22:43 - 00000106 _____ () C:\Users\charles\Desktop\techspot.url
2015-01-20 00:01 - 2015-01-20 00:01 - 00029530 _____ () C:\ComboFix.txt
2015-01-19 23:05 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-19 23:05 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-19 23:05 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-19 23:05 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-19 23:04 - 2015-01-19 23:04 - 00000000 ____D () C:\Users\charles\Documents\ProcAlyzer Dumps
2015-01-19 23:01 - 2015-01-19 23:01 - 00001766 _____ () C:\Users\charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-19 22:59 - 2015-01-20 00:02 - 00000000 ____D () C:\Qoobox
2015-01-19 22:58 - 2015-01-19 23:52 - 00000000 ____D () C:\Windows\erdnt
2015-01-19 22:58 - 2015-01-19 22:58 - 05608785 ____R (Swearware) C:\Users\charles\Downloads\ComboFix.exe
2015-01-19 18:53 - 2015-01-19 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-19 18:52 - 2015-01-19 19:12 - 00000000 ____D () C:\Users\charles\Desktop\mbar
2015-01-19 18:52 - 2015-01-19 18:52 - 16466552 _____ (Malwarebytes Corp.) C:\Users\charles\Downloads\mbar-1.08.3.1004.exe
2015-01-19 18:45 - 2015-01-19 18:45 - 00003844 _____ () C:\Users\charles\Desktop\RKreport_DEL_01192015_184457.log
2015-01-19 16:29 - 2015-01-19 16:29 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-19 16:29 - 2015-01-19 16:29 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-19 16:27 - 2015-01-19 16:27 - 15431256 _____ () C:\Users\charles\Downloads\RogueKiller.exe
2015-01-18 23:07 - 2015-01-21 23:17 - 00001424 _____ () C:\Windows\DtcInstall.log
2015-01-18 23:04 - 2015-01-21 23:14 - 00003145 _____ () C:\Windows\comsetup.log
2015-01-18 22:56 - 2015-01-21 23:18 - 00767219 _____ () C:\Windows\setupact.log
2015-01-18 22:56 - 2015-01-21 23:18 - 00047628 _____ () C:\Windows\diagwrn.xml
2015-01-18 22:56 - 2015-01-21 23:18 - 00047628 _____ () C:\Windows\diagerr.xml
2015-01-18 22:56 - 2015-01-18 22:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 22:20 - 2015-01-18 22:21 - 00029956 _____ () C:\Users\charles\Desktop\dds.txt
2015-01-18 22:20 - 2015-01-18 22:21 - 00006883 _____ () C:\Users\charles\Desktop\attach.txt
2015-01-18 22:18 - 2015-01-18 22:18 - 00688992 ____R (Swearware) C:\Users\charles\Downloads\dds.com
2015-01-18 22:10 - 2015-01-18 22:10 - 00014020 _____ () C:\Users\charles\Desktop\MBAM 011815.txt
2015-01-18 22:07 - 2015-01-18 22:07 - 00000000 ___RD () C:\Users\charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-18 11:49 - 2015-01-21 22:55 - 00005136 _____ () C:\Windows\PFRO.log
2015-01-18 11:48 - 2015-01-18 22:14 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-01-17 17:52 - 2015-01-17 17:52 - 00000000 ____D () C:\ProgramData\dbnfimbplhdcbeeffenefbnookangkpn
2015-01-17 17:41 - 2015-01-21 22:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-17 17:39 - 2015-01-19 18:52 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-17 17:39 - 2015-01-17 17:39 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-17 17:39 - 2015-01-17 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-17 17:39 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-17 17:39 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-17 17:38 - 2015-01-17 17:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-17 17:38 - 2015-01-17 17:38 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-17 17:38 - 2015-01-17 17:38 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-17 17:38 - 2015-01-17 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-17 17:38 - 2015-01-17 17:38 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-17 17:37 - 2015-01-17 17:38 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\charles\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-17 17:32 - 2015-01-17 17:32 - 05317104 _____ (Piriform Ltd) C:\Users\charles\Downloads\ccsetup501.exe
2015-01-17 17:32 - 2015-01-17 17:32 - 05317104 _____ (Piriform Ltd) C:\Users\charles\Downloads\ccsetup501 (1).exe
2015-01-17 17:27 - 2015-01-17 17:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-17 17:26 - 2015-01-19 23:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-17 17:26 - 2015-01-17 17:29 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-17 17:26 - 2015-01-17 17:26 - 00001393 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-17 17:26 - 2015-01-17 17:26 - 00001381 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-17 17:26 - 2015-01-17 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-17 17:26 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-01-17 17:24 - 2015-01-17 17:25 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\charles\Downloads\spybot-2.4.exe
2015-01-17 17:15 - 2015-01-17 17:15 - 00000000 ____D () C:\Program Files (x86)\sAleoffer
2015-01-17 17:15 - 2015-01-17 17:15 - 00000000 ____D () C:\Program Files (x86)\DDolllarsaver
2015-01-13 16:45 - 2014-11-05 01:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-13 16:45 - 2014-11-05 01:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-13 16:45 - 2014-11-01 01:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-13 16:45 - 2014-10-30 02:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-13 16:45 - 2014-10-30 00:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-13 16:45 - 2014-10-29 09:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-01-13 16:45 - 2014-10-27 17:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-13 15:35 - 2014-12-19 01:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 15:35 - 2014-12-06 02:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-13 15:35 - 2014-12-06 02:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-13 15:35 - 2014-12-06 02:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 15:35 - 2014-12-06 02:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 15:35 - 2014-12-06 02:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 15:35 - 2014-12-06 02:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-13 15:35 - 2014-12-06 02:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-13 15:35 - 2014-12-06 02:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-13 15:35 - 2014-12-06 01:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-13 15:35 - 2014-12-06 01:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-13 15:35 - 2014-12-06 01:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-13 15:35 - 2014-12-06 01:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 15:35 - 2014-11-26 21:40 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-13 15:35 - 2014-11-26 20:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-13 15:35 - 2014-11-15 01:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-13 15:35 - 2014-11-15 00:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-13 15:35 - 2014-11-15 00:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-13 15:35 - 2014-11-15 00:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-01-13 15:35 - 2014-11-14 22:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-13 15:35 - 2014-11-14 22:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-13 15:35 - 2014-11-14 22:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-13 15:35 - 2014-11-14 22:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-13 15:34 - 2014-12-11 02:35 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 15:34 - 2014-12-11 01:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 15:34 - 2014-12-09 02:12 - 00590816 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-01-13 15:34 - 2014-12-09 02:12 - 00467408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-01-13 15:34 - 2014-10-21 22:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-01-13 15:34 - 2014-10-21 20:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-01-13 15:34 - 2014-10-21 20:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-13 15:34 - 2014-10-21 20:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-01-13 15:34 - 2014-10-21 20:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-01-13 15:34 - 2014-10-21 20:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-13 15:34 - 2014-10-21 20:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-01-13 15:33 - 2014-12-18 23:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 15:05 - 2015-01-13 15:05 - 00000000 ____D () C:\cd87a0837028cf3f37a0da35e705
2015-01-12 20:44 - 2015-01-12 20:44 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-12 20:44 - 2015-01-12 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-12 20:42 - 2015-01-21 22:56 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 20:42 - 2015-01-21 22:47 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 20:42 - 2015-01-12 20:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-12 20:42 - 2015-01-12 20:42 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-12 20:39 - 2015-01-12 20:39 - 00000000 ____D () C:\Temp1234
2015-01-12 20:26 - 2015-01-12 20:26 - 00880784 _____ (Google Inc.) C:\Users\charles\Downloads\ChromeSetup.exe
2015-01-12 19:59 - 2015-01-12 19:59 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2015-01-12 19:59 - 2015-01-12 19:59 - 00000000 ____D () C:\Program Files (x86)\Save Me
2015-01-12 19:57 - 2015-01-12 19:57 - 00000000 ____D () C:\ProgramData\gcenpgoonkkmkidogfdodfglpibcabna
2015-01-12 19:56 - 2015-01-18 19:04 - 00000000 ____D () C:\ProgramData\{1a4c38d3-fbdd-9855-1a4c-c38d3fbde34f}
2015-01-11 02:43 - 2015-01-11 02:43 - 01381864 _____ (Anvisoft Corporation) C:\Users\charles\Downloads\AnviUnIns.exe
2015-01-11 02:41 - 2015-01-17 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2015-01-11 02:41 - 2015-01-17 17:18 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2015-01-11 02:38 - 2015-01-11 02:39 - 16513448 _____ (Anvisoft) C:\Users\charles\Downloads\csbsetup.exe
2015-01-11 02:36 - 2015-01-11 02:39 - 35947248 _____ (Anvisoft) C:\Users\charles\Downloads\asdsetup.exe
2014-12-29 22:08 - 2014-12-29 22:08 - 00000981 _____ () C:\Users\Public\Desktop\PrtScr.lnk
2014-12-29 22:08 - 2014-12-29 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrtScr
2014-12-29 22:08 - 2014-12-29 22:08 - 00000000 ____D () C:\Program Files (x86)\PrtScr
2014-12-29 22:07 - 2014-12-29 22:08 - 04573535 _____ (FireStarter ) C:\Users\charles\Downloads\PrtScrSetup.exe
2014-12-28 19:59 - 2015-01-18 22:08 - 00000000 ____D () C:\Users\charles\AppData\Roaming\Curse Client
2014-12-28 19:59 - 2014-12-28 19:59 - 00001044 _____ () C:\Users\charles\Desktop\Curse.lnk
2014-12-28 19:59 - 2014-12-28 19:59 - 00001030 _____ () C:\Users\charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-12-28 19:58 - 2014-12-28 19:58 - 00000000 ____D () C:\Users\charles\AppData\Roaming\Curse
2014-12-28 18:28 - 2014-12-28 18:30 - 32691072 _____ (Curse) C:\Users\charles\Downloads\CurseClientSetup.exe
2014-12-26 21:50 - 2014-12-26 21:50 - 00000000 ____D () C:\Program Files (x86)\GUME017.tmp
2014-12-26 21:50 - 2014-12-26 21:50 - 00000000 _____ () C:\Program Files (x86)\GUTE018.tmp
2014-12-26 21:48 - 2014-12-26 21:48 - 06000640 _____ () C:\Program Files (x86)\GUTC3CF.tmp
2014-12-26 21:48 - 2014-12-26 21:48 - 00000000 ____D () C:\Program Files (x86)\GUMC3BE.tmp
2014-12-26 21:34 - 2014-08-29 17:21 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-26 10:26 - 2015-01-17 22:47 - 00000000 ____D () C:\ProgramData\DDolllarsaver
2014-12-26 10:25 - 2015-01-18 04:28 - 00000000 ____D () C:\ProgramData\sAleoffer
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 23:14 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\Registration
2015-01-21 23:10 - 2014-11-21 17:09 - 00000000 ___HD () C:\$Windows.~BT
2015-01-21 23:05 - 2013-07-11 06:55 - 01717951 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 23:04 - 2013-07-11 07:25 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-01-21 23:02 - 2014-02-09 15:09 - 00001846 _____ () C:\Users\Public\Desktop\McAfee Total Protection.lnk
2015-01-21 23:02 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2015-01-21 23:00 - 2014-05-18 01:39 - 00000000 ____D () C:\Users\charles\AppData\Roaming\Skype
2015-01-21 22:57 - 2014-02-09 15:08 - 00000000 __RSD () C:\Users\charles\Documents\McAfee Vaults
2015-01-21 22:55 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 22:52 - 2013-12-23 09:39 - 00000995 _____ () C:\Users\charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-21 22:52 - 2013-12-23 09:37 - 00000000 ____D () C:\Users\charles
2015-01-21 22:48 - 2014-08-01 11:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 22:45 - 2013-12-23 21:26 - 00000000 ____D () C:\Users\charles\AppData\Local\CrashDumps
2015-01-20 00:01 - 2012-07-26 00:37 - 00000000 __RHD () C:\Users\Default
2015-01-19 23:30 - 2012-07-26 00:26 - 00000215 _____ () C:\Windows\system.ini
2015-01-19 18:06 - 2013-12-23 09:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713114901-669005825-1231334889-1001
2015-01-19 13:04 - 2014-01-20 14:32 - 00000000 ____D () C:\Users\charles\AppData\Roaming\uTorrent
2015-01-18 23:08 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-18 22:13 - 2012-07-26 02:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 19:03 - 2014-05-18 01:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-18 19:03 - 2014-05-18 01:39 - 00000000 ____D () C:\ProgramData\Skype
2015-01-18 12:15 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\rescache
2015-01-18 11:49 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-18 11:48 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\WinStore
2015-01-18 04:28 - 2014-02-19 14:46 - 00000000 ____D () C:\Users\charles\AppData\Roaming\WordExtra
2015-01-17 23:02 - 2012-07-26 02:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-17 17:56 - 2014-09-02 19:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-17 17:55 - 2014-01-23 15:38 - 00000000 ____D () C:\Windows\Minidump
2015-01-17 17:55 - 2013-07-11 06:26 - 00000000 ____D () C:\Windows\Panther
2015-01-13 15:06 - 2013-12-25 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 15:05 - 2013-12-25 15:23 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 14:48 - 2014-08-01 11:42 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 20:44 - 2013-12-23 09:44 - 00000000 ____D () C:\Users\charles\AppData\Local\Google
2015-01-12 20:43 - 2013-12-23 09:44 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-12 20:39 - 2012-07-26 00:26 - 00000000 ____D () C:\Syst56171D6F
2015-01-12 20:38 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-12 18:31 - 2013-12-30 21:10 - 00000000 ____D () C:\Program Files (x86)\sp
2015-01-12 18:06 - 2014-07-18 20:50 - 00000002 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-05 18:28 - 2014-11-15 19:21 - 00714176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-05 18:28 - 2014-11-15 19:21 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-28 20:03 - 2014-05-10 15:02 - 00000000 ____D () C:\Users\charles\Documents\My Games
2014-12-26 21:43 - 2013-12-23 09:42 - 00000000 ____D () C:\Users\charles\AppData\Local\Deployment
2014-12-26 21:33 - 2014-08-29 17:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-26 21:29 - 2012-07-26 00:26 - 00000199 _____ () C:\Windows\win.ini
2014-12-25 06:52 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-23 21:00 - 2013-12-23 09:37 - 00000000 ____D () C:\Users\charles\AppData\Local\Packages
2014-12-23 02:48 - 2014-02-09 15:00 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-12-22 20:35 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
==================== Files in the root of some directories =======
2014-12-26 21:48 - 2014-12-26 21:48 - 6000640 _____ () C:\Program Files (x86)\GUTC3CF.tmp
2014-12-26 21:50 - 2014-12-26 21:50 - 0000000 _____ () C:\Program Files (x86)\GUTE018.tmp
2014-05-19 19:43 - 2014-05-19 19:43 - 0000045 _____ () C:\Users\charles\AppData\Roaming\WB.CFG
2014-05-30 19:58 - 2014-05-30 19:58 - 0000003 _____ () C:\Users\charles\AppData\Local\updater.log
2014-05-30 19:58 - 2014-12-17 20:11 - 0000425 _____ () C:\Users\charles\AppData\Local\UserProducts.xml
2014-02-19 15:13 - 2014-02-19 15:13 - 0000032 _____ () C:\ProgramData\Temp.log
2013-07-11 07:24 - 2013-07-11 07:24 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-07-11 07:20 - 2013-07-11 07:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-07-11 07:21 - 2013-07-11 07:23 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-07-11 07:19 - 2013-07-11 07:20 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-07-11 07:23 - 2013-07-11 07:24 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Files to move or delete:
====================
C:\Users\charles\jagex_cl_runescape_LIVE.dat
C:\Users\charles\random.dat
Some content of TEMP:
====================
C:\Users\charles\AppData\Local\temp\Quarantine.exe
C:\Users\charles\AppData\Local\temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-19 03:00
==================== End Of Log ============================