Solved Malicious items found by Malwarebytes recreating

[LonnieD]

Hello
Malwarebytes is detecting malicious items that are recreating. The computer is does not appear to be having problems. Thank you
Second DDS file on next message.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/3/2015
Scan Time: 3:30:02 AM
Logfile: MBAM-dawk.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.03.02
Rootkit Database: v2014.12.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lonnie Dawkins

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 552308
Time Elapsed: 14 hr, 2 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.SearchLock.A, C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol, Quarantined, [a05ea84a51382f07d2af4015e320aa56],
PUP.Optional.SearchLock.A, C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol\1.1.0_0, Quarantined, [a05ea84a51382f07d2af4015e320aa56],
PUP.Optional.SearchLock.A, C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol\1.1.0_0\_metadata, Quarantined, [a05ea84a51382f07d2af4015e320aa56],

Files: 2
PUP.Optional.SearchLock.A, C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol\1.1.0_0\_metadata\computed_hashes.json, Quarantined, [a05ea84a51382f07d2af4015e320aa56],
PUP.Optional.SearchLock.A, C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol\1.1.0_0\_metadata\verified_contents.json, Quarantined, [a05ea84a51382f07d2af4015e320aa56],

Physical Sectors: 0
(No malicious items detected)


(end)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 11.25.2
Run by Lonnie Dawkins at 18:36:57 on 2015-01-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.1691 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\vVX6000.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\CompanionLink\CompanionLink.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\program files (x86)\companionlink\DCLHelper\CLDCLHelper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 3.6\lightroom.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.lonniedawkins.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Search App by Ask: {5245414C-312D-5350-00A7-7A786E7484D7} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
TB: Search App by Ask: {5245414C-312D-5350-00A7-7A786E7484D7} -
uRun: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk
uRun: [Facebook Update] "C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [CompanionLink] "c:\program files (x86)\companionlink\companionlink.exe" -Icon
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\el] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\el"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
uRunOnce: [Uninstall C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"
uRunOnce: [Adobe Speed Launcher] 1419561055
uRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGOCA~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PRINTE~1.LNK - C:\Program Files (x86)\EPSON\EPSON LFP Remote Panel\Stylus Pro 3880\Printer Watcher\Printer Watcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PROFIL~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {62AEFF80-16AD-4AC4-B812-E70EB5F37301} - hxxp://www.zenfolio.com/zf/code/upload-ie-win-x86.cab
DPF: {7DD62E58-5FA8-11D2-AFB7-00104B64F126} - hxxps://www.svharbor.com/epass/swiftview/svinstall_a.8.0.2.0.cab
DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} - hxxps://www36.verizon.com/FiOSVoice/UnProtected/FiosVoiceVMUtil.CAB
DPF: {D00CB680-081D-4F94-97D5-75DEDDC374ED} - hxxps://www36.verizon.com/fiosvoice/Downloads/FiosVoiceWebCntrl.CAB
TCP: NameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{2C72860A-BB5A-4A90-95F0-C3250D048A5E} : DHCPNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{2C72860A-BB5A-4A90-95F0-C3250D048A5E}\144616D637D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2C72860A-BB5A-4A90-95F0-C3250D048A5E}\14C6F66647841627C656D6 : DHCPNameServer = 8.8.8.8 207.59.153.242 66.251.35.130
TCP: Interfaces\{2C72860A-BB5A-4A90-95F0-C3250D048A5E}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{2C72860A-BB5A-4A90-95F0-C3250D048A5E}\C696E6B6379737 : DHCPNameServer = 207.69.188.171 207.69.188.172 207.69.188.185
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Search App by Ask: {5245414C-312D-5350-00A7-7A786E7484D7} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Search App by Ask: {5245414C-312D-5350-00A7-7A786E7484D7} -
x64-Run: [VX6000] C:\Windows\vVX6000.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences Pro\FencesMenu64.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-9 772944]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-9 342416]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-10-25 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-9 203264]
R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-16 2449592]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-4-1 49464]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-19 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-19 969016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-5 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-1-5 182752]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 125584]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-3 31088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-1 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-27 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-19 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-19 63704]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-9 309968]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 516608]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-2-18 337120]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 vrvd5;vrvd5;C:\Windows\System32\drivers\vrvd5.sys [2014-10-13 13344]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/10/25 01:49:41;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-10-25 245232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [?]
S2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe --> C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [?]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\System32\drivers\athrxusb.sys [2008-7-29 1075712]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 70112]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-12-17 110336]
S3 Droppix Service;Droppix Service;C:\Program Files (x86)\Common Files\Droppix\DxService.exe [2011-4-8 151552]
S3 EyeOneDisplay;EyeOneDisplay;C:\Windows\System32\drivers\i1display_x64.sys [2011-4-2 7808]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-2-18 95856]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-17 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-25 232992]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-25 344680]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-12-17 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-28 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 VX6000;Microsoft LifeCam VX-6000;C:\Windows\System32\drivers\VX6000Xp.sys [2010-5-20 2143600]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2015-01-03 23:15:03 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15AA343B-14AE-41C0-9F6C-3C07B7FAB917}\offreg.dll
2015-01-03 00:10:03 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15AA343B-14AE-41C0-9F6C-3C07B7FAB917}\mpengine.dll
2015-01-02 16:22:55 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{384665C9-624E-4ADF-95CE-635887065069}\gapaengine.dll
2015-01-02 16:06:19 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-30 06:02:23 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-19 13:05:57 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AF6E7C06-43D9-49B2-AC88-F7F1275387AD}\gapaengine.dll
2014-12-18 20:23:03 -------- d-----w- C:\Users\Lonnie Dawkins\AppData\Local\{3A0AA0D7-8997-444F-A071-6FB918E06C64}
2014-12-18 05:14:09 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 05:14:09 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-17 06:15:37 206080 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-12-17 06:15:36 110336 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-12-17 06:14:10 -------- d-----w- C:\Program Files\SAMSUNG
2014-12-16 03:03:04 -------- d-----w- C:\Users\Lonnie Dawkins\AppData\Local\{79676E35-349E-4579-B366-52E4567B91A1}
2014-12-13 07:53:02 -------- d-----w- C:\Users\Lonnie Dawkins\AppData\Local\{5E8CD2E6-F5E0-4F34-8634-C17913D4ECEA}
2014-12-10 08:50:36 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 08:13:47 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 08:13:47 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 08:13:47 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 08:13:47 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 08:13:46 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 08:13:46 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 08:13:46 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 08:13:46 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 08:13:46 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 08:13:44 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-09 22:09:52 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-12-09 20:07:57 3981488 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-12-09 17:40:56 -------- d-----w- C:\Users\Lonnie Dawkins\AppData\Local\{577DF27D-76BF-4BD4-95EB-DA23087FCC01}
.
==================== Find3M ====================
.
2015-01-03 05:10:18 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-09 20:08:20 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-09 20:08:19 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 11:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-17 10:09:42 129752 ----a-w- C:\Windows\System32\drivers\5A480277.sys
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-13 09:35:37 70688 ----a-w- C:\Windows\System32\vrvd5.dll
2014-10-13 09:35:37 13344 ----a-w- C:\Windows\System32\drivers\vrvd5.sys
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 18:41:35.32 ===============

 

[LonnieD]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/1/2011 6:59:33 PM
System Uptime: 12/25/2014 12:40:46 PM (222 hours ago)
.
Motherboard: Hewlett-Packard | | 163D
Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz | CPU | 2667/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 668 GiB total, 16.79 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 3.995 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 279 GiB total, 39.101 GiB free.
H: is FIXED (FAT32) - 0 GiB total, 0.082 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP614: 12/22/2014 3:00:26 AM - Windows Update
RP615: 12/25/2014 9:35:17 PM - Windows Update
RP616: 12/28/2014 10:32:58 PM - Windows Backup
RP617: 12/29/2014 1:32:43 PM - Removed Java 7 Update 67
RP618: 12/29/2014 2:55:44 PM - Removed Java 7 Update 67
RP619: 12/29/2014 3:12:47 PM - Windows Update
RP620: 12/29/2014 11:48:28 PM - Removed Java 8 Update 25
RP621: 1/2/2015 11:01:53 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 9.0 Sprint
Adobe Acrobat XI Pro
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Community Help
Adobe Creative Cloud
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CC
Adobe Dreamweaver CC 2014
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CC
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe InDesign CC
Adobe Linguistics CS3
Adobe Media Player
Adobe Muse
Adobe PDF Library Files
Adobe Photoshop CC
Adobe Photoshop CC 2014
Adobe Photoshop CS3
Adobe Photoshop Lightroom 3.6 64-bit
Adobe Photoshop Lightroom 5.6 64-bit
Adobe Reader XI (11.0.10)
Adobe Setup
Adobe Shockwave Player 12.0
Adobe Shockwave Player 12.1
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe® Content Viewer
Agatha Christie - Peril at End House
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUKABOOK Maker2
ATI Catalyst Install Manager
Bay Designer
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
Blackhawk Striker 2
Blasterball 3
Blio
BookSmart® 3.4.4 3.4.4
Bounce Symphony
Broadcom 802.11 Wireless LAN Adapter
Build-a-lot 2
Cake Mania
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon Utilities EOS Utility
Canon Utilities WFT Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Citrix Online Launcher
CompanionLink
Contents
Corel PaintShop Photo Pro X3
Corel VideoStudio Pro X3
CyberLink DVD Suite
D3DX10
DeviceIO
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Droppix Label Maker 2.9.3
DVD Menu Pack for HP MediaSmart Video
EasyRotator Wizard
Energy Star Digital Logo
Epson CreativeZone
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
Epson Event Manager
Epson FAX Utility
EPSON LFP Remote Panel
Epson PC-FAX Driver
Epson Print CD
EPSON Printer Software
EPSON Scan
Epson Stylus Pro 3880 Printer Uninstall
EPSON WorkForce 630 Series Printer Uninstall
EpsonNet Config V3
EpsonNet Print
EpsonNet Setup 3.3
eReg
Escape Rosecliff Island
ESET Online Scanner v3
ESU for Microsoft Windows 7
EVEREST Home Edition v2.20
Evernote v. 4.5.2
Eye-One Match 3.6.2
Facebook Video Calling 3.1.0.521
Family Tree Maker 2010
Farm Frenzy
FATE
Fences Pro
Final Drive Nitro
FlipShare
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
GoToMeeting 5.7.0.1172
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.2.2.3
HP 3D DriveGuard
HP Auto
HP Client Services
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP DVB-T TV Tuner 8.0.64.43
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass Identity Protection
HP Software Framework
HP Support Assistant
HP Support Solutions Framework
HP Wireless Assistant
Hulu Desktop
i1_driver_installer_utility_i1Match version 1.0
ICA
IDT Audio
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Intellisync® for FiOS® Digital Voice
Internet Explorer (Enable DEP)
IPM_PSP_Pro
IPM_VS_Pro
Ipswitch WS_FTP 12
ISCOM
iTunes
Java 8 Update 25
Java Auto Updater
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
LightScribe System Software
LightScribe Template Labeler
Likno Web Scroller Builder 2.0.130
LTCM Client
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft Expression Web
Microsoft Expression Web 4
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft IntelliPoint 8.2
Microsoft LifeCam
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 365 - en-us
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Word MUI (English) 2007
Microsoft OneDrive
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft WSE 3.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Miro Video Converter
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyFreeCodec
Octoshape add-in for Adobe Flash Player
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PDF Settings
PDF Settings CC
PDF Settings CS5
Penguins!
Photodex Presenter
PhotoNow!
PhotoShelter Uploader
PictureMover
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PSPPContent
PSPPRO_DCRAW
PureHD
PX Profile Update
QuickBooks
QuickBooks Pro 2010
QuickTime 7
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
RoxioNow Player
Safari
SAMSUNG USB Driver for Mobile Phones
Search App by Ask
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
Setup
Share
Share64
Shared C Run-time for x64
SwiftView Viewer
swMSM
Synaptics Pointing Device Driver
Times Reader
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Validity Sensors DDK
Viewpoint Media Player
VIO
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual Studio 2010 x64 Redistributables
VSClassic
VSPro
Vz In-Home Agent
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
12/30/2014 3:30:49 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.191.1125.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11302.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/30/2014 3:30:49 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.191.1125.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11302.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/28/2014 2:19:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
12/28/2014 2:19:48 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/28/2014 2:19:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
12/28/2014 11:44:49 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
12/27/2014 2:42:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SDRSVC service.
12/27/2014 10:23:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
12/27/2014 10:22:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
12/27/2014 10:21:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
12/27/2014 10:20:40 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/27/2014 10:19:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
1/3/2015 3:48:08 PM, Error: Schannel [36888] - The following fatal alert was generated: 70. The internal error state is 105.
1/1/2015 6:54:38 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
1/1/2015 12:46:13 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download

Malwarebytes Anti-Rootkit (MBAR) to your desktop.

• Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
• Double click on downloaded file. OK self extracting prompt.
• MBAR will start. Click "Next" to continue.
• Click in the following screen "Update" to obtain the latest malware definitions.
• Once the update is complete select "Next" and click "Scan".
• When the scan is finished and no malware has been found select "Exit".
• If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
• Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

 

[LonnieD]

Thanks Broni, I went to the first link to download RogueKiller, click on download and a different program called zip opener was download and scanned. I didn't click on "fix it" and don't know if that changed anything.
I then went to the second link and downloaded RogueKiller. It never finishes though. After I hit "scan" the proram crashes at "explorer.exe" and never goes past 25%. I even tried renaming the program to "winlogon.exe" and I get the same results. Tried about 5 times.

 

[Broni]

Try to run it from safe mode.
How to start Windows in Safe Mode

If still issues proceed with MBAR.

 

[LonnieD]

Could not run RogueKiller even in safe mode.
"Vosteran Search" tab has appeared and keeps creating itself

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Lonnie Dawkins :: LONNIEDAWKINS [administrator]

1/4/2015 1:46:26 AM
mbar-log-2015-01-04 (01-46-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 553561
Time elapsed: 1 hour(s), 58 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\1887373585 (Rogue.Multiple) -> Delete on reboot. [f670c1328dfc2e08f35e120bb350c13f]

Files Detected: 1
C:\ProgramData\1887373585\BIT72F1.tmp (Rogue.Multiple) -> Delete on reboot. [f670c1328dfc2e08f35e120bb350c13f]

Physical Sectors Detected: 0
(No malicious items detected)

(end)


Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17501

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 8377974784, free: 3895529472

Downloaded database version: v2015.01.04.06
Downloaded database version: v2014.12.30.01
Downloaded database version: v2014.12.06.01
Initializing...
======================
This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.
=======================================
Initializing...
------------ Kernel report ------------
01/04/2015 01:45:38
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\system32\DRIVERS\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\wanatw64.sys
\SystemRoot\system32\DRIVERS\vrvd5.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\WinUSB.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\rikvm_C6F09094.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\shell32.dll
\Windows\System32\advapi32.dll
\Windows\System32\usp10.dll
\Windows\System32\ole32.dll
\Windows\System32\normaliz.dll
\Windows\System32\setupapi.dll
\Windows\System32\msctf.dll
\Windows\System32\urlmon.dll
\Windows\System32\kernel32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\ws2_32.dll
\Windows\System32\user32.dll
\Windows\System32\nsi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\lpk.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800ab1c790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000089\
Lower Device Object: 0xfffffa800ab28b60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800826c790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80080fc050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800826c790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800826c2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800826c790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8008268b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa80080fc050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 40C486BC

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 407552
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 409600 Numsec = 1400961024

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1401370624 Numsec = 63565824

Partition 3 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 1464936448 Numsec = 210672

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800ab1c790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ab28690, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800ab1c790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800ab28b60, DeviceName: \Device\00000089\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 41B176EB

Partition information:

Partition 0 type is Other (0xc)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 586067202
Partition file system is FAT32
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 300069052416 bytes
Sector size: 512 bytes

Done!
Infected: C:\ProgramData\1887373585 --> [Rogue.Multiple]
Infected: C:\ProgramData\1887373585\BIT72F1.tmp --> [Rogue.Multiple]
Scan finished
Creating System Restore point...
Cleaning up...
Removal successful. No system shutdown is required.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[LonnieD]

Thanks for everything so far. I ran this twice because the first time Combofix had not bee saved in on the desktop.

"Vosteran Search" tab seems to have gone away.


ComboFix 15-01-04.01 - Lonnie Dawkins 01/04/2015 22:08:52.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.5692 [GMT -5:00]
Running from: c:\users\Lonnie Dawkins\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\explorer.exe . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2014-12-05 to 2015-01-05 )))))))))))))))))))))))))))))))
.
.
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\Lonnie Dawkins 2\AppData\Local\temp
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\ldawkins\AppData\Local\temp
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\apple\AppData\Local\temp
2015-01-05 04:07 . 2015-01-05 04:07 -------- d-----w- c:\users\AppData\AppData\Local\temp
2015-01-05 02:54 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60760A15-5A82-4D8E-B2B3-841DFE4C569C}\mpengine.dll
2015-01-04 06:45 . 2015-01-04 21:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-04 05:18 . 2014-09-17 03:59 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E38D237A-7460-4024-AFAC-03BF37EEB583}\gapaengine.dll
2015-01-04 04:59 . 2015-01-04 04:59 -------- d-----w- c:\users\Lonnie Dawkins 2\AppData\Local\CrashDumps
2015-01-04 04:37 . 2015-01-04 04:37 -------- d-sh--w- c:\users\Lonnie Dawkins 2\AppData\Local\EmieUserList
2015-01-04 04:37 . 2015-01-04 04:37 -------- d-sh--w- c:\users\Lonnie Dawkins 2\AppData\Local\EmieSiteList
2015-01-04 04:37 . 2015-01-04 04:37 -------- d-sh--w- c:\users\Lonnie Dawkins 2\AppData\Local\EmieBrowserModeList
2015-01-04 01:13 . 2015-01-04 06:26 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-04 01:13 . 2015-01-04 01:13 -------- d-----w- c:\programdata\RogueKiller
2015-01-04 01:01 . 2015-01-04 01:01 -------- d-----w- c:\programdata\Unchecky
2015-01-04 01:01 . 2015-01-04 01:01 -------- d-----w- c:\program files (x86)\Unchecky
2015-01-04 01:01 . 2015-01-04 01:01 -------- d-----w- c:\users\Lonnie Dawkins\AppData\Roaming\DigitalSites
2015-01-04 01:00 . 2015-01-04 06:08 -------- d-----w- c:\program files (x86)\WSE_Vosteran
2015-01-04 01:00 . 2015-01-04 01:00 -------- d-----w- c:\users\Lonnie Dawkins\AppData\Roaming\WSE_Vosteran
2015-01-04 01:00 . 2015-01-04 01:00 -------- d-----w- c:\program files (x86)\Dynamo Combo
2015-01-03 00:10 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-30 06:02 . 2014-12-30 06:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-12-30 06:02 . 2014-12-30 06:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-23 01:16 . 2014-12-23 01:16 -------- d-----w- c:\users\apple\AppData\Local\AskPartnerNetwork
2014-12-23 01:15 . 2014-12-23 01:15 -------- d-----w- c:\users\apple\AppData\Local\Wondershare
2014-12-23 01:14 . 2014-12-23 01:14 -------- d-----w- c:\users\apple\AppData\Local\Google
2014-12-18 05:14 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 05:14 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-17 06:15 . 2014-06-16 06:01 206080 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-12-17 06:15 . 2014-06-16 06:01 110336 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2014-12-17 06:14 . 2014-12-17 06:14 -------- d-----w- c:\program files\SAMSUNG
2014-12-10 08:50 . 2014-12-10 08:50 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 08:13 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-10 08:13 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-10 08:13 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-10 08:13 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-10 08:13 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 08:13 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-10 08:13 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-10 08:13 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-10 08:13 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-10 08:13 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-09 22:10 . 2014-11-22 02:06 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2014-12-09 22:09 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-09 20:07 . 2014-12-09 20:07 3981488 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-05 01:40 . 2014-06-19 14:17 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-04 06:43 . 2014-06-19 14:16 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-10 08:18 . 2011-04-05 01:01 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-09 20:08 . 2013-09-10 19:52 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-09 20:08 . 2013-09-10 19:52 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-21 11:14 . 2014-06-19 14:16 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 11:14 . 2014-06-19 14:16 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 03:08 . 2014-11-19 09:22 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 09:22 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 09:22 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 09:22 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-04 09:35 . 2014-09-16 19:01 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-10-30 11:25 . 2013-09-19 15:00 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:57 . 2014-11-12 15:26 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 15:26 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 15:24 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 15:24 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-17 10:09 . 2014-10-17 10:09 129752 ----a-w- c:\windows\system32\drivers\5A480277.sys
2014-10-14 02:16 . 2014-11-12 15:30 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 15:30 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 15:26 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 15:30 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 15:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 15:30 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 15:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 15:26 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 15:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 15:30 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 15:30 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-13 09:35 . 2014-10-13 09:35 70688 ----a-w- c:\windows\system32\vrvd5.dll
2014-10-13 09:35 . 2014-10-13 09:35 13344 ----a-w- c:\windows\system32\drivers\vrvd5.sys
2014-10-10 00:57 . 2014-11-12 15:26 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{5245414C-312D-5350-00A7-7A786E7484D7}]
2014-10-30 17:24 12184 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5245414C-312D-5350-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport.dll" [2014-10-30 12184]
.
[HKEY_CLASSES_ROOT\clsid\{5245414c-312d-5350-00a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-16 20:03 222920 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-16 20:03 222920 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-16 20:03 222920 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZumoDrive"="c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk" [2011-04-05 2080]
"CompanionLink"="c:\program files (x86)\companionlink\companionlink.exe" [2013-12-12 60107264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-09 98304]
"LTCM Client"="c:\program files (x86)\LTCM Client\ltcmClient.exe" [2011-04-07 2756864]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2012-12-07 2771832]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-03 847872]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-10-01 2694320]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2014-09-11 2087264]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logo Calibration Loader.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2014-9-29 708608]
Printer Watcher3.60.lnk - c:\program files (x86)\EPSON\EPSON LFP Remote Panel\Stylus Pro 3880\Printer Watcher\Printer Watcher.exe -s [2012-12-30 612256]
ProfileReminder.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2014-9-29 954368]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2013-2-1 1155912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
.
R2 CLKMSVC10_C6F09094;CyberLink Product - 2010/10/25 01:49;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys;c:\windows\SYSNATIVE\drivers\pdihwctl.sys [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys;c:\windows\SYSNATIVE\DRIVERS\athrxusb.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 cpuz134;cpuz134;c:\users\LONNIE~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\LONNIE~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Droppix Service;Droppix Service;c:\program files (x86)\Common Files\Droppix\DxService.exe;c:\program files (x86)\Common Files\Droppix\DxService.exe [x]
R3 EyeOneDisplay;EyeOneDisplay;c:\windows\system32\Drivers\i1display_x64.sys;c:\windows\SYSNATIVE\Drivers\i1display_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys;c:\windows\SYSNATIVE\DRIVERS\rcmirror.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\DRIVERS\VX6000Xp.sys;c:\windows\SYSNATIVE\DRIVERS\VX6000Xp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 Unchecky;Unchecky;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 vrvd5;vrvd5;c:\windows\system32\DRIVERS\vrvd5.sys;c:\windows\SYSNATIVE\DRIVERS\vrvd5.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_C6F09094
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 16:29 451872 ------w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-11 20:52 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 20:08]
.
2015-01-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001Core.job
- c:\users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-20 22:00]
.
2015-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001UA.job
- c:\users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-20 22:00]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 17:22]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 17:22]
.
2015-01-04 c:\windows\Tasks\HPCeeScheduleForLonnie Dawkins.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 09:43]
.
2014-12-27 c:\windows\Tasks\HPCeeScheduleForLONNIEDAWKINS$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 09:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5245414C-312D-5350-00A7-7A786E7484D7}]
2014-10-30 17:24 13720 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5245414C-312D-5350-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport_x64.dll" [2014-10-30 13720]
.
[HKEY_CLASSES_ROOT\CLSID\{5245414C-312D-5350-00A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-09-26 19:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-09-26 19:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-09-26 19:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-16 20:03 261832 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-16 20:03 261832 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-16 20:03 261832 ----a-w- c:\users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX6000"="c:\windows\vVX6000.exe" [2010-05-20 764784]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-07-23 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-01 611896]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-09-20 557768]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences Pro\FencesMenu64.dll" [2010-09-16 464744]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vosteran.com/?f=1&a=vst_ggfc_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtB0C0C0C0CyEtC0FyByBtN0D0Tzu0StCtDzyzztN1L2XzutAtFyBtFtCtFtBtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StCyC0DyBtD0FyDzztGtBzy0CtCtGyCtB0AzytGyB0EtC0FtGyCtC0C0BtD0ByD0D0DtAzz0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0FyB0CzzyDzztGyByDtCyCtGyE0E0FtAtGzzzytB0BtGzz0FzyzyzzyBzy0BtAyCtDtD2Q&cr=355907905&ir=
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: {62AEFF80-16AD-4AC4-B812-E70EB5F37301} - hxxp://www.zenfolio.com/zf/code/upload-ie-win-x86.cab
DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} - hxxps://www36.verizon.com/FiOSVoice/UnProtected/FiosVoiceVMUtil.CAB
DPF: {D00CB680-081D-4F94-97D5-75DEDDC374ED} - hxxps://www36.verizon.com/fiosvoice/Downloads/FiosVoiceWebCntrl.CAB
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,38,12,26,bd,a8,
0a,e6,f4,22,0e,f1,4c,12,2a,bb,94,a4,70
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,38,12,47,ea,77,
b5,84,ef,68,0f,ce,12,6f,90,ec,54,cc,eb
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:33,63,16,06,51,79,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-01-04 23:14:39
ComboFix-quarantined-files.txt 2015-01-05 04:14
ComboFix2.txt 2015-01-05 02:48
.
Pre-Run: 34,175,741,952 bytes free
Post-Run: 34,084,810,752 bytes free
.
- - End Of File - - 7F43CE52900D7DD9D7A9ED6152660ED2

 

[Broni]

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

Re-run FRST again.
Type the following in the edit box after "Search Files:".

explorer.exe

Click Search button and post the log (Search.txt) it makes in your reply.

 

[LonnieD]

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 21:59:08
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lonnie Dawkins - LONNIEDAWKINS
# Boot Mode : Normal
# Running from : C:\Users\Lonnie Dawkins\AppData\Local\Temp\8hmo1yp5.tmp\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfffenfdjeibfomfbppoljahojkbbobb
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\apple\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Conduit
Folder Deleted : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfffenfdjeibfomfbppoljahojkbbobb
Folder Deleted : C:\Users\Lonnie Dawkins\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Lonnie Dawkins\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Lonnie Dawkins\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cfffenfdjeibfomfbppoljahojkbbobb
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3007394
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfffenfdjeibfomfbppoljahojkbbobb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2403] : homepage = "hxxp://search.conduit.com/?ctid=CT3287307&SearchSource=48&CUI=UN24072080461395910&UM[...]
Deleted [l.3068] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3287307&SearchSource=48&CUI[...]

*************************

AdwCleaner[S1].txt - [5301 octets] - [16/04/2013 21:59:08]

########## EOF - C:\AdwCleaner[S1].txt - [5361 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lonnie Dawkins on Mon 01/05/2015 at 0:54:24.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{409DD3B4-D1F8-EC6E-EDBD-2367FDA78762}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lonnie Dawkins\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{00F00457-FF9A-4E44-9BAA-BB3623196C7E}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{01FB95D2-9642-4480-AC1B-34EA9531D659}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{078E9841-0E18-459B-89D8-36E24F327EF0}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{08237C4F-46B0-4DFE-8676-5DB6B81BBE1D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{0EF62C92-C761-4AEF-B919-40BE819CE498}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{12F53FA1-8D82-4C03-BBE9-7E8EC69B7C3E}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{13506878-E795-4471-A94A-7C35D47519B9}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{137268D7-B753-458B-85CC-53633C00FBA7}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{143663D4-C1E2-4A10-A223-E0526D03A534}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{178F2C96-96AC-44F8-A44D-A4FBC7265938}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{197AE947-1190-467C-928F-831F553A3475}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{19891CE5-104A-43EE-B7A3-537D761FB47D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{1F97369B-B55E-4035-ADF8-E2203097A7B9}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{24FE75EC-A1DF-4A71-A46B-D8A16497A5FD}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{293F8E87-F527-4525-B26C-56814C024E1B}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{32E3DDC3-9262-4C38-B8F6-6E7F5E4B087D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{3A0AA0D7-8997-444F-A071-6FB918E06C64}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{4102490C-E8A0-4124-9EF5-1EA8A1A19CFB}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{4A4E06E7-EC15-4E6E-B767-1E1927F81BF4}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{4CC99CDC-ED15-45A4-867A-0EBE9C984A87}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{4F320925-A0F9-48EE-96C7-8788144612ED}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{536F07D7-6FF1-4A82-B98A-EC79CC4F38F2}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{569B27E3-CE34-4196-9639-BB7CC1A4C282}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{577DF27D-76BF-4BD4-95EB-DA23087FCC01}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{5E8CD2E6-F5E0-4F34-8634-C17913D4ECEA}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{5F4F7D72-7F74-47CC-98E8-AE63D17B5FBE}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{62F631B2-D8C0-4488-B59A-03F81C91B9EA}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{63CD86AF-C64F-41CC-B50C-373C7F29D1C6}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{650910BC-4C99-4706-8A59-B246F1682A80}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{6B3476AD-F883-499F-880E-05F8B3E80FC8}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{7172915A-15D5-4E39-B484-5591DD273FDB}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{74743F58-95CA-412B-8E47-1822330614A7}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{76B1D244-BCA5-4047-BE97-E52D6CE37AD7}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{79676E35-349E-4579-B366-52E4567B91A1}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{7F22B028-2FC8-4A86-866F-23E9CB57564D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{83F21036-37B7-451B-A6B6-5DFF62124C03}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{87762430-B69C-4B59-883C-19CAC3EDE451}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{87B64165-C1ED-4B36-9D21-9D40352E18BB}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{887C261B-9ADB-4A0F-83B1-F8BF2CC5D4AD}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{93D7ABA2-9E8F-4E6D-923F-32C693CFA7BB}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{9C565613-695E-4D15-B9A3-DBBA9ABA50EE}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{9E22D2F4-FB73-4510-B841-76AA4AE7BEDB}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{A214E554-032B-48D8-89C8-5154EA925C5D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{A2E8390D-3756-41EF-9ED8-B07A0074D03C}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{A5E80901-BB19-4A29-9BC0-BFC06722411D}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{A9836458-0E3D-4BEA-8A09-5BCE03F2B845}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{ACB2D7F0-DB45-4CED-8929-48A835EF77AF}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{AD866F49-F68E-4540-82F0-5556F4224BF8}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{AF01A84D-6EE6-4787-B69C-B54D1E15D5DE}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{B11F95C4-A9BA-4C6D-872E-F682123D4CE5}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{B73FBD08-2F6A-4505-876B-79B7169B156C}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{BB8F55DA-A338-4DFC-B204-D78504DDB12C}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{BE13C401-D3BF-4FE7-BA11-7A400209D0C0}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{BE8F858F-AFC5-4EA6-BECF-D285AF0907D5}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{CA3C18DC-591E-484F-93B3-A771A8F11300}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{CEF894DE-5294-4427-951D-CD315CE8C991}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{D4E75B76-6429-4D18-A345-1A34A8A8AFC7}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{DA0D8656-E4B4-4A0B-B690-40AB626E9093}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{DC7B6C0D-33A3-4D00-872E-C82B251F8014}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{DD9CBC69-07E2-450B-B1B3-C6AA94050F1C}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{E29AD16D-2898-4745-962D-1E7EBDBFF62C}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{E4F69676-941A-422B-9238-A1A3CEF9FE93}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{EC1B5BB0-F88D-47D1-A9F4-87ABCD373984}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{F16D7CDC-6FA6-48B4-B053-345A175B87AC}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{F35A2641-423B-4C37-B516-B802E878A5BC}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{F830965E-A6E9-496E-A14F-E23DD5D462FA}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{FABCFC52-D275-4719-A910-A6D0A3B1EC76}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{FB9E20C4-2709-4E47-B100-3BE0591C3B69}
Successfully deleted: [Empty Folder] C:\Users\Lonnie Dawkins\appdata\local\{FDE380A4-8E1C-4CE9-8ECE-B0826B297EB3}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/05/2015 at 1:00:07.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Lonnie Dawkins (administrator) on LONNIEDAWKINS on 05-01-2015 01:02:35
Running from C:\Users\Lonnie Dawkins\Desktop
Loaded Profile: Lonnie Dawkins (Available profiles: Lonnie Dawkins & apple & Lonnie Dawkins 2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation
) C:\Windows\vVX6000.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Zecter Inc.) C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(CompanionLink Software, Inc.) C:\Program Files (x86)\CompanionLink\CompanionLink.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CompanionLink\DCLHelper\CLDCLHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ipswitch) C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX6000] => C:\Windows\vVX6000.exe [764784 2010-05-20] (Microsoft Corporation
)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-08-31] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2771832 2012-12-07] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2080 2011-04-04] ()
HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\Run: [CompanionLink] => c:\program files (x86)\companionlink\companionlink.exe [60107264 2013-12-12] (CompanionLink Software, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Watcher3.60.lnk
ShortcutTarget: Printer Watcher3.60.lnk -> C:\Program Files (x86)\EPSON\EPSON LFP Remote Panel\Stylus Pro 3880\Printer Watcher\Printer Watcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk
ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00Zecter] -> {D25B32FE-CB96-491A-98FF-AD59DA382D69} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [01Zecter] -> {EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [02Zecter] -> {B3C78E40-6B64-47C3-AE34-60B770881EB8} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [03Zecter] -> {622AFE52-33F6-4D9F-9966-E0BC52D7D69D} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [04Zecter] -> {855156F0-2A0F-11DE-8C30-0800200C9A66} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4019326579-3645861894-181193703-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4019326579-3645861894-181193703-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4019326579-3645861894-181193703-1001\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> {43279C2E-8336-4167-BE3C-E1A858DDB154} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?source...ding}&oe={outputEncoding}&rlz=1I7SNNT_enUS367
SearchScopes: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://search.yahoo.com/search?fr=mcafee&type=B010US0D20121015&p={SearchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Search App by Ask -> {5245414C-312D-5350-00A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport_x64.dll" No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Search App by Ask -> {5245414C-312D-5350-00A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport.dll" No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Search App by Ask - {5245414C-312D-5350-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport_x64.dll" No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Search App by Ask - {5245414C-312D-5350-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport.dll" No File
Toolbar: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-4019326579-3645861894-181193703-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: HKLM-x32 {62AEFF80-16AD-4AC4-B812-E70EB5F37301} http://www.zenfolio.com/zf/code/upload-ie-win-x86.cab
DPF: HKLM-x32 {7DD62E58-5FA8-11D2-AFB7-00104B64F126} https://www.svharbor.com/epass/swiftview/svinstall_a.8.0.2.0.cab
DPF: HKLM-x32 {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} https://www36.verizon.com/FiOSVoice/UnProtected/FiosVoiceVMUtil.CAB
DPF: HKLM-x32 {D00CB680-081D-4F94-97D5-75DEDDC374ED} https://www36.verizon.com/fiosvoice/Downloads/FiosVoiceWebCntrl.CAB
Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.252.0.12

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-4019326579-3645861894-181193703-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Lonnie Dawkins\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-4019326579-3645861894-181193703-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-4019326579-3645861894-181193703-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2010-10-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_ggfc_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtB0C0C0C0CyEtC0FyByBtN0D0Tzu0StCtDzyzztN1L2XzutAtFyBtFtCtFtBtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StCyC0DyBtD0FyDzztGtBzy0CtCtGyCtB0AzytGyB0EtC0FtGyCtC0C0BtD0ByD0D0DtAzz0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0FyB0CzzyDzztGyByDtCyCtGyE0E0FtAtGzzzytB0BtGzz0FzyzyzzyBzy0BtAyCtDtD2Q&cr=355907905&ir=
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ggfc_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtB0C0C0C0CyEtC0FyByBtN0D0Tzu0StCtDzyzztN1L2XzutAtFyBtFtCtFtBtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StCyC0DyBtD0FyDzztGtBzy0CtCtGyCtB0AzytGyB0EtC0FtGyCtC0C0BtD0ByD0D0DtAzz0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0FyB0CzzyDzztGyByDtCyCtGyE0E0FtAtGzzzytB0BtGzz0FzyzyzzyBzy0BtAyCtDtD2Q&cr=355907905&ir=", "hxxp://www.lonniedawkins.com/"
CHR DefaultSearchKeyword: Default -> vosteran.com
CHR DefaultSearchURL: Default -> http://vosteran.com/results.php?f=4...tGzz0FzyzyzzyBzy0BtAyCtDtD2Q&cr=355907905&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-30]
CHR Extension: (Google Docs) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-30]
CHR Extension: (Google Drive) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-30]
CHR Extension: (WOT) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-09-30]
CHR Extension: (YouTube) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-30]
CHR Extension: (Google Search) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-30]
CHR Extension: (Google Play Music) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-10-16]
CHR Extension: (Google Sheets) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-30]
CHR Extension: (SearchLock) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-30]
CHR Extension: (Gmail) - C:\Users\Lonnie Dawkins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-09-21] (CyberLink)
S3 Droppix Service; C:\Program Files (x86)\Common Files\Droppix\DxService.exe [151552 2008-02-01] (Droppix) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-04-02] (Macrovision Europe Ltd.) [File not signed]
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [455944 2010-05-14] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-02-01] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2015-01-03] (RaMMicHaeL)
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-13] (GretagMacbeth LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-04] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2014-10-13] (Rsupport Corporation)
S3 VX6000; C:\Windows\System32\DRIVERS\VX6000Xp.sys [2143600 2010-05-20] (Microsoft Corporation
)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\LONNIE~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

[LonnieD]

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 01:02 - 2015-01-05 01:04 - 00035321 _____ () C:\Users\Lonnie Dawkins\Desktop\FRST.txt
2015-01-05 01:02 - 2015-01-05 01:02 - 00000000 ____D () C:\FRST
2015-01-05 01:00 - 2015-01-05 01:00 - 00008923 _____ () C:\Users\Lonnie Dawkins\Desktop\JRT.txt
2015-01-05 00:52 - 2015-01-05 00:51 - 02123776 _____ (Farbar) C:\Users\Lonnie Dawkins\Desktop\FRST64.exe
2015-01-05 00:51 - 2015-01-05 00:51 - 02123776 _____ (Farbar) C:\Users\Lonnie Dawkins\Downloads\FRST64.exe
2015-01-05 00:51 - 2015-01-05 00:49 - 01707939 _____ (Thisisu) C:\Users\Lonnie Dawkins\Desktop\JRT.exe
2015-01-05 00:48 - 2015-01-05 00:49 - 01707939 _____ (Thisisu) C:\Users\Lonnie Dawkins\Downloads\JRT.exe
2015-01-05 00:34 - 2015-01-05 00:37 - 00000000 ____D () C:\AdwCleaner
2015-01-05 00:31 - 2015-01-05 00:30 - 02173952 _____ () C:\Users\Lonnie Dawkins\Desktop\adwcleaner_4.106.exe
2015-01-05 00:29 - 2015-01-05 00:30 - 02173952 _____ () C:\Users\Lonnie Dawkins\Downloads\adwcleaner_4.106.exe
2015-01-05 00:23 - 2015-01-05 00:24 - 00864256 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship purple-gold.pub
2015-01-05 00:19 - 2015-01-05 00:24 - 00867840 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship-Purple.pub
2015-01-04 23:14 - 2015-01-04 23:14 - 00041053 _____ () C:\ComboFix.txt
2015-01-04 22:07 - 2015-01-04 23:14 - 00000000 ____D () C:\ComboFix
2015-01-04 22:01 - 2015-01-04 18:26 - 05609858 ____R (Swearware) C:\Users\Lonnie Dawkins\Desktop\ComboFix.exe
2015-01-04 19:09 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-04 19:09 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-04 19:09 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-04 19:09 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-04 19:09 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-04 19:09 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-04 19:09 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-04 19:09 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-04 19:08 - 2015-01-04 23:14 - 00000000 ____D () C:\Qoobox
2015-01-04 18:28 - 2015-01-04 18:28 - 00001214 _____ () C:\Users\Lonnie Dawkins\Desktop\ComboFix - Shortcut.lnk
2015-01-04 18:25 - 2015-01-04 18:26 - 05609858 ____R (Swearware) C:\Users\Lonnie Dawkins\Downloads\ComboFix.exe
2015-01-04 01:45 - 2015-01-04 16:15 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 01:43 - 2015-01-04 16:15 - 00000000 ____D () C:\Users\Lonnie Dawkins\Desktop\mbar
2015-01-04 01:41 - 2015-01-04 01:43 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Lonnie Dawkins\Downloads\mbar-1.08.2.1001.exe
2015-01-04 00:13 - 2015-01-04 00:13 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-03 23:59 - 2015-01-03 23:59 - 00000000 ____D () C:\Users\Lonnie Dawkins 2\AppData\Local\CrashDumps
2015-01-03 23:43 - 2015-01-03 23:44 - 15298136 _____ () C:\Users\Lonnie Dawkins 2\Downloads\RogueKiller.exe
2015-01-03 23:37 - 2015-01-03 23:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieUserList
2015-01-03 23:37 - 2015-01-03 23:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieSiteList
2015-01-03 23:37 - 2015-01-03 23:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieBrowserModeList
2015-01-03 20:31 - 2015-01-03 20:35 - 15298136 _____ () C:\Users\Lonnie Dawkins\Downloads\RogueKiller.exe
2015-01-03 20:13 - 2015-01-04 01:26 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-03 20:13 - 2015-01-03 20:13 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-03 20:01 - 2015-01-03 20:01 - 00000979 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-03 20:01 - 2015-01-03 20:01 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-03 20:01 - 2015-01-03 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-01-03 20:01 - 2015-01-03 20:01 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-01-03 20:00 - 2015-01-03 20:00 - 00000000 ____D () C:\Program Files (x86)\Dynamo Combo
2015-01-03 19:58 - 2015-01-03 19:59 - 00798080 _____ ( ) C:\Users\Lonnie Dawkins\Downloads\FileOpenerSetup.exe
2015-01-03 18:41 - 2015-01-03 18:41 - 00035939 _____ () C:\Users\Lonnie Dawkins\Desktop\dds.txt
2015-01-03 18:35 - 2015-01-03 18:36 - 00688992 ____R (Swearware) C:\Users\Lonnie Dawkins\Downloads\dds.com
2015-01-03 18:35 - 2015-01-03 18:35 - 00002086 _____ () C:\Users\Lonnie Dawkins\Desktop\MBAM-dawk.txt
2015-01-03 15:52 - 2015-01-04 16:20 - 00000368 _____ () C:\Windows\Tasks\HPCeeScheduleForLonnie Dawkins.job
2015-01-03 15:52 - 2015-01-04 00:15 - 00003240 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLonnie Dawkins
2015-01-03 15:45 - 2015-01-03 15:45 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\New folder (4)
2015-01-01 17:54 - 2015-01-05 00:17 - 00864256 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship.pub
2014-12-30 18:03 - 2014-12-30 18:03 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bay Photo
2014-12-30 17:32 - 2014-12-30 17:33 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\OICE_15_974FA576_32C1D314_155A
2014-12-30 14:48 - 2014-12-31 17:31 - 05408632 _____ () C:\Users\Lonnie Dawkins\Documents\New Year Eve 2015.pptx
2014-12-30 01:02 - 2014-12-30 01:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-30 01:02 - 2014-12-30 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-30 00:34 - 2014-12-30 00:34 - 00003224 _____ () C:\Windows\System32\Tasks\{9C34602F-7FBA-4770-A05A-7267887739A5}
2014-12-30 00:23 - 2014-12-30 00:23 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25 (2).exe
2014-12-29 21:21 - 2015-01-01 18:05 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Montague
2014-12-29 00:40 - 2014-12-29 00:40 - 02028700 _____ () C:\Users\Lonnie Dawkins\Documents\National-Christmas-Tree-Washington-DC-2014.-ld
2014-12-29 00:15 - 2014-12-29 00:18 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141227 tree
2014-12-25 01:22 - 2014-12-25 01:24 - 31661938 _____ () C:\Users\Lonnie Dawkins\Documents\Jan Dada Birthday 75.ppsx
2014-12-25 01:02 - 2014-12-25 01:22 - 31661890 _____ () C:\Users\Lonnie Dawkins\Documents\Jan Dada Birthday.pptx
2014-12-24 19:24 - 2014-12-24 19:24 - 00001913 _____ () C:\Users\Lonnie Dawkins\Downloads\launch.jnlp
2014-12-24 19:22 - 2014-12-24 19:23 - 00001913 _____ () C:\Users\Lonnie Dawkins\Downloads\launch (1).jnlp
2014-12-22 20:15 - 2014-12-22 20:15 - 00000000 ____D () C:\Users\apple\AppData\Local\Wondershare
2014-12-22 20:14 - 2014-12-22 20:14 - 00000000 ____D () C:\Users\apple\AppData\Local\Google
2014-12-21 21:28 - 2014-12-24 00:03 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141220 Jan Dada
2014-12-21 15:11 - 2015-01-03 15:46 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141220 ASU
2014-12-18 09:55 - 2014-12-18 09:55 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2014.1.lnk
2014-12-18 00:14 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 00:14 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 02:56 - 2014-12-17 02:57 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25 (1).exe
2014-12-17 01:15 - 2014-06-16 01:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-12-17 01:15 - 2014-06-16 01:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-12-17 01:14 - 2014-12-17 01:14 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-12-17 01:02 - 2014-12-17 01:04 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Lonnie Dawkins\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2014-12-16 12:50 - 2014-12-16 12:50 - 01019476 _____ () C:\Users\Lonnie Dawkins\Downloads\Giclee_Canvas_Wraps.zip
2014-12-16 12:05 - 2014-12-16 12:05 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25.exe
2014-12-15 20:13 - 2014-12-15 20:40 - 450354304 _____ () C:\Users\Lonnie Dawkins\Downloads\Backgrounds.zip
2014-12-12 19:54 - 2014-12-12 19:54 - 00002701 _____ () C:\Users\Lonnie Dawkins\Downloads\legitcheck (2).hta
2014-12-12 18:29 - 2014-12-12 18:30 - 00002701 _____ () C:\Users\Lonnie Dawkins\Downloads\legitcheck (1).hta
2014-12-10 13:53 - 2014-12-10 13:53 - 01496712 _____ () C:\Users\Lonnie Dawkins\Downloads\VzInHomeAgent (1).exe
2014-12-10 03:50 - 2014-12-10 03:50 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:13 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:13 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 03:13 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 03:13 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 03:13 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 03:13 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 03:13 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 03:13 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 03:13 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 03:13 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 17:11 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 17:11 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 17:11 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 17:11 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 17:11 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 17:11 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 17:11 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 17:11 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 17:11 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 17:11 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 17:11 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 17:11 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 17:11 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 17:11 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 17:11 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 17:11 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 17:11 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 17:11 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 17:11 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 17:11 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 17:11 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 17:11 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 17:11 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 17:11 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 17:11 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 17:11 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 17:11 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 17:11 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 17:11 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 17:11 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 17:11 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 17:11 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 17:11 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 17:11 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 17:11 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 17:11 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 17:11 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 17:11 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 17:10 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 17:10 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 17:10 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 17:10 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 17:10 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 17:10 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 17:10 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 17:10 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 17:10 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 17:10 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 17:10 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 17:10 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 17:10 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 17:10 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 17:10 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 17:10 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 17:10 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 17:10 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 17:10 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 17:10 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 17:10 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 17:10 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 17:09 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 17:09 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 17:09 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 17:09 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 17:09 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 17:09 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 17:09 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 17:09 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 17:09 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 17:09 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 17:09 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 17:09 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 17:09 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 17:09 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 15:07 - 2014-12-09 15:07 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-08 00:53 - 2014-12-08 07:26 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141207 ASALH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 00:57 - 2010-10-25 03:34 - 01457951 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 00:56 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 00:56 - 2009-07-13 23:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 00:47 - 2011-04-02 14:44 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Local\Adobe
2015-01-05 00:45 - 2011-04-04 20:31 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\ZumoDrive
2015-01-05 00:41 - 2012-06-30 13:26 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-05 00:40 - 2012-10-27 07:00 - 00053511 _____ () C:\Windows\setupact.log
2015-01-05 00:40 - 2012-10-16 12:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 00:40 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 00:39 - 2012-10-27 07:00 - 00263648 _____ () C:\Windows\PFRO.log
2015-01-05 00:37 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-05 00:16 - 2013-12-19 09:56 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8FE8CEEF-0557-47BB-9053-A29E91128083}
2015-01-05 00:08 - 2012-10-16 12:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 00:07 - 2013-09-10 14:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-05 00:05 - 2011-08-19 21:21 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001UA.job
2015-01-04 23:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2015-01-04 23:17 - 2014-06-19 09:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-04 23:07 - 2012-10-17 20:31 - 00000000 ____D () C:\Windows\erdnt
2015-01-04 23:07 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-04 18:34 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2015-01-04 18:05 - 2011-08-19 21:21 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001Core.job
2015-01-04 01:43 - 2014-06-19 09:16 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-04 01:43 - 2011-04-02 15:20 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Local\CrashDumps
2015-01-03 23:28 - 2012-08-14 16:50 - 00000000 ____D () C:\Windows\pss
2015-01-03 18:41 - 2013-04-16 09:42 - 00019485 _____ () C:\Users\Lonnie Dawkins\Desktop\attach.txt
2015-01-03 15:40 - 2011-04-02 12:10 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-03 15:39 - 2011-10-22 21:24 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-03 01:49 - 2013-03-31 06:39 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\march 31
2014-12-31 17:14 - 2011-12-07 16:26 - 00000132 _____ () C:\Users\Lonnie Dawkins\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-31 02:09 - 2014-10-02 19:16 - 00000000 ____D () C:\Users\Lonnie Dawkins\.BayPhoto
2014-12-30 18:03 - 2014-10-02 19:15 - 00002487 _____ () C:\Users\Lonnie Dawkins\Desktop\Bay Photo.lnk
2014-12-30 14:02 - 2013-08-17 13:27 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\beltway fb pics
2014-12-30 12:18 - 2014-08-04 10:57 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Annie Davis
2014-12-30 02:37 - 2014-05-27 08:01 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\ld website
2014-12-30 02:37 - 2013-09-27 14:47 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\EasyRotatorPreview
2014-12-30 01:02 - 2014-10-02 19:03 - 00002481 _____ () C:\Users\Lonnie Dawkins\Desktop\Bay Photo Emerge.lnk
2014-12-30 01:02 - 2014-01-23 10:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-30 01:00 - 2010-10-16 14:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-29 21:41 - 2014-01-27 13:21 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Stan
2014-12-27 10:24 - 2012-11-06 23:27 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLONNIEDAWKINS$
2014-12-27 10:24 - 2012-11-06 23:27 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForLONNIEDAWKINS$.job
2014-12-24 00:41 - 2014-11-27 21:50 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141127 Shephard
2014-12-22 20:15 - 2011-04-19 10:30 - 00000000 ____D () C:\Users\apple\AppData\Roaming\Adobe
2014-12-22 20:15 - 2011-04-19 10:30 - 00000000 ____D () C:\Users\apple\AppData\Local\Adobe
2014-12-22 20:14 - 2011-04-19 10:31 - 00139776 _____ () C:\Users\apple\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-22 20:14 - 2011-04-19 10:29 - 00001373 _____ () C:\Users\apple\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-21 22:04 - 2014-09-22 02:07 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140921 area wide
2014-12-21 22:04 - 2014-04-26 20:40 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140420 Church Breakfast
2014-12-21 22:03 - 2014-03-08 22:50 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140308 Price
2014-12-21 22:03 - 2014-02-15 15:20 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140215 Game
2014-12-21 22:02 - 2014-02-01 20:26 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140131 hawthorne
2014-12-20 11:42 - 2011-04-02 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-20 11:37 - 2014-09-16 13:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-20 00:20 - 2009-07-14 00:08 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-20 00:04 - 2009-07-13 23:45 - 05442680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-18 15:23 - 2011-04-01 18:06 - 00139776 _____ () C:\Users\Lonnie Dawkins\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-18 13:48 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-18 10:28 - 2010-10-16 14:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-18 02:09 - 2011-04-02 19:15 - 00000000 ____D () C:\Program Files\Adobe
2014-12-18 02:09 - 2011-04-02 19:13 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-18 02:09 - 2011-04-01 18:08 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\Adobe
2014-12-17 03:05 - 2014-08-19 15:18 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-17 03:05 - 2014-08-19 15:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-17 03:05 - 2014-08-19 15:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-16 14:47 - 2014-03-10 13:40 - 00000000 ____D () C:\Users\Lonnie Dawkins\.BayPhotoEmerge
2014-12-15 21:53 - 2007-07-06 03:56 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\__MACOSX
2014-12-14 03:05 - 2013-03-14 02:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-14 03:04 - 2013-03-14 02:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-14 03:04 - 2013-03-14 02:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-14 02:15 - 2014-03-21 09:02 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140320 Seat Pleasant
2014-12-14 02:13 - 2013-12-08 00:43 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\131207 Jones
2014-12-11 15:52 - 2014-10-21 05:57 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 13:59 - 2014-07-31 11:15 - 00001149 _____ () C:\Users\Public\Desktop\Vz In-Home Agent.lnk
2014-12-10 13:59 - 2014-07-31 11:14 - 00001765 _____ () C:\Users\Lonnie Dawkins\Install-VzInHomeAgentLog.log
2014-12-10 13:59 - 2011-08-04 22:30 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\Verizon
2014-12-10 13:58 - 2011-04-01 17:59 - 00000000 ____D () C:\Users\Lonnie Dawkins
2014-12-10 13:29 - 2014-06-19 09:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-10 13:29 - 2014-06-19 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-10 13:29 - 2014-06-19 09:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-10 07:15 - 2012-12-26 12:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 03:50 - 2014-04-28 15:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:50 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:50 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:30 - 2013-07-17 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:18 - 2011-04-04 20:01 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 15:08 - 2013-09-10 14:52 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 15:08 - 2013-09-10 14:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 15:08 - 2013-09-10 14:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 13:06 - 2014-08-28 17:01 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\aunt jean

Files to move or delete:
====================
C:\Users\Lonnie Dawkins\DesignPremium_CS5_LS1.exe


Some content of TEMP:
====================
C:\Users\Lonnie Dawkins\AppData\Local\Temp\Quarantine.exe
C:\Users\Lonnie Dawkins\AppData\Local\Temp\sqlite3.dll
C:\Users\Lonnie Dawkins\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Lonnie Dawkins\AppData\Local\Temp\swt-win32-3448.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2011-04-27 21:59] - [2011-02-25 01:19] - 2871808 ____N (Microsoft Corporation) 83F5A6B88906ABBB3D954F66EF72CFD3

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-18 12:26

==================== End Of Log ============================




Addition.txt and Search.txt in next post

 

[LonnieD]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Lonnie Dawkins at 2015-01-05 01:10:45
Running from C:\Users\Lonnie Dawkins\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{7F823F8E-4348-11E4-8BF8-81763C49AA32}) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 7.1 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.1.329 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{0099B484-C24C-4D5F-8167-B0F6DF196E72}) (Version: 12.0.3.133 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUKABOOK Maker2 (HKLM-x32\...\{8D35E22C-68BA-49E9-8BF1-B09309DE28D7}) (Version: 2.1.0.7 - Asukanet)
ATI Catalyst Install Manager (HKLM\...\{A04108F4-71E9-FD90-D73D-2058DF6987F4}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
Bay Designer (HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\Bay Designer) (Version: Bay Designer 4.1.0 - Bay Photo Lab)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.)
BookSmart® 3.4.4 3.4.4 (HKLM-x32\...\BookSmart® 3.4.4 3.4.4) (Version: - Blurb, Inc)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon PhotoRecord (HKLM-x32\...\PhotoRecord) (Version: - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.9.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0909.1412.23625 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
CompanionLink (HKLM-x32\...\{506EA5AF-B1FF-4340-AFC5-7A3EAC61737F}) (Version: 6.00.6000 - CompanionLink Software, Inc.)
Contents (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.252 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.294 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceIO (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Droppix Label Maker 2.9.3 (HKLM-x32\...\Droppix Label Maker_is1) (Version: - Droppix)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Dynamo Combo (HKLM\...\Dynamo Combo) (Version: 2015.01.03.232331 - Dynamo Combo) <==== ATTENTION!
EasyRotator Wizard (HKLM-x32\...\com.dwuser.erwizard.EasyRotatorWizard) (Version: 1.0.131 - Magnetic Marketing Corp)
EasyRotator Wizard (x32 Version: 1.0.131 - Magnetic Marketing Corp) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Epson CreativeZone (HKLM-x32\...\{E6C82F8F-2031-4825-8CC3-98C5960875C1}) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{C1A0A3F9-C302-4A18-A2E0-71C927D24652}) (Version: 2.2.3.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (x32 Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
EPSON LFP Remote Panel (HKLM-x32\...\{4FD1C84E-F387-4609-A31F-4117F88B6600}) (Version: - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Stylus Pro 3880 Printer Uninstall (HKLM\...\Epson Stylus Pro 3880) (Version: - SEIKO EPSON Corporation)
EPSON WorkForce 630 Series Printer Uninstall (HKLM\...\EPSON WorkForce 630 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V3 (HKLM-x32\...\{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}) (Version: 3.7.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Eye-One Match 3.6.2 (HKLM-x32\...\Eye-One Match_is1) (Version: 3.6.2 - GretagMacbeth)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Family Tree Maker 2010 (HKLM-x32\...\Family Tree Maker 2010) (Version: 19.0.180 - Ancestry.com)
Family Tree Maker 2010 (x32 Version: 19.0.180 - Ancestry.com) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fences Pro (HKLM-x32\...\Fences Pro) (Version: 1.0.1.312.19219 - Stardock Corporation)
Fences Pro (Version: 1.0.1.312 - Stardock Corporation) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlipShare (HKLM-x32\...\{B1C0D829-FE30-059E-E93F-CDC7A48235C0}) (Version: 5.6.35.0 - Flip Video)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{C84FFB07-C687-45CF-91C8-868DB8D8C8CD}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version: - Zecter Inc.)
HP Documentation (HKLM-x32\...\{045C16AD-B2E5-43D0-BB51-2F1987D91038}) (Version: 1.1.3.1 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{09BDCC02-80F2-4EFB-8F1B-A807D2C38E31}) (Version: 1.0.1.2 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4604 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{BE6725F2-6D15-477C-86C6-4522B8569D62}) (Version: 3.1.2.2 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.3303 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.4042 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP SimplePass Identity Protection (HKLM\...\{5BF97E02-2F6A-412A-BB4D-B6E2DC65FCA7}) (Version: 5.20.205 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)
Hulu Desktop (HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
i1_driver_installer_utility_i1Match version 1.0 (HKLM-x32\...\i1_driver_installer_utility_i1Match_is1) (Version: - X-Rite)
ICA (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intellisync® for FiOS® Digital Voice (HKLM-x32\...\{F84438F8-C80D-4023-9439-CDB6010A1863}) (Version: 1.01.000 - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
ISCOM (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3220 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{2765F726-849C-47B2-A82C-B257DFC0E01C}) (Version: 1.18.22.2 - LightScribe)
Likno Web Scroller Builder 2.0.130 (HKLM\...\{22B6603C-7583-41DA-8D25-3ED484CDD426}) (Version: 2.0.130 - Likno Software)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Web (HKLM-x32\...\WebDesigner) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}) (Version: - Microsoft)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-4019326579-3645861894-181193703-1001\...\MyFreeCodec) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PhotoShelter Uploader (HKLM-x32\...\{BDC68961-506C-46EE-A86D-3A04E616211A}) (Version: 2.5.0 - PhotoShelter)
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4419 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3320 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickBooks (x32 Version: 20.0.4017.807 - Intuit Inc.) Hidden
QuickBooks Pro 2010 (HKLM-x32\...\{0700E22B-A422-40A5-BD20-04BF618CA0F9}) (Version: 20.0.4017.807 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Search App by Ask (HKLM-x32\...\{5245414C-312D-5350-00A7-A758B70C1500}) (Version: 12.21.0.116 - APN, LLC) <==== ATTENTION
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Setup (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.294 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SwiftView Viewer (HKLM-x32\...\SwiftView) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Unchecky v0.3.5 (HKLM-x32\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
VIO (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VSClassic (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.68.0 - Verizon)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

 

[LonnieD]

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lonnie Dawkins\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1172\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4019326579-3645861894-181193703-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

22-12-2014 03:00:26 Windows Update
25-12-2014 21:35:17 Windows Update
28-12-2014 22:32:58 Windows Backup
29-12-2014 13:32:43 Removed Java 7 Update 67
29-12-2014 14:55:44 Removed Java 7 Update 67
29-12-2014 15:12:47 Windows Update
29-12-2014 23:48:28 Removed Java 8 Update 25
02-01-2015 11:01:53 Windows Update
04-01-2015 01:16:00 Malw
04-01-2015 16:13:26 Malwarebytes Anti-Rootkit Restore Point
04-01-2015 19:01:30 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2015-01-05 00:42 - 00001196 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com

There are 5 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00629DD7-7331-483D-A72C-26F4AC171828} - System32\Tasks\HPCeeScheduleForLonnie Dawkins => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0CB2AEBF-CFD1-4C75-AF31-71417B845509} - System32\Tasks\{9C34602F-7FBA-4770-A05A-7267887739A5} => pcalua.exe -a "C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25 (2).exe" -d "C:\Users\Lonnie Dawkins\Downloads"
Task: {0E9EE132-7254-4B94-BE58-8B760E43FBBA} - System32\Tasks\{DB17BC86-30AC-4672-AB13-D4CAA0BC5DEA} => pcalua.exe -a "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVZIPJSQ\SetupDxLabelMakerHP[1].exe" -d "C:\Users\Lonnie Dawkins\Desktop"
Task: {1957F3EA-D07B-4026-BCD5-6C50C9F100BE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4019326579-3645861894-181193703-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1C1CAA2B-1A13-4F34-AE41-8FD05330C8B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2EA805F9-73F6-4568-8FE4-F51CAEF75CD8} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-03] (CyberLink)
Task: {3902EFEA-DFD1-4189-91F4-EA1221AAF865} - System32\Tasks\{C9EF7C03-0D07-42F5-AA52-EC0563FF09ED} => Chrome.exe http://ui.skype.com/ui/0/4.2.0.166.324/en/go/help.faq.installer?LastError=1603
Task: {3CC38165-19AF-4E8C-B4C1-C98AB47E1835} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3CE9083C-DC01-428F-8B8F-203D42F943C7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {3E376710-E8AB-4987-8D3A-C872850E20F8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {43AB9EB5-E8BE-4932-9F11-2E9428F8714B} - System32\Tasks\AdobeAAMUpdater-1.0-LonnieDawkins-Lonnie Dawkins 2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {44C1770A-7F0E-4539-B72C-190C9C3915B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {60F9CA13-F20A-4A61-8564-9658A137D883} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {68364ADB-CD75-43FF-B91B-0C33CBC38DC5} - System32\Tasks\HPCeeScheduleForLONNIEDAWKINS$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7B111D25-0911-4A5B-9223-A71D17D6194A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4019326579-3645861894-181193703-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {87586143-0622-4960-BA38-25D92477ACE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {879DE7EC-1D24-4ABC-9CF4-3BC20D028DE0} - System32\Tasks\{79F062C0-314A-4656-91F0-D57413F6A0FA} => pcalua.exe -a "C:\Users\Lonnie Dawkins\Documents\AveryWizardforWord2003-English.exe" -d "C:\Users\Lonnie Dawkins\Documents"
Task: {94BEEA22-7E32-42D7-B3DF-1E6D8499558A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {9705A644-9718-4104-83D1-59F5781B9C86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9F7DFDDE-6F2C-4C18-B638-0A9D88259FCF} - System32\Tasks\{247FD6EE-5A19-453A-B90C-9B5B1F3B38CD} => pcalua.exe -a "C:\Users\Lonnie Dawkins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YAVZK6LL\startuplite-setup-1.07.exe" -d "C:\Users\Lonnie Dawkins\Desktop"
Task: {A71C1BE1-F800-42DB-BB41-0F643811DA81} - System32\Tasks\AdobeAAMUpdater-1.0-LonnieDawkins-Lonnie Dawkins => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {B235FCC4-61B3-48B5-9AF3-00E4150A10DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16] (Google Inc.)
Task: {B5A179BE-91AF-42B1-8DA3-2CCF3C7FFC97} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001UA => C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {B8E1A38A-C0BA-46DC-85F1-4401358E1233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16] (Google Inc.)
Task: {BEEF1D5F-DAB2-4E7C-AA44-4B8FC8FACB51} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001Core => C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {C06E473A-73BA-4C0C-9A4D-F2F2220221FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {CA29C2CD-A378-461F-ADEB-6F6557C94A7D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4019326579-3645861894-181193703-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CB6FC553-3DD6-442C-B4E3-2A903B5DBE21} - System32\Tasks\{09C15C89-6601-4E78-B953-0B71EC835883} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {DD2DE00E-BDB6-4C69-A1D3-62E823EBF9D5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4019326579-3645861894-181193703-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {ED713B37-165B-4756-ADD5-C9D1E52CEA70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {EE26D72C-3C4B-4785-8090-51FE5932F5B8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001Core.job => C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001UA.job => C:\Users\Lonnie Dawkins\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLonnie Dawkins.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLONNIEDAWKINS$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-09-16 13:37 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-05-14 11:59 - 2010-05-14 11:59 - 00455944 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2010-08-31 19:16 - 2010-08-31 19:16 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2013-03-18 07:26 - 2013-03-18 07:26 - 00019968 _____ () c:\program files (x86)\companionlink\DCLHelper\CLDCLHelper.exe
2010-07-21 16:33 - 2010-07-21 16:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-09-09 17:50 - 2010-09-09 17:50 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-09 16:11 - 2010-09-09 16:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-16 14:35 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-05-14 11:38 - 2010-05-14 11:38 - 01581056 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2010-05-14 11:49 - 2010-05-14 11:49 - 02519040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2010-05-14 11:38 - 2010-05-14 11:38 - 00188416 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-05-14 11:38 - 2010-05-14 11:38 - 00356352 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-05-14 11:38 - 2010-05-14 11:38 - 06443008 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-05-14 11:41 - 2010-05-14 11:41 - 00708608 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2015-01-05 00:41 - 2015-01-05 00:41 - 00199168 ____N () C:\Users\Lonnie Dawkins\AppData\Local\Temp\WindowsAPI.dll6268255133971383337.lib
2015-01-05 00:44 - 2015-01-05 00:44 - 00379904 _____ () C:\Users\Lonnie Dawkins\AppData\Local\Temp\libsqlitejdbc-1645372833360101719.lib
2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-13 15:44 - 2014-09-11 17:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-10-13 15:44 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-12-11 15:52 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 15:52 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 15:52 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 15:52 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 15:52 - 2014-12-05 20:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lonnie Dawkins\Downloads\McAfeeSetup.exe:BDU
AlternateDataStreams: C:\Users\Lonnie Dawkins\Downloads\OutlookConnector.exe:BDU
AlternateDataStreams: C:\Users\Lonnie Dawkins\Downloads\set_up_outlookset:BDU
AlternateDataStreams: C:\Users\Lonnie Dawkins\Downloads\U-0131-01-P_AVERY1_.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1334659535\ee\AOLSoftware.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4019326579-3645861894-181193703-500 - Administrator - Disabled)
apple (S-1-5-21-4019326579-3645861894-181193703-1003 - Limited - Enabled) => C:\Users\apple
Guest (S-1-5-21-4019326579-3645861894-181193703-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4019326579-3645861894-181193703-1002 - Limited - Enabled)
Lonnie Dawkins (S-1-5-21-4019326579-3645861894-181193703-1001 - Administrator - Enabled) => C:\Users\Lonnie Dawkins
Lonnie Dawkins 2 (S-1-5-21-4019326579-3645861894-181193703-1005 - Administrator - Enabled) => C:\Users\Lonnie Dawkins 2

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (11/03/2014 04:32:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10026 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/10/2014 11:07:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27040 seconds with 360 seconds of active time. This session ended with a crash.

Error: (04/27/2014 01:41:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/16/2014 05:49:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/13/2014 00:24:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 163436 seconds with 2640 seconds of active time. This session ended with a crash.

Error: (02/04/2014 06:31:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/04/2014 06:23:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/26/2013 07:23:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/13/2013 01:50:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88230 seconds with 2760 seconds of active time. This session ended with a crash.

Error: (07/02/2013 11:17:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 140699 seconds with 4860 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2015-01-04 20:32:54.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-04 20:32:54.087
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 38%
Total physical RAM: 7989.86 MB
Available physical RAM: 4936 MB
Total Pagefile: 15977.9 MB
Available Pagefile: 12480 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:668.03 GB) (Free:31.31 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:30.31 GB) (Free:4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (SEA_DISK) (Fixed) (Total:279.39 GB) (Free:39.1 GB) FAT32
Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 40C486BC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=668 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 279.5 GB) (Disk ID: 41B176EB)
Partition 1: (Active) - (Size=279.5 GB) - (Type=0C)

==================== End Of Log =====



waiting on search.txt to finish.....

 

[LonnieD]

Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Lonnie Dawkins at 2015-01-05 01:14:29
Running from C:\Users\Lonnie Dawkins\Desktop
Boot Mode: Normal

================== Search Files: "explorer.exe" =============

C:\Windows\explorer.exe
[2011-04-27 21:59][2011-02-25 01:19] 2871808 ____N (Microsoft Corporation) 83F5A6B88906ABBB3D954F66EF72CFD3

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-04-27 21:59][2011-02-26 00:19] 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011-04-27 21:59][2011-02-25 00:30] 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-04-04 19:52][2010-11-20 07:17] 2616320 ____A (Microsoft Corporation) 40D777B7A95E00593EB1568C68514493 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011-04-27 21:59][2011-02-26 00:51] 2614784 ____A (Microsoft Corporation) 255CF508D7CFB10E0794D6AC93280BD8 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010-10-16 14:47][2010-10-16 14:47] 2614272 ____A (Microsoft Corporation) C76153C7ECA00FA852BB0C193378F917 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010-10-16 14:44][2010-10-16 14:44] 2613248 ____A (Microsoft Corporation) 9FF6C4C91A3711C0A3B18F87B08B518D [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011-04-27 21:59][2011-02-26 00:33] 2614784 ____A (Microsoft Corporation) 2AF58D15EDC06EC6FDACCE1F19482BBF [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010-10-16 14:47][2010-10-16 14:47] 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2010-10-16 14:44][2010-10-16 14:44] 2613248 ____A (Microsoft Corporation) B95EEB0F4E5EFBF1038A35B3351CF047 [File is signed]

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009-07-13 18:41][2009-07-13 20:14] 2613248 ____A (Microsoft Corporation) 15BC38A7492BEFE831966ADB477CF76F [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011-04-27 21:59][2011-02-26 01:14] 2871808 ____A (Microsoft Corporation) 3B69712041F3D63605529BD66DC00C48 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-04-27 21:59][2011-02-25 01:19] 2871808 ____N (Microsoft Corporation) 83F5A6B88906ABBB3D954F66EF72CFD3

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011-04-04 19:52][2010-11-20 08:24] 2872320 ____A (Microsoft Corporation) AC4C51EB24AA95B77F705AB159189E24 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011-04-27 21:59][2011-02-26 01:26] 2870784 ____A (Microsoft Corporation) E38899074D4951D31B4040E994DD7C8D [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010-10-16 14:47][2010-10-16 14:47] 2870272 ____A (Microsoft Corporation) B8EC4BD49CE8F6FC457721BFC210B67F [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010-10-16 14:44][2010-10-16 14:44] 2868224 ____A (Microsoft Corporation) 700073016DAC1C3D2E7E2CE4223334B6 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011-04-27 21:59][2011-02-26 01:23] 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010-10-16 14:47][2010-10-16 14:47] 2870272 ____A (Microsoft Corporation) 9AAAEC8DAC27AA17B053E6352AD233AE [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010-10-16 14:44][2010-10-16 14:44] 2868224 ____A (Microsoft Corporation) F170B4A061C9E026437B193B4D571799 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-07-13 18:56][2009-07-13 20:39] 2868224 ____A (Microsoft Corporation) C235A51CB740E45FFA0EBFB9BAFCDA64 [File is signed]

C:\Windows\SysWOW64\explorer.exe
[2011-04-27 21:59][2011-02-25 00:30] 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E [File is signed]

C:\Windows\erdnt\cache86\explorer.exe
[2012-10-17 21:00][2011-02-25 01:19] 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3 [File is signed]

====== End Of Search ======

 

[Broni]

Uninstall Dynamo Combo and Search App by Ask.

You have some McAfee leftovers.
Run this tool to remove them: https://www.techspot.com/downloads/5392-mcafee-software-uninstaller.html

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[LonnieD]

I did this but then had to reboot. Now system will not load. It comes to a point where after the welcome a box pops up and says explorer.exe and then says class not registered.

Now I have a black screen and the box with the message.

Help!!!! Thanks

 

[Broni]

NOTE 1. Use another working computer to download Farbar Recovery Scan Tool. Use USB flash drive to transfer it from good computer to the bad one.
NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• Startup Repair
• System Restore
• Windows Complete PC Restore
• Windows Memory Diagnostic Tool
• Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Next...

Re-run FRST again.
Type the following in the edit box after "Search Files:".

explorer.exe

Click Search button and post the log (Search.txt) it makes in your reply.

I'll expect two logs:
- FRST.txt
- Search.txt

 

[Broni]

That was my mistake btw. Sorry for that

 

[LonnieD]

Running on computer now.
Am I supposed to hit the fix button too as mentioned above?

 

[LonnieD]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by SYSTEM on MININT-0M1753V on 06-01-2015 00:09:27
Running from h:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool:
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VX6000] => C:\Windows\vVX6000.exe [764784 2010-05-20] (Microsoft Corporation
)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-08-31] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2771832 2012-12-07] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-09-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\apple\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\apple\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2080 2011-04-04] ()
HKU\apple\...\RunOnce: [Adobe Speed Launcher] => 1419297354
HKU\Lonnie Dawkins\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2080 2011-04-04] ()
HKU\Lonnie Dawkins\...\Run: [CompanionLink] => c:\program files (x86)\companionlink\companionlink.exe [60107264 2013-12-12] (CompanionLink Software, Inc.)
HKU\Lonnie Dawkins 2\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-11] (Microsoft Corporation)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-09-21] (CyberLink)
S3 Droppix Service; C:\Program Files (x86)\Common Files\Droppix\DxService.exe [151552 2008-02-01] (Droppix)
S2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [455944 2010-05-14] ()
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2015-01-03] (RaMMicHaeL)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-13] (GretagMacbeth LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-03] ()
S3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2014-10-13] (Rsupport Corporation)
S3 VX6000; C:\Windows\System32\DRIVERS\VX6000Xp.sys [2143600 2010-05-20] (Microsoft Corporation
)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-05 17:56 - 2015-01-05 17:56 - 00004327 _____ () C:\Users\Lonnie Dawkins\Downloads\fixlist.txt
2015-01-05 17:17 - 2015-01-05 17:16 - 03480040 _____ (McAfee, Inc.) C:\Users\Lonnie Dawkins\Desktop\MCPR.exe
2015-01-05 17:15 - 2015-01-05 17:16 - 03480040 _____ (McAfee, Inc.) C:\Users\Lonnie Dawkins\Downloads\MCPR.exe
2015-01-05 14:07 - 2015-01-05 14:07 - 01087488 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship picture.pub
2015-01-04 23:36 - 2015-01-05 19:50 - 00000368 _____ () C:\Windows\Tasks\HPCeeScheduleForLonnie Dawkins.job
2015-01-04 23:36 - 2015-01-05 19:16 - 00003240 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLonnie Dawkins
2015-01-04 22:14 - 2015-01-04 22:45 - 00005646 _____ () C:\Users\Lonnie Dawkins\Desktop\Search.txt
2015-01-04 22:10 - 2015-01-04 22:13 - 00052966 _____ () C:\Users\Lonnie Dawkins\Desktop\Addition.txt
2015-01-04 22:02 - 2015-01-06 00:09 - 00000000 ____D () C:\FRST
2015-01-04 22:02 - 2015-01-04 22:13 - 00065494 _____ () C:\Users\Lonnie Dawkins\Desktop\FRST.txt
2015-01-04 22:00 - 2015-01-04 22:00 - 00008923 _____ () C:\Users\Lonnie Dawkins\Desktop\JRT.txt
2015-01-04 21:52 - 2015-01-04 21:51 - 02123776 _____ (Farbar) C:\Users\Lonnie Dawkins\Desktop\FRST64.exe
2015-01-04 21:51 - 2015-01-04 21:51 - 02123776 _____ (Farbar) C:\Users\Lonnie Dawkins\Downloads\FRST64.exe
2015-01-04 21:51 - 2015-01-04 21:49 - 01707939 _____ (Thisisu) C:\Users\Lonnie Dawkins\Desktop\JRT.exe
2015-01-04 21:48 - 2015-01-04 21:49 - 01707939 _____ (Thisisu) C:\Users\Lonnie Dawkins\Downloads\JRT.exe
2015-01-04 21:34 - 2015-01-04 21:37 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:31 - 2015-01-04 21:30 - 02173952 _____ () C:\Users\Lonnie Dawkins\Desktop\adwcleaner_4.106.exe
2015-01-04 21:29 - 2015-01-04 21:30 - 02173952 _____ () C:\Users\Lonnie Dawkins\Downloads\adwcleaner_4.106.exe
2015-01-04 21:23 - 2015-01-04 21:24 - 00864256 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship purple-gold.pub
2015-01-04 21:19 - 2015-01-04 21:24 - 00867840 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship-Purple.pub
2015-01-04 20:14 - 2015-01-04 20:14 - 00041053 _____ () C:\ComboFix.txt
2015-01-04 19:07 - 2015-01-04 20:14 - 00000000 ____D () C:\ComboFix
2015-01-04 19:01 - 2015-01-04 15:26 - 05609858 ____R (Swearware) C:\Users\Lonnie Dawkins\Desktop\ComboFix.exe
2015-01-04 16:09 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-04 16:09 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-04 16:09 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-04 16:09 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-04 16:09 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-04 16:09 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-04 16:09 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-04 16:09 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-04 16:08 - 2015-01-04 20:14 - 00000000 ____D () C:\Qoobox
2015-01-04 15:28 - 2015-01-04 15:28 - 00001214 _____ () C:\Users\Lonnie Dawkins\Desktop\ComboFix - Shortcut.lnk
2015-01-04 15:25 - 2015-01-04 15:26 - 05609858 ____R (Swearware) C:\Users\Lonnie Dawkins\Downloads\ComboFix.exe
2015-01-03 22:45 - 2015-01-04 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-03 22:43 - 2015-01-04 13:15 - 00000000 ____D () C:\Users\Lonnie Dawkins\Desktop\mbar
2015-01-03 22:41 - 2015-01-03 22:43 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Lonnie Dawkins\Downloads\mbar-1.08.2.1001.exe
2015-01-03 21:13 - 2015-01-03 21:13 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-03 20:59 - 2015-01-03 20:59 - 00000000 ____D () C:\Users\Lonnie Dawkins 2\AppData\Local\CrashDumps
2015-01-03 20:43 - 2015-01-03 20:44 - 15298136 _____ () C:\Users\Lonnie Dawkins 2\Downloads\RogueKiller.exe
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieUserList
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieSiteList
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 __SHD () C:\Users\Lonnie Dawkins 2\AppData\Local\EmieBrowserModeList
2015-01-03 17:31 - 2015-01-03 17:35 - 15298136 _____ () C:\Users\Lonnie Dawkins\Downloads\RogueKiller.exe
2015-01-03 17:13 - 2015-01-03 22:26 - 00035064 _____ () C:\Windows\System32\Drivers\TrueSight.sys
2015-01-03 17:13 - 2015-01-03 17:13 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-03 17:01 - 2015-01-03 17:01 - 00000979 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-03 17:01 - 2015-01-03 17:01 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-03 17:01 - 2015-01-03 17:01 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-01-03 16:58 - 2015-01-03 16:59 - 00798080 _____ ( ) C:\Users\Lonnie Dawkins\Downloads\FileOpenerSetup.exe
2015-01-03 15:41 - 2015-01-03 15:41 - 00035939 _____ () C:\Users\Lonnie Dawkins\Desktop\dds.txt
2015-01-03 15:35 - 2015-01-03 15:36 - 00688992 ____R (Swearware) C:\Users\Lonnie Dawkins\Downloads\dds.com
2015-01-03 15:35 - 2015-01-03 15:35 - 00002086 _____ () C:\Users\Lonnie Dawkins\Desktop\MBAM-dawk.txt
2015-01-03 12:45 - 2015-01-03 12:45 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\New folder (4)
2015-01-01 14:54 - 2015-01-04 21:17 - 00864256 _____ () C:\Users\Lonnie Dawkins\Documents\National Ladies Lectureship.pub
2014-12-30 14:32 - 2014-12-30 14:33 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\OICE_15_974FA576_32C1D314_155A
2014-12-30 11:48 - 2014-12-31 14:31 - 05408632 _____ () C:\Users\Lonnie Dawkins\Documents\New Year Eve 2015.pptx
2014-12-29 22:02 - 2014-12-29 22:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 21:34 - 2014-12-29 21:34 - 00003224 _____ () C:\Windows\System32\Tasks\{9C34602F-7FBA-4770-A05A-7267887739A5}
2014-12-29 21:23 - 2014-12-29 21:23 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25 (2).exe
2014-12-29 18:21 - 2015-01-01 15:05 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Montague
2014-12-28 21:40 - 2014-12-28 21:40 - 02028700 _____ () C:\Users\Lonnie Dawkins\Documents\National-Christmas-Tree-Washington-DC-2014.-ld
2014-12-28 21:15 - 2014-12-28 21:18 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141227 tree
2014-12-24 22:22 - 2014-12-24 22:24 - 31661938 _____ () C:\Users\Lonnie Dawkins\Documents\Jan Dada Birthday 75.ppsx
2014-12-24 22:02 - 2014-12-24 22:22 - 31661890 _____ () C:\Users\Lonnie Dawkins\Documents\Jan Dada Birthday.pptx
2014-12-24 16:24 - 2014-12-24 16:24 - 00001913 _____ () C:\Users\Lonnie Dawkins\Downloads\launch.jnlp
2014-12-24 16:22 - 2014-12-24 16:23 - 00001913 _____ () C:\Users\Lonnie Dawkins\Downloads\launch (1).jnlp
2014-12-22 17:15 - 2014-12-22 17:15 - 00000000 ____D () C:\Users\apple\AppData\Local\Wondershare
2014-12-22 17:14 - 2014-12-22 17:14 - 00000000 ____D () C:\Users\apple\AppData\Local\Google
2014-12-21 18:28 - 2014-12-23 21:03 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141220 Jan Dada
2014-12-21 12:11 - 2015-01-03 12:46 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141220 ASU
2014-12-17 21:14 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-12-17 21:14 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 23:56 - 2014-12-16 23:57 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25 (1).exe
2014-12-16 22:15 - 2014-06-15 22:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2014-12-16 22:15 - 2014-06-15 22:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2014-12-16 22:14 - 2014-12-16 22:14 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-12-16 22:02 - 2014-12-16 22:04 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Lonnie Dawkins\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2014-12-16 09:50 - 2014-12-16 09:50 - 01019476 _____ () C:\Users\Lonnie Dawkins\Downloads\Giclee_Canvas_Wraps.zip
2014-12-16 09:05 - 2014-12-16 09:05 - 00638888 _____ (Oracle Corporation) C:\Users\Lonnie Dawkins\Downloads\chromeinstall-8u25.exe
2014-12-15 17:13 - 2014-12-15 17:40 - 450354304 _____ () C:\Users\Lonnie Dawkins\Downloads\Backgrounds.zip
2014-12-12 16:54 - 2014-12-12 16:54 - 00002701 _____ () C:\Users\Lonnie Dawkins\Downloads\legitcheck (2).hta
2014-12-12 15:29 - 2014-12-12 15:30 - 00002701 _____ () C:\Users\Lonnie Dawkins\Downloads\legitcheck (1).hta
2014-12-10 10:53 - 2014-12-10 10:53 - 01496712 _____ () C:\Users\Lonnie Dawkins\Downloads\VzInHomeAgent (1).exe
2014-12-10 00:50 - 2014-12-10 00:50 - 00000000 ____D () C:\Windows\System32\appraiser
2014-12-10 00:13 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2014-12-10 00:13 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 00:13 - 2014-07-06 18:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2014-12-10 00:13 - 2014-07-06 18:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\System32\rrinstaller.exe
2014-12-10 00:13 - 2014-07-06 18:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\mfpmp.exe
2014-12-10 00:13 - 2014-07-06 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\mferror.dll
2014-12-10 00:13 - 2014-07-06 17:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 00:13 - 2014-07-06 17:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 00:13 - 2014-07-06 17:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 00:13 - 2014-07-06 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-12-09 14:11 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2014-12-09 14:11 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-12-09 14:11 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2014-12-09 14:11 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-12-09 14:11 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 14:11 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-12-09 14:11 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-12-09 14:11 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-12-09 14:11 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-12-09 14:11 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-12-09 14:11 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-12-09 14:11 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-12-09 14:11 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 14:11 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 14:11 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-12-09 14:11 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 14:11 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 14:11 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-12-09 14:11 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 14:11 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 14:11 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 14:11 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 14:11 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 14:11 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-12-09 14:11 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-12-09 14:11 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 14:11 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 14:11 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 14:11 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 14:11 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 14:11 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 14:11 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-12-09 14:11 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 14:11 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 14:11 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 14:11 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-12-09 14:11 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 14:11 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2014-12-09 14:10 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-12-09 14:10 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-12-09 14:10 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-12-09 14:10 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-12-09 14:10 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-12-09 14:10 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-12-09 14:10 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-12-09 14:10 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-12-09 14:10 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-12-09 14:10 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-12-09 14:10 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-12-09 14:10 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 14:10 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 14:10 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-12-09 14:10 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-12-09 14:10 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-12-09 14:10 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 14:10 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 14:10 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-12-09 14:10 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 14:10 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-12-09 14:10 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 14:09 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-12-09 14:09 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 14:09 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\System32\charmap.exe
2014-12-09 14:09 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 14:09 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2014-12-09 14:09 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-09 14:09 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2014-12-09 14:09 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2014-12-09 14:09 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2014-12-09 14:09 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 14:09 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 14:09 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 14:09 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 14:09 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 12:07 - 2014-12-09 12:07 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-07 21:53 - 2014-12-08 04:26 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141207 ASALH
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-05 21:05 - 2012-06-30 10:26 - 00327680 _____ () C:\Windows\System32\Ikeext.etl
2015-01-05 21:05 - 2011-08-19 18:21 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001UA.job
2015-01-05 21:04 - 2012-10-16 09:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 21:03 - 2012-10-27 04:00 - 00054183 _____ () C:\Windows\setupact.log
2015-01-05 21:03 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 20:42 - 2010-10-25 00:34 - 01520913 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 20:08 - 2012-10-16 09:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 20:07 - 2013-09-10 11:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-05 20:00 - 2014-06-19 06:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-01-05 19:59 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 19:59 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 19:35 - 2013-12-19 06:56 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8FE8CEEF-0557-47BB-9053-A29E91128083}
2015-01-05 18:06 - 2011-04-04 17:31 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\ZumoDrive
2015-01-05 18:02 - 2011-04-01 14:59 - 00000000 ____D () C:\users\Lonnie Dawkins
2015-01-05 17:52 - 2011-04-02 11:44 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Local\Adobe
2015-01-05 17:30 - 2012-10-27 04:00 - 00267612 _____ () C:\Windows\PFRO.log
2015-01-05 14:00 - 2013-08-17 10:27 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\beltway fb pics
2015-01-04 23:35 - 2011-04-02 12:20 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Local\CrashDumps
2015-01-04 20:23 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2015-01-04 20:07 - 2012-10-17 17:31 - 00000000 ____D () C:\Windows\erdnt
2015-01-04 20:07 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-04 15:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\security
2015-01-04 15:05 - 2011-08-19 18:21 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4019326579-3645861894-181193703-1001Core.job
2015-01-03 22:43 - 2014-06-19 06:16 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-01-03 20:28 - 2012-08-14 13:50 - 00000000 ____D () C:\Windows\pss
2015-01-03 15:41 - 2013-04-16 06:42 - 00019485 _____ () C:\Users\Lonnie Dawkins\Desktop\attach.txt
2015-01-03 12:40 - 2011-04-02 09:10 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-03 12:39 - 2011-10-22 18:24 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-02 22:49 - 2013-03-31 03:39 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\march 31
2014-12-31 14:14 - 2011-12-07 13:26 - 00000132 _____ () C:\Users\Lonnie Dawkins\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-30 23:09 - 2014-10-02 16:16 - 00000000 ____D () C:\Users\Lonnie Dawkins\.BayPhoto
2014-12-30 15:03 - 2014-10-02 16:15 - 00002487 _____ () C:\Users\Lonnie Dawkins\Desktop\Bay Photo.lnk
2014-12-30 09:18 - 2014-08-04 07:57 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Annie Davis
2014-12-29 23:37 - 2014-05-27 05:01 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\ld website
2014-12-29 23:37 - 2013-09-27 11:47 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\EasyRotatorPreview
2014-12-29 22:02 - 2014-10-02 16:03 - 00002481 _____ () C:\Users\Lonnie Dawkins\Desktop\Bay Photo Emerge.lnk
2014-12-29 22:02 - 2014-01-23 07:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 22:00 - 2010-10-16 11:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-29 18:41 - 2014-01-27 10:21 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\Stan
2014-12-27 07:24 - 2012-11-06 20:27 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLONNIEDAWKINS$
2014-12-27 07:24 - 2012-11-06 20:27 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForLONNIEDAWKINS$.job
2014-12-23 21:41 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\141127 Shephard
2014-12-22 17:15 - 2011-04-19 07:30 - 00000000 ____D () C:\Users\apple\AppData\Roaming\Adobe
2014-12-22 17:15 - 2011-04-19 07:30 - 00000000 ____D () C:\Users\apple\AppData\Local\Adobe
2014-12-22 17:14 - 2011-04-19 07:31 - 00139776 _____ () C:\Users\apple\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-21 19:04 - 2014-09-21 23:07 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140921 area wide
2014-12-21 19:04 - 2014-04-26 17:40 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140420 Church Breakfast
2014-12-21 19:03 - 2014-03-08 19:50 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140308 Price
2014-12-21 19:03 - 2014-02-15 12:20 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140215 Game
2014-12-21 19:02 - 2014-02-01 17:26 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140131 hawthorne
2014-12-20 08:42 - 2011-04-02 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-20 08:37 - 2014-09-16 10:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-19 21:20 - 2009-07-13 21:08 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-19 21:04 - 2009-07-13 20:45 - 05442680 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-12-18 12:23 - 2011-04-01 15:06 - 00139776 _____ () C:\Users\Lonnie Dawkins\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-18 10:48 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-18 07:28 - 2010-10-16 11:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-17 23:09 - 2011-04-02 16:15 - 00000000 ____D () C:\Program Files\Adobe
2014-12-17 23:09 - 2011-04-02 16:13 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-17 23:09 - 2011-04-01 15:08 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\Adobe
2014-12-17 00:05 - 2014-08-19 12:18 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-17 00:05 - 2014-08-19 12:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-17 00:05 - 2014-08-19 12:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-16 11:47 - 2014-03-10 10:40 - 00000000 ____D () C:\Users\Lonnie Dawkins\.BayPhotoEmerge
2014-12-15 18:53 - 2007-07-06 00:56 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\__MACOSX
2014-12-14 00:04 - 2013-03-13 23:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-14 00:04 - 2013-03-13 23:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 23:15 - 2014-03-21 06:02 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\140320 Seat Pleasant
2014-12-13 23:13 - 2013-12-07 21:43 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\131207 Jones
2014-12-11 12:52 - 2014-10-21 02:57 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 10:59 - 2014-07-31 08:15 - 00001149 _____ () C:\Users\Public\Desktop\Vz In-Home Agent.lnk
2014-12-10 10:59 - 2014-07-31 08:14 - 00001765 _____ () C:\Users\Lonnie Dawkins\Install-VzInHomeAgentLog.log
2014-12-10 10:59 - 2011-08-04 19:30 - 00000000 ____D () C:\Users\Lonnie Dawkins\AppData\Roaming\Verizon
2014-12-10 10:29 - 2014-06-19 06:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-10 10:29 - 2014-06-19 06:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-10 00:50 - 2014-04-28 12:25 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-12-10 00:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 00:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 00:30 - 2013-07-16 23:01 - 00000000 ____D () C:\Windows\System32\MRT
2014-12-10 00:18 - 2011-04-04 17:01 - 112710672 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-12-09 12:08 - 2013-09-10 11:52 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 12:08 - 2013-09-10 11:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 12:08 - 2013-09-10 11:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 10:06 - 2014-08-28 14:01 - 00000000 ____D () C:\Users\Lonnie Dawkins\Documents\aunt jean
==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2011-04-27 18:59] - [2011-02-25 21:19] - 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-12-22 00:02:14
Restore point made on: 2014-12-25 18:36:16
Restore point made on: 2014-12-28 19:33:41
Restore point made on: 2014-12-29 10:33:20
Restore point made on: 2014-12-29 11:56:03
Restore point made on: 2014-12-29 12:13:04
Restore point made on: 2014-12-29 20:50:03
Restore point made on: 2015-01-02 08:03:41
Restore point made on: 2015-01-03 22:16:17
Restore point made on: 2015-01-04 13:14:33
Restore point made on: 2015-01-04 16:03:16
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 7989.86 MB
Available physical RAM: 7029.67 MB
Total Pagefile: 7988.01 MB
Available Pagefile: 7022.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:668.03 GB) (Free:31.2 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:30.31 GB) (Free:4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
Drive h: (KINGSTON) (Removable) (Total:7.22 GB) (Free:7.21 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 40C486BC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=668 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C)

LastRegBack: 2014-12-18 09:26
==================== End Of Log ============================

Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by SYSTEM at 2015-01-06 00:12:35
Running from h:\
Boot Mode: Recovery
================== Search Files: "explorer.exe" =============
C:\Windows\explorer.exe
[2011-04-27 18:59][2011-02-25 21:19] 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-04-27 18:59][2011-02-25 21:19] 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011-04-27 18:59][2011-02-24 21:30] 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-04-04 16:52][2010-11-20 04:17] 2616320 ____A (Microsoft Corporation) 40D777B7A95E00593EB1568C68514493
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011-04-27 18:59][2011-02-25 21:51] 2614784 ____A (Microsoft Corporation) 255CF508D7CFB10E0794D6AC93280BD8
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010-10-16 11:47][2010-10-16 11:47] 2614272 ____A (Microsoft Corporation) C76153C7ECA00FA852BB0C193378F917
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010-10-16 11:44][2010-10-16 11:44] 2613248 ____A (Microsoft Corporation) 9FF6C4C91A3711C0A3B18F87B08B518D
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011-04-27 18:59][2011-02-25 21:33] 2614784 ____A (Microsoft Corporation) 2AF58D15EDC06EC6FDACCE1F19482BBF
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010-10-16 11:47][2010-10-16 11:47] 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2010-10-16 11:44][2010-10-16 11:44] 2613248 ____A (Microsoft Corporation) B95EEB0F4E5EFBF1038A35B3351CF047
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009-07-13 15:41][2009-07-13 17:14] 2613248 ____A (Microsoft Corporation) 15BC38A7492BEFE831966ADB477CF76F
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011-04-27 18:59][2011-02-25 22:14] 2871808 ____A (Microsoft Corporation) 3B69712041F3D63605529BD66DC00C48
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-04-27 18:59][2011-02-24 22:19] 2871808 ____A (Microsoft Corporation) 83F5A6B88906ABBB3D954F66EF72CFD3
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011-04-04 16:52][2010-11-20 05:24] 2872320 ____A (Microsoft Corporation) AC4C51EB24AA95B77F705AB159189E24
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011-04-27 18:59][2011-02-25 22:26] 2870784 ____A (Microsoft Corporation) E38899074D4951D31B4040E994DD7C8D
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010-10-16 11:47][2010-10-16 11:47] 2870272 ____A (Microsoft Corporation) B8EC4BD49CE8F6FC457721BFC210B67F
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010-10-16 11:44][2010-10-16 11:44] 2868224 ____A (Microsoft Corporation) 700073016DAC1C3D2E7E2CE4223334B6
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011-04-27 18:59][2011-02-25 22:23] 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010-10-16 11:47][2010-10-16 11:47] 2870272 ____A (Microsoft Corporation) 9AAAEC8DAC27AA17B053E6352AD233AE
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010-10-16 11:44][2010-10-16 11:44] 2868224 ____A (Microsoft Corporation) F170B4A061C9E026437B193B4D571799
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-07-13 15:56][2009-07-13 17:39] 2868224 ____A (Microsoft Corporation) C235A51CB740E45FFA0EBFB9BAFCDA64
C:\Windows\SysWOW64\explorer.exe
[2011-04-27 18:59][2011-02-24 21:30] 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E
C:\Windows\erdnt\cache86\explorer.exe
[2012-10-17 18:00][2011-02-24 22:19] 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3
====== End Of Search ======

 

[LonnieD]

Btw, I did not press the fix button

 

[Broni]

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7/8: Now please enter System Recovery Options.
On Windows XP: Now please boot into the OTLPE CD.
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if you can boot normally.

 

[LonnieD]

Yes, I can boot normally!!!!!!! Thank!!!!


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2015
Ran by SYSTEM at 2015-01-06 14:00:53 Run:2
Running from h:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
Replace: C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe C:\Windows\explorer.exe
*****************

C:\Windows\explorer.exe => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe copied successfully to C:\Windows\explorer.exe

==== End of Fixlog 14:00:54 ====

 

[Broni]

Very good
As I said it happened because of my mistake.

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program

 

[LonnieD]

Sophos Free Virus Removal Tool seems to be taking forever. Been about 5 hours. It's scanning but the green has barely moved on the bar. Looks like it will take days. I hope that is normal.