Will get to the D Drive thing in a bit, here is the FRST scan
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Jack (administrator) on MIDGE-PC on 01-04-2015 16:54:30
Running from C:\Users\Jack\Desktop\Desktop
Loaded Profiles: Jack (Available profiles: Jack)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\Pgrouncounsterheads\Pgrouncounsterheads.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\gs_agent\dsc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [167936 2008-05-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-03] (Creative Technology Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-11-12] (IDT, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3444736 2008-05-18] (Dell Inc.)
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-12-14] (Apple Inc.)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2014-03-18] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-31] (Avast Software s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [202544 2008-03-11] (SupportSoft, Inc.)
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\...\Run: [Facebook Update] => C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-09] (Facebook Inc.)
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\...\Run: [Itibiti.exe] => C:\Program Files\Itibiti Soft Phone\Itibiti.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3857334386-3578862484-2166480049-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3857334386-3578862484-2166480049-1001] => http=127.0.0.1:9880
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=U146&ocid=U146DHP&osmkt=en-us
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080718
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.com
http://www.google.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {3615685E-8A12-4F75-A801-F3BE446C30FA} URL =
http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {100AFBBC-BE34-4149-865B-4CC19D82165D} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {10E376E5-3470-4362-B003-88204F11BABB} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {352590F2-1249-4B8B-ACEE-9873AA1A4AE9} URL =
https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {5FB712C7-830D-46CD-BA9E-9FA9D2400D9C} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {93BF13E6-90E8-4177-9F09-8F348CA677D9} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {C78FAE8E-01C1-4736-9F61-704F419DC2E6} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {EECC830F-8C53-4B83-A8A9-CAF383AC0ACD} URL =
SearchScopes: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> {FCF01386-9B5F-45F6-8744-9C1FAB0D0505} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-31] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-31] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-31] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-31] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-31] (Google Inc.)
Toolbar: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-31] (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\WebWatcherLSP.dll [326000] (WebWatcher)
Winsock: Catalog9 02 C:\Windows\system32\WebWatcherLSP.dll [326000] (WebWatcher)
Winsock: Catalog9 03 C:\Windows\system32\WebWatcherLSP.dll [326000] (WebWatcher)
Winsock: Catalog9 04 C:\Windows\system32\WebWatcherLSP.dll [326000] (WebWatcher)
Winsock: Catalog9 33 C:\Windows\system32\WebWatcherLSP.dll [326000] (WebWatcher)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 74.40.74.40
FireFox:
========
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\kiup5llw.default-1423360985102
FF NewTab:
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine:
FF Homepage: hxxp://
www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-09-01] (Google)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-03-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-03-18] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3857334386-3578862484-2166480049-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jack\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-03-18] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-04-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-04-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-04-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-04-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-04-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-03-18] (RealPlayer)
FF Extension: WOT - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\kiup5llw.default-1423360985102\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-31]
FF Extension: Adblock Plus - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\kiup5llw.default-1423360985102\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: The Browser Highlighter - C:\Program Files\Mozilla Firefox\extensions\
browserhighlighter@ebay.com [2015-01-26]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-01-26]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\
healthcare@healthcaregovtool.com.xpi [2015-02-25]
FF Extension: Healthcare Gov Tool - C:\Program Files\Mozilla Firefox\browser\extensions\
healthcare@healthcaregovtool.com.xpi [2015-02-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-19]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-18]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-31]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://
www.google.com/"
CHR DefaultSuggestURL: Default ->
https://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo Web) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-08]
CHR Extension: (Google Search) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-08]
CHR Extension: (RealDownloader) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-09-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-08]
CHR Extension: (Gmail) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-31]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-31] (Avast Software s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-07-18] (Citrix Online, a division of Citrix Systems, Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-12] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-12] (Hewlett-Packard Co.) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pgrouncounsterheads; C:\Program Files\Pgrouncounsterheads\Pgrouncounsterheads.exe [256512 2015-03-25] () [File not signed] <==== ATTENTION
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [202544 2008-03-11] (SupportSoft, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2008-05-18] (Dell Inc.) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-03-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-03-31] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-03-31] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-03-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-03-31] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-03-31] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-03-31] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-03-31] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [File not signed]
R1 wwwd; C:\Windows\system32\Drivers\wwwd.sys [28336 2015-03-12] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\Users\Jack\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-01 12:52 - 2015-04-01 12:53 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2015-04-01 12:52 - 2015-04-01 12:52 - 00000857 _____ () C:\Users\Public\Desktop\MyDefrag.lnk
2015-04-01 12:52 - 2015-04-01 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
2015-04-01 12:52 - 2010-05-21 12:11 - 01061888 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe
2015-04-01 12:52 - 2010-05-21 12:11 - 00475648 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr
2015-03-31 20:34 - 2015-03-31 20:34 - 00135160 _____ () C:\Windows\Minidump\Mini033115-02.dmp
2015-03-31 20:23 - 2015-03-31 20:32 - 00000000 ___SD () C:\your-name
2015-03-31 20:18 - 2015-03-31 20:21 - 00003698 _____ () C:\Users\Jack\Desktop\Rkill.txt
2015-03-31 20:18 - 2015-03-31 20:18 - 00000000 ____D () C:\Users\Jack\Desktop\rkill
2015-03-31 19:42 - 2015-03-31 19:42 - 00139232 _____ () C:\Windows\Minidump\Mini033115-01.dmp
2015-03-31 19:20 - 2015-03-31 19:20 - 00000000 ____D () C:\Qoobox
2015-03-31 19:20 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-31 19:20 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-31 19:20 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-31 19:20 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-31 19:20 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-31 19:20 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-31 19:20 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-31 19:20 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-31 19:19 - 2015-03-31 19:19 - 00000000 ____D () C:\Windows\erdnt
2015-03-31 19:06 - 2008-03-06 00:58 - 00172032 _____ (Intel Corporation) C:\Windows\system32\igfxres.dll
2015-03-31 17:59 - 2015-03-31 17:59 - 00001591 _____ () C:\Users\Jack\Desktop\JRT.txt
2015-03-31 17:36 - 2015-03-31 17:42 - 00000000 ____D () C:\AdwCleaner
2015-03-31 17:28 - 2015-03-31 17:28 - 00001060 _____ () C:\Users\Jack\Desktop\MBAM.txt
2015-03-31 16:15 - 2015-03-31 17:01 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-31 16:15 - 2015-03-31 16:15 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-31 15:29 - 2015-03-31 15:29 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-03-31 15:29 - 2015-03-31 15:29 - 00001903 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-03-31 15:29 - 2015-03-31 15:29 - 00000000 ____D () C:\Program Files\Belarc
2015-03-31 15:26 - 2015-03-31 15:26 - 00000000 ____D () C:\ProgramData\Sun
2015-03-31 15:25 - 2015-03-31 15:25 - 00000000 ____D () C:\Windows\Sun
2015-03-31 15:23 - 2015-03-31 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-31 15:23 - 2015-03-31 15:22 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-03-31 15:22 - 2015-03-31 15:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-31 15:18 - 2015-03-31 15:18 - 00001835 _____ () C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-03-31 15:18 - 2015-03-31 15:18 - 00001805 _____ () C:\Users\Jack\Desktop\FileHippo App Manager.lnk
2015-03-31 15:18 - 2015-03-31 15:18 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-03-31 15:18 - 2015-03-31 15:18 - 00000000 ____D () C:\Program Files\FileHippo.com
2015-03-31 13:36 - 2015-04-01 16:54 - 00000000 ____D () C:\FRST
2015-03-31 13:03 - 2015-03-31 13:03 - 00001831 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-31 13:02 - 2015-03-31 10:17 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-31 12:09 - 2015-03-31 12:11 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-31 12:09 - 2015-03-31 12:11 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-31 12:09 - 2015-03-31 12:09 - 00000878 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-03-31 12:09 - 2015-03-31 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-31 12:09 - 2015-03-31 12:09 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-31 12:03 - 2015-03-31 12:14 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Dropbox
2015-03-31 11:26 - 2015-03-31 11:26 - 00000848 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-31 11:01 - 2015-03-31 17:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-31 10:59 - 2015-03-31 10:59 - 00001059 _____ () C:\Users\Jack\Desktop\Revo Uninstaller.lnk
2015-03-31 10:59 - 2015-03-31 10:59 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-31 10:51 - 2015-03-31 10:51 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-31 10:51 - 2015-03-31 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-31 10:50 - 2015-03-31 10:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-31 10:50 - 2015-03-31 10:50 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-31 10:50 - 2015-03-17 06:57 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-31 10:50 - 2015-03-17 06:57 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-31 10:50 - 2015-03-17 06:57 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-31 10:21 - 2015-03-31 10:21 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\AVAST Software
2015-03-31 10:20 - 2015-03-31 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-31 10:17 - 2015-03-31 10:17 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-31 10:17 - 2015-03-31 10:17 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-31 10:17 - 2015-03-31 10:17 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-31 10:15 - 2015-03-31 10:15 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-31 10:14 - 2015-03-31 10:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-31 09:21 - 2015-03-31 09:21 - 00000000 ____D () C:\SUPERDelete
2015-03-31 09:17 - 2015-03-31 09:18 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-31 09:17 - 2015-03-31 09:17 - 00001802 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-03-31 09:17 - 2015-03-31 09:17 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\SUPERAntiSpyware.com
2015-03-31 09:17 - 2015-03-31 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-29 23:59 - 2015-03-31 17:27 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\pdfie
2015-03-29 23:59 - 2015-03-31 10:51 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\orlando
2015-03-29 23:59 - 2015-03-31 10:51 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\jellylam
2015-03-28 23:28 - 2015-03-28 23:28 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\PDFConvert
2015-03-28 23:26 - 2015-03-28 23:26 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Lavasoft
2015-03-28 23:26 - 2015-03-28 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-28 23:25 - 2015-03-28 23:25 - 00000000 __SHD () C:\Program Files\Pgrouncounsterheads
2015-03-28 22:39 - 2015-03-28 22:39 - 00000000 ____D () C:\Users\Jack\AppData\Local\Skype
2015-03-28 22:28 - 2015-03-28 22:28 - 00009832 _____ () C:\Windows\system32\WebWatcherProxyOff.ini
2015-03-28 22:28 - 2015-03-28 22:28 - 00000000 ____D () C:\Users\Jack\AppData\Local\WebWatcherProxy
2015-03-28 22:28 - 2015-03-12 15:50 - 00028336 _____ () C:\Windows\system32\Drivers\wwwd.sys
2015-03-28 22:27 - 2015-03-28 22:27 - 00000000 ____D () C:\ProgramData\SearchModulePlus
2015-03-28 22:27 - 2015-03-12 15:50 - 00326000 _____ (WebWatcher) C:\Windows\system32\WebWatcherLSP.dll
2015-03-28 22:26 - 2015-03-31 17:27 - 00000000 ____D () C:\Program Files\SysFiles
2015-03-28 22:26 - 2015-03-28 22:26 - 00000000 ____D () C:\Windows\SysHealthController
2015-03-28 22:26 - 2015-03-28 22:26 - 00000000 ____D () C:\Windows\SysFilesController
2015-03-28 22:26 - 2015-03-28 22:26 - 00000000 ____D () C:\Users\Jack\AppData\Local\CrashRpt
2015-03-28 22:19 - 2015-03-28 22:20 - 00561664 _____ () C:\Users\Jack\Downloads\Skype.exe
2015-03-27 23:47 - 2015-03-27 23:47 - 00139232 _____ () C:\Windows\Minidump\Mini032715-01.dmp
2015-03-24 01:03 - 2015-03-24 01:03 - 00139232 _____ () C:\Windows\Minidump\Mini032415-01.dmp
2015-03-23 19:19 - 2015-03-23 19:19 - 00139232 _____ () C:\Windows\Minidump\Mini032315-01.dmp
2015-03-20 14:36 - 2015-03-20 14:36 - 01925656 _____ () C:\Users\Jack\Downloads\4.wmv
2015-03-20 02:01 - 2015-03-20 02:01 - 00139232 _____ () C:\Windows\Minidump\Mini032015-01.dmp
2015-03-17 21:28 - 2015-03-17 21:29 - 00430568 _____ () C:\Users\Jack\Downloads\setup (1).exe
2015-03-17 13:11 - 2015-03-17 13:11 - 00000000 __SHD () C:\found.007
2015-03-16 14:09 - 2015-03-16 14:09 - 00139232 _____ () C:\Windows\Minidump\Mini031615-01.dmp
2015-03-09 20:01 - 2015-03-09 20:01 - 00139232 _____ () C:\Windows\Minidump\Mini030915-01.dmp
2015-03-05 23:54 - 2015-03-05 23:54 - 00139232 _____ () C:\Windows\Minidump\Mini030515-01.dmp
2015-03-04 19:32 - 2015-03-04 19:32 - 00000000 ____D () C:\extensions
2015-03-04 19:31 - 2015-03-04 19:32 - 02219656 _____ (Microsoft Corporation) C:\Users\Jack\Downloads\DefaultPack (1).EXE
2015-03-04 19:31 - 2015-03-04 19:31 - 02219656 _____ (Microsoft Corporation) C:\Users\Jack\Downloads\DefaultPack.EXE
2015-03-04 19:22 - 2015-03-31 12:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-04 19:22 - 2015-03-31 11:26 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-04 19:20 - 2015-03-04 19:20 - 00243424 _____ () C:\Users\Jack\Downloads\Firefox Setup Stub 36.0.exe
2015-03-03 00:34 - 2015-03-03 00:34 - 00139232 _____ () C:\Windows\Minidump\Mini030215-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-01 16:49 - 2014-06-09 16:44 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001UA.job
2015-04-01 16:49 - 2014-06-09 16:44 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001Core.job
2015-04-01 16:46 - 2014-08-18 20:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-01 16:23 - 2010-02-23 12:50 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-01 15:54 - 2008-07-18 06:20 - 01266192 _____ () C:\Windows\WindowsUpdate.log
2015-04-01 15:40 - 2010-02-23 12:50 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-01 15:40 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 15:40 - 2006-11-02 05:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 15:40 - 2006-11-02 05:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 15:30 - 2008-08-25 17:26 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-01 15:30 - 2006-11-02 06:01 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-01 15:08 - 2006-11-02 05:47 - 00302864 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-01 12:23 - 2015-02-22 22:38 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{93A42882-E554-4369-9F48-A4CA0FEB9E2D}.job
2015-03-31 20:34 - 2010-08-20 13:47 - 00000000 ____D () C:\Windows\Minidump
2015-03-31 20:33 - 2010-08-20 13:46 - 273403894 _____ () C:\Windows\MEMORY.DMP
2015-03-31 20:33 - 2008-01-20 19:47 - 01071062 _____ () C:\Windows\PFRO.log
2015-03-31 19:42 - 2008-07-18 11:39 - 00000000 ____D () C:\Program Files\Google
2015-03-31 18:15 - 2015-01-26 15:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-31 17:42 - 2014-03-17 17:53 - 00000981 _____ () C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-31 15:26 - 2008-07-18 11:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-31 15:22 - 2008-07-18 11:30 - 00000000 ____D () C:\Program Files\Java
2015-03-31 15:19 - 2014-03-18 12:27 - 00000000 ____D () C:\Users\Jack\AppData\Local\CrashDumps
2015-03-31 14:30 - 2014-03-18 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-31 14:21 - 2006-11-02 03:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-31 13:51 - 2015-01-09 12:54 - 00000000 ____D () C:\Users\Jack\AppData\Local\2d684269-0a27-4fc5-b6b6-50b33ea5e2c7
2015-03-31 11:19 - 2006-11-02 05:52 - 00091437 _____ () C:\Windows\setupact.log
2015-03-31 11:00 - 2014-03-17 17:54 - 00000000 ____D () C:\Users\Jack\AppData\Local\Google
2015-03-31 10:19 - 2008-07-18 11:39 - 00000000 ____D () C:\ProgramData\Google
2015-03-31 10:09 - 2008-12-06 08:41 - 00000000 ____D () C:\Program Files\Yahoo!
2015-03-31 09:07 - 2008-12-06 08:43 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-03-31 09:05 - 2014-03-17 17:54 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\yahoo!
2015-03-31 09:03 - 2009-04-12 14:37 - 00000000 ____D () C:\Program Files\Safari
2015-03-29 23:59 - 2006-11-02 04:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-29 09:12 - 2014-03-17 17:53 - 00000000 ____D () C:\Users\Jack\AppData\Local\VirtualStore
2015-03-29 09:07 - 2014-08-27 22:40 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Skype
2015-03-29 09:07 - 2009-07-09 15:14 - 00000000 ___RD () C:\Program Files\Skype
2015-03-29 09:07 - 2009-07-09 15:14 - 00000000 ____D () C:\ProgramData\Skype
2015-03-28 22:42 - 2006-11-02 04:18 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-20 14:46 - 2014-03-17 21:42 - 00024576 _____ () C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-19 10:46 - 2014-04-24 12:18 - 00005972 _____ () C:\Users\Jack\AppData\Local\d3d9caps.dat
2015-03-11 03:05 - 2008-08-12 18:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
==================== Files in the root of some directories =======
2014-04-24 12:18 - 2015-03-19 10:46 - 0005972 _____ () C:\Users\Jack\AppData\Local\d3d9caps.dat
2014-03-17 21:42 - 2015-03-20 14:46 - 0024576 _____ () C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-09 20:21 - 2014-11-09 20:21 - 0000000 _____ () C:\Users\Jack\AppData\Local\{0AAA277D-EA8D-4BAB-ACC3-4F373991FFF2}
2014-12-15 13:20 - 2014-12-15 13:20 - 0000000 _____ () C:\Users\Jack\AppData\Local\{2773CCC5-81B8-41A7-85E2-A97C3D465934}
2015-01-27 10:16 - 2015-01-27 10:16 - 0000000 _____ () C:\Users\Jack\AppData\Local\{B27C8CCD-011A-4035-B2EA-5DA4CAE456DF}
2015-01-28 14:30 - 2015-01-28 14:30 - 0000000 _____ () C:\Users\Jack\AppData\Local\{E832B156-6472-47C5-B261-6AAF5256A75A}
2009-07-09 15:18 - 2009-07-09 15:18 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-03-09 15:31 - 2011-02-04 16:41 - 0003986 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Jack\AppData\Local\Temp\dufgmr4c.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-01 15:49
==================== End Of Log ============================
, I ran Combofix & once it got to 32, it crashed & gave me a blue screen . it booted to the screen with start windows normally which it did.
