• Welcome Guest, to the Spybot Forums! It's 2025, and we just upgraded our forum software.

    Today is Safer Internet Day, and with our new forum, you can finally use passkeys to login. That was about time!

    Of course, you could ask if a forum is still useful, with so many social media networks out there where you might already have an account, and met a lot of users. You can now use your login from some of those networks to log in here. And by posting here, your question and data is stored on our servers and not automatically shared with a whole social media network.

    We'll also start using the forum for small bits of information, announcements and more again.

How do I remove Conduit and Adchoices on my Window 7 64-Bit Laptop for good

Status
Not open for further replies.
C

chucka52

New member
I can't figure out how to remove Conduit & Adchoices for good... I have googled and followed the directions given on how to remove them in IE FireFox and Chrome. It works for a while usually but, they both keep coming back?
 
Hi chucka52,

My name is OCD. I would be more than happy to help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Security Check

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================

aswMBR

Download aswMBR.exe and save it to your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
=========================
Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply
=========================

In your next post please provide the following:
  • checkup.txt
  • aswMBR.txt
  • attach MBR.zip
  • FRST.txt
  • Addition.txt
 
OCD I Need your Help

Hi OCD,
I followed your directions. But When I tried to copy & paste everything to this page nothing paste to this page? What I am doing wrong?

Thank you for your help

Best Regards, Chuck
 
Hi chucka52,

I'm unsure what you are doing wrong, try these directions:

How to post the requested logs, please do the following:
  • Locate each of the requested logs (they should be saved to your desktop)
  • In this thread locate the "Reply to Thread" button and click it.
  • Open each log (one at a time) and Copy & Paste (Ctrl+C and Ctrl+V) them in the window provided.
  • If you encounter a problem where the post is too large, separate the logs into multiple posts.
  • Locate the "Submit Reply" button at the bottom of the page, and click it.
  • You have just posted your logs for review.
 
Results of screen317's Security Check version 0.99.80
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
SlimCleaner
Java 7 Update 51
Adobe Flash Player 12.0.0.70
Adobe Reader 9
Adobe Reader XI
Mozilla Firefox (27.0.1)
Google Chrome 33.0.1750.117
Google Chrome 33.0.1750.146
Google Chrome Plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2014 01
Ran by Chuck New_2 at 2014-03-05 17:25:16
Running from C:\Users\Chuck New_2\Desktop\PC Protection Software Download Folder
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Scan to PDF Free 3.9.2 (HKLM-x32\...\Advanced Scan to PDF Free_is1) (Version: - PDFChief Co., Ltd.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.23 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4259 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.0.1.12 - AVG Technologies)
BatteryCare 0.9.15.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.15.0 - Filipe Lourenço)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
Brother MFL-Pro Suite DCP-7020 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version: 3.11 - NCH Software)
DisplayLink Core Software (HKLM\...\{29E6A126-BB06-41CF-B12D-E6A56261328D}) (Version: 5.6.31854.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{A5836294-D90E-40BC-BF33-BA3751FB134B}) (Version: 5.6.32670.0 - DisplayLink Corp.)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Elevated Installer (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version: - )
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.68 - NCH Software)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.1.24.0 - ) <==== ATTENTION
Free File Viewer 2012 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2012.10.9.0 - Bitberry Software)
Free YouTube to MP3 TURBO Converter 2013 (HKLM-x32\...\FreeYoutubeToMP3TURBOConverter_is1) (Version: - Bitberry Software)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{ed2d2e4a-3be7-450b-9c1b-fa727ae92d91}) (Version: 2.2.7 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
Infix PDF Editor version 6.1.5.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.1.5.0 - Iceni Technology)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster_is1) (Version: 3.3 - Smart Projects)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - )
Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7252 - Memeo Inc.)
Memeo Send (HKLM-x32\...\{81784157-3D4D-4bc1-B988-B24C32A26DA8}) (Version: - Memeo Inc.)
Memeo Share (HKLM-x32\...\{1BC77CEF-C52F-4092-BF87-0D4E6B86D860}) (Version: 3.1.0.3265 - Memeo Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nitro Reader 3 (HKLM\...\{3C1F302A-CC25-488D-9C24-A76B95BC916F}) (Version: 3.0.6.3 - Nitro)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
pdfforge Images2PDF 0.9.6.930 (HKLM\...\{00120495-F25C-4F44-9DC7-2D812D025DBA}) (Version: 0.9.6.930 - pdfforge GbR)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 2.42 - NCH Software)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 2.34 - NCH Software)
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 2.72 - NCH Software)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scanner Copier GPL 0.3 (HKLM-x32\...\Scanner Copier GPL) (Version: 0.3 - Tide Tamer Industries, Inc.)
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Slacker Software Player (HKLM-x32\...\Slacker Software Player) (Version: 2.1.2370.0000 - Slacker)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Universal Push2TV HD (HKLM-x32\...\InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}) (Version: 14.2.135.10 - NETGEAR)
Universal Push2TV HD (Version: 14.2.135.10 - NETGEAR) Hidden
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.29 - NCH Software)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.55 - NCH Software)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4100 - Broadcom Corporation)
WIFi Locator version 1.1 (HKLM-x32\...\{80A11778-F86C-4DB2-9DB5-D5B886BEFD05}_is1) (Version: 1.1 - http://tcpmonitor.altervista.org/)
WiFi Protector (HKLM\...\wifiProt-SL_is1) (Version: 3.0.20.138 - Optimal Software s.r.o)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS)

==================== Restore Points =========================

01-03-2014 07:24:06 Windows Live Essentials
01-03-2014 07:28:26 Installed DirectX
01-03-2014 07:29:03 Installed DirectX
01-03-2014 21:31:02 Installed Easy WiFi
01-03-2014 22:12:46 Microsoft Antimalware Checkpoint
02-03-2014 17:22:45 Windows Update
04-03-2014 15:22:34 Removed Easy WiFi
04-03-2014 15:24:40 Removed Easy WiFi
04-03-2014 15:26:44 Removed System Requirements Lab for Intel
05-03-2014 20:02:02 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2014-02-27 03:34 - 00450639 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {002CCC08-ABC5-4BA1-A925-3DEF58955136} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {010EBD91-5BFA-4C27-BC7C-5316630E68F0} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: <Company name>)
Task: {022767FB-C596-46D5-880A-B54A81C187E9} - System32\Tasks\NCH Software\PhotoStageSevenDays => C:\Program Files (x86)\NCH Software\PhotoStage\PhotoStage.exe [2014-01-22] (NCH Software)
Task: {0477A8B6-AD60-4244-8AEA-9EB618BCF6C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {17394133-2AFA-4066-9A9C-707DDF5FBBBC} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {18A518B2-8B06-4353-A5A2-BD16E22E0AAF} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-04] ()
Task: {20C0476D-78B0-4345-BE74-5383E3A13EDC} - System32\Tasks\{EDD0ED8C-EA30-4B4C-8F0F-BC7C2CCE8930} => Chrome.exe http://ui.skype.com/ui/0/6.7.60.102/en/abandoninstall?page=tsMain
Task: {2A2B80FD-4C63-4A54-A511-78AD15D63EEC} - System32\Tasks\{00C73705-0303-4247-B539-7F2C5F566AC2} => C:\Users\Chuck New\Downloads\Brothers DCP-7020 Print- Scanner Tool to Uninstall Old Software Ver Ddelinf_10160.EXE
Task: {3187541D-C9E2-4E54-AD7F-B61AFFF1CFAB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK)
Task: {34814613-A688-4B51-A55B-258AB12F0934} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25] (Google Inc.)
Task: {37101C5A-D0EF-4EAC-9406-78D1FE616385} - System32\Tasks\SlimCleaner Scan => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {4AC1C553-D1E5-43E8-ABCF-88FDBDA55DFB} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {4F20B733-7C45-4231-A603-04358685FE1D} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2014-02-04] ( ) <==== ATTENTION
Task: {52734F5C-C1D4-4732-8F66-8704EF94AA1F} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {581E9CCC-468E-4ABC-9905-82279626C8F9} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {5A3CD8DB-611F-4A2C-8471-957540233739} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {7CDEC153-BAA6-42B6-A271-F3F134E11AE5} - System32\Tasks\BatteryCareAuto => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2013-10-28] (Filipe Lourenço)
Task: {8ECF16D1-C01F-4CA5-848A-7772849C1431} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {8F9A51C8-24DD-4A4A-BE82-C5E8AC1A69EF} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2014-01-24] (Trusted Software ApS) <==== ATTENTION
Task: {923FDE67-194B-4C3A-B0FD-A7615C67FCE6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-27] (Facebook Inc.)
Task: {958F49D8-EA74-4FA4-945E-A346BFB6FBCF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {9CD022FC-5F1E-4D12-9603-CAB9A069B4D3} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software)
Task: {A3B10D9B-B46E-40B2-8B5F-077BBFD56A1E} - System32\Tasks\SpeedyPC Pro_sch_31962B5C-7D33-11E3-BED2-485B39E79C28 => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe
Task: {B263D4D7-2D25-45D8-8CED-B98E7DABE0BE} - System32\Tasks\Google Updater and Installer => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {BB74B64F-76CE-4968-AAF1-00BEF454B52D} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {BEF2D0CB-92F5-41A2-AE5C-D9F87EA75ACD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C00F94DD-C620-4381-A70B-394FCA2004CE} - System32\Tasks\{15225D4F-88F4-489D-812D-24A3BB55A5F9} => C:\Users\Chuck New\Downloads\Brothers DCP-7020 Print- Scanner Tool to Uninstall Old Software Ver Ddelinf_10160.EXE
Task: {C0AA91DF-C1B0-4295-A775-2211D67F63B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {C3C9AFEA-7EE5-4825-9C74-4F24E6BD00F1} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {D16194A0-4CD2-4D40-8DEC-87F42E6FDB59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25] (Google Inc.)
Task: {D2F7E1B1-DDC7-47FB-92A5-599E548ED2E0} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2014-01-22] (NCH Software)
Task: {DA93948C-0D05-4977-8A42-9F2D97D59C06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-27] (Facebook Inc.)
Task: {E4642D92-16F2-4CB9-A8E6-61C82C3A7889} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {EADAAC26-5C8E-44F4-9C49-B41E5DF83E9F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {F11D5440-2D72-4BB1-963E-ACD9CDE6CA39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {F4A60049-4F85-4701-9DD5-343FB0FE71F0} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {FDBE611F-7FEF-45E5-AFFF-7D826C630903} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core.job => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA.job => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core.job => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA.job => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimCleaner Scan.job => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe
Task: C:\Windows\Tasks\SpeedyPC Pro_sch_31962B5C-7D33-11E3-BED2-485B39E79C28.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe

==================== Loaded Modules (whitelisted) =============

2011-08-09 13:28 - 2011-08-09 13:28 - 00032576 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Association\ResourceDll.dll
2009-08-28 18:00 - 2009-08-28 18:00 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-08-28 14:43 - 2009-08-28 14:43 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-04 16:43 - 2010-01-04 16:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-28 16:59 - 2011-06-28 16:59 - 00056800 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\CompInfo.dll
2011-08-09 13:28 - 2011-08-09 13:28 - 00107328 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\WUSBResource.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 00323808 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2013-11-18 14:05 - 2013-04-22 10:46 - 01054320 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2014-02-27 01:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-27 01:18 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-27 01:18 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-27 01:18 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-27 01:18 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-02-07 20:05 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 02887904 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 00025824 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 17:59 - 2010-03-22 17:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2010-02-23 14:14 - 2010-02-23 14:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-23 14:14 - 2010-02-23 14:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 14:11 - 2010-02-23 14:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 14:12 - 2010-02-23 14:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 14:14 - 2010-02-23 14:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2013-09-20 12:50 - 2013-09-20 12:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Chuck New_2\Downloads\2009 Honda Accord EX-L.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: btwdins => 3
MSCONFIG\Services: CableAssociation => 2
MSCONFIG\Services: CouponXplorer_5zService => 2
MSCONFIG\Services: DisplayLinkService => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: FreemakeVideoCapture => 2
MSCONFIG\Services: Garmin Core Update Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroReaderDriverReadSpool3 => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: SeagateDashboardService => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Slacker Portable Service => 2
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TelevisionFanaticService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Update lucky leap => 2
MSCONFIG\Services: vToolbarUpdater17.0.12 => 2
MSCONFIG\Services: wifiProtService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chuck^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: D4B72B26CB6875D709FF04D0DB2FBE43355516F8._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Player\DelayPluginI.exe
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: ETDWare => C:\Program Files\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: InboxToolbar => "C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Memeo Send => C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe --silent
MSCONFIG\startupreg: NTRedirect => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Chuck\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader => C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
MSCONFIG\startupreg: TelevisionFanatic Home Page Guard 64 bit => "C:\PROGRA~2\TELEVI~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: TelevisionFanatic Search Scope Monitor => "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Universal Push2TV HD Manager => "C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\Universal Push2TV HD Manager.exe"
MSCONFIG\startupreg: VivoxHDN => "C:\Users\Chuck\AppData\Local\Vivox\HDN\Current\Vivox.HDN.Up.exe" /d
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Faulty Device Manager Devices =============

Name: PdaNet Modem
Description: PdaNet Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: JuneFabrics
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SPH-L710 Stevo's
Description: SPH-L710
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 590Plantronics (Mono Audio)
Description: Bluetooth Hands-free Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CSR plc
Service: BthAudioHF
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2014 03:02:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {07217973-115e-4909-b2f7-3f33210f1295}

Error: (03/05/2014 02:51:11 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2014 02:37:53 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27054. CA_Error27054: SetupAction(0xC0070091): Installation failed.

Error: (03/05/2014 00:24:42 AM) (Source: Application Hang) (User: )
Description: The program soffice.bin version 4.0.9714.500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6ec

Start Time: 01cf3830a73aec2f

Termination Time: 8

Application Path: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Report Id:

Error: (03/04/2014 09:18:19 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/04/2014 10:26:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:24:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:22:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:12:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: PdaNetPC.exe, version: 0.0.0.0, time stamp: 0x51754ca7
Faulting module name: PdaNetPC.exe, version: 0.0.0.0, time stamp: 0x51754ca7
Exception code: 0x40000015
Fault offset: 0x0003834e
Faulting process id: 0x1004
Faulting application start time: 0xPdaNetPC.exe0
Faulting application path: PdaNetPC.exe1
Faulting module path: PdaNetPC.exe2
Report Id: PdaNetPC.exe3

Error: (03/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (03/05/2014 04:33:31 PM) (Source: Service Control Manager) (User: )
Description: The Printer Control service terminated unexpectedly. It has done this 1 time(s).

Error: (03/05/2014 02:51:11 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/05/2014 02:50:45 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/05/2014 02:47:34 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/04/2014 09:18:19 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/04/2014 09:17:57 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/04/2014 09:17:46 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:49:33 PM on ‎3/‎4/‎2014 was unexpected.

Error: (03/02/2014 11:25:11 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/02/2014 11:24:58 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/02/2014 11:23:52 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:21:44 PM on ‎3/‎2/‎2014 was unexpected.


Microsoft Office Sessions:
=========================
Error: (03/05/2014 03:02:02 PM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {07217973-115e-4909-b2f7-3f33210f1295}

Error: (03/05/2014 02:51:11 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2014 02:37:53 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27054. CA_Error27054: SetupAction(0xC0070091): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 00:24:42 AM) (Source: Application Hang)(User: )
Description: soffice.bin4.0.9714.5006ec01cf3830a73aec2f8C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Error: (03/04/2014 09:18:19 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/04/2014 10:26:44 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:24:40 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:22:34 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:12:08 AM) (Source: Application Error)(User: )
Description: PdaNetPC.exe0.0.0.051754ca7PdaNetPC.exe0.0.0.051754ca7400000150003834e100401cf3698b4c96424C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exeC:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe59bf7dcb-a3af-11e3-a0d8-485b39e79c28

Error: (03/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 3884.55 MB
Available physical RAM: 1061.25 MB
Total Pagefile: 7767.27 MB
Available Pagefile: 4686.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:278.55 GB) (Free:194.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: D59D3FD7)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Hi chucka52,

Multiple Anti-Virus Programs Installed

I notice that you have multiple Anti-Virus programs installed at the same time. Having more than one antivirus program running at the same time can seriously degrade the performance of your system.

  • AVG AntiVirus Free Edition 2014
  • Microsoft Security Essentials

Please uninstall one (1) (which ever you prefer) using either the provided uninstall feature that is part of the antivirus program or through Add/Remove Programs (for Vista and Win 7 users to go to Programs and Features in the Control Panel). As a rule of thumb one should run one firewall, one antivirus program in memory, and one anti-spyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.

  • AVG AntiVirus Free Edition 2014
  • Microsoft Security Essentials
=========================

You seem to have overlooked a few logs:

  1. aswMBR.txt
  2. attach MBR.zip
  3. FRST.txt
 
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-07 19:52:06
-----------------------------
19:52:06.307 OS Version: Windows x64 6.1.7601 Service Pack 1
19:52:06.307 Number of processors: 4 586 0x2505
19:52:06.308 ComputerName: STEVO-PC UserName:
19:52:09.638 Initialize success
19:52:42.785 AVAST engine defs: 14030600
19:52:54.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:52:54.537 Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
19:52:54.708 Disk 0 MBR read successfully
19:52:54.711 Disk 0 MBR scan
19:52:54.736 Disk 0 Windows XP default MBR code
19:52:54.740 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 20002 MB offset 63
19:52:54.763 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 285240 MB offset 40965752
19:52:54.969 Disk 0 scanning C:\Windows\system32\drivers
19:53:20.456 Service scanning
19:54:27.470 Modules scanning
19:54:27.485 Disk 0 trace - called modules:
19:54:27.534 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:54:27.544 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c9c060]
19:54:27.568 3 CLASSPNP.SYS[fffff88001ac743f] -> nt!IofCallDriver -> [0xfffffa80049fd630]
19:54:27.578 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a04050]
19:54:29.874 AVAST engine scan C:\Windows
19:54:36.234 AVAST engine scan C:\Windows\system32
20:02:34.071 AVAST engine scan C:\Windows\system32\drivers
20:03:17.961 AVAST engine scan C:\Users\Chuck New_2
20:04:54.779 Disk 0 MBR has been saved successfully to "C:\Users\Chuck New_2\Desktop\MBR.dat"
20:04:54.793 The log file has been saved successfully to "C:\Users\Chuck New_2\Desktop\aswMBR.txt"
 

Attachments

First hlaf of Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2014 01
Ran by Chuck New_2 at 2014-03-05 17:25:16
Running from C:\Users\Chuck New_2\Desktop\PC Protection Software Download Folder
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Scan to PDF Free 3.9.2 (HKLM-x32\...\Advanced Scan to PDF Free_is1) (Version: - PDFChief Co., Ltd.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.23 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4259 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.0.1.12 - AVG Technologies)
BatteryCare 0.9.15.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.15.0 - Filipe Lourenço)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
Brother MFL-Pro Suite DCP-7020 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version: 3.11 - NCH Software)
DisplayLink Core Software (HKLM\...\{29E6A126-BB06-41CF-B12D-E6A56261328D}) (Version: 5.6.31854.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{A5836294-D90E-40BC-BF33-BA3751FB134B}) (Version: 5.6.32670.0 - DisplayLink Corp.)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Elevated Installer (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version: - )
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.68 - NCH Software)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.1.24.0 - ) <==== ATTENTION
Free File Viewer 2012 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2012.10.9.0 - Bitberry Software)
Free YouTube to MP3 TURBO Converter 2013 (HKLM-x32\...\FreeYoutubeToMP3TURBOConverter_is1) (Version: - Bitberry Software)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{ed2d2e4a-3be7-450b-9c1b-fa727ae92d91}) (Version: 2.2.7 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.7 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
Infix PDF Editor version 6.1.5.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.1.5.0 - Iceni Technology)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster_is1) (Version: 3.3 - Smart Projects)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - )
Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7252 - Memeo Inc.)
Memeo Send (HKLM-x32\...\{81784157-3D4D-4bc1-B988-B24C32A26DA8}) (Version: - Memeo Inc.)
Memeo Share (HKLM-x32\...\{1BC77CEF-C52F-4092-BF87-0D4E6B86D860}) (Version: 3.1.0.3265 - Memeo Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nitro Reader 3 (HKLM\...\{3C1F302A-CC25-488D-9C24-A76B95BC916F}) (Version: 3.0.6.3 - Nitro)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
pdfforge Images2PDF 0.9.6.930 (HKLM\...\{00120495-F25C-4F44-9DC7-2D812D025DBA}) (Version: 0.9.6.930 - pdfforge GbR)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 2.42 - NCH Software)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 2.34 - NCH Software)
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 2.72 - NCH Software)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scanner Copier GPL 0.3 (HKLM-x32\...\Scanner Copier GPL) (Version: 0.3 - Tide Tamer Industries, Inc.)
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Slacker Software Player (HKLM-x32\...\Slacker Software Player) (Version: 2.1.2370.0000 - Slacker)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Universal Push2TV HD (HKLM-x32\...\InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}) (Version: 14.2.135.10 - NETGEAR)
Universal Push2TV HD (Version: 14.2.135.10 - NETGEAR) Hidden
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.29 - NCH Software)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.55 - NCH Software)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4100 - Broadcom Corporation)
WIFi Locator version 1.1 (HKLM-x32\...\{80A11778-F86C-4DB2-9DB5-D5B886BEFD05}_is1) (Version: 1.1 - http://tcpmonitor.altervista.org/)
WiFi Protector (HKLM\...\wifiProt-SL_is1) (Version: 3.0.20.138 - Optimal Software s.r.o)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS)

==================== Restore Points =========================

01-03-2014 07:24:06 Windows Live Essentials
01-03-2014 07:28:26 Installed DirectX
01-03-2014 07:29:03 Installed DirectX
01-03-2014 21:31:02 Installed Easy WiFi
01-03-2014 22:12:46 Microsoft Antimalware Checkpoint
02-03-2014 17:22:45 Windows Update
04-03-2014 15:22:34 Removed Easy WiFi
04-03-2014 15:24:40 Removed Easy WiFi
04-03-2014 15:26:44 Removed System Requirements Lab for Intel
05-03-2014 20:02:02 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2014-02-27 03:34 - 00450639 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {002CCC08-ABC5-4BA1-A925-3DEF58955136} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {010EBD91-5BFA-4C27-BC7C-5316630E68F0} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: <Company name>)
Task: {022767FB-C596-46D5-880A-B54A81C187E9} - System32\Tasks\NCH Software\PhotoStageSevenDays => C:\Program Files (x86)\NCH Software\PhotoStage\PhotoStage.exe [2014-01-22] (NCH Software)
Task: {0477A8B6-AD60-4244-8AEA-9EB618BCF6C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {17394133-2AFA-4066-9A9C-707DDF5FBBBC} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {18A518B2-8B06-4353-A5A2-BD16E22E0AAF} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-04] ()
Task: {20C0476D-78B0-4345-BE74-5383E3A13EDC} - System32\Tasks\{EDD0ED8C-EA30-4B4C-8F0F-BC7C2CCE8930} => Chrome.exe http://ui.skype.com/ui/0/6.7.60.102/en/abandoninstall?page=tsMain
Task: {2A2B80FD-4C63-4A54-A511-78AD15D63EEC} - System32\Tasks\{00C73705-0303-4247-B539-7F2C5F566AC2} => C:\Users\Chuck New\Downloads\Brothers DCP-7020 Print- Scanner Tool to Uninstall Old Software Ver Ddelinf_10160.EXE
Task: {3187541D-C9E2-4E54-AD7F-B61AFFF1CFAB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK)
Task: {34814613-A688-4B51-A55B-258AB12F0934} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25] (Google Inc.)
Task: {37101C5A-D0EF-4EAC-9406-78D1FE616385} - System32\Tasks\SlimCleaner Scan => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {4AC1C553-D1E5-43E8-ABCF-88FDBDA55DFB} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {4F20B733-7C45-4231-A603-04358685FE1D} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2014-02-04] ( ) <==== ATTENTION
Task: {52734F5C-C1D4-4732-8F66-8704EF94AA1F} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {581E9CCC-468E-4ABC-9905-82279626C8F9} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {5A3CD8DB-611F-4A2C-8471-957540233739} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {7CDEC153-BAA6-42B6-A271-F3F134E11AE5} - System32\Tasks\BatteryCareAuto => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2013-10-28] (Filipe Lourenço)
Task: {8ECF16D1-C01F-4CA5-848A-7772849C1431} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {8F9A51C8-24DD-4A4A-BE82-C5E8AC1A69EF} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2014-01-24] (Trusted Software ApS) <==== ATTENTION
Task: {923FDE67-194B-4C3A-B0FD-A7615C67FCE6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-27] (Facebook Inc.)
Task: {958F49D8-EA74-4FA4-945E-A346BFB6FBCF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {9CD022FC-5F1E-4D12-9603-CAB9A069B4D3} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software)
Task: {A3B10D9B-B46E-40B2-8B5F-077BBFD56A1E} - System32\Tasks\SpeedyPC Pro_sch_31962B5C-7D33-11E3-BED2-485B39E79C28 => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe
Task: {B263D4D7-2D25-45D8-8CED-B98E7DABE0BE} - System32\Tasks\Google Updater and Installer => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {BB74B64F-76CE-4968-AAF1-00BEF454B52D} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {BEF2D0CB-92F5-41A2-AE5C-D9F87EA75ACD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C00F94DD-C620-4381-A70B-394FCA2004CE} - System32\Tasks\{15225D4F-88F4-489D-812D-24A3BB55A5F9} => C:\Users\Chuck New\Downloads\Brothers DCP-7020 Print- Scanner Tool to Uninstall Old Software Ver Ddelinf_10160.EXE
Task: {C0AA91DF-C1B0-4295-A775-2211D67F63B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: {C3C9AFEA-7EE5-4825-9C74-4F24E6BD00F1} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {D16194A0-4CD2-4D40-8DEC-87F42E6FDB59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25] (Google Inc.)
Task: {D2F7E1B1-DDC7-47FB-92A5-599E548ED2E0} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2014-01-22] (NCH Software)
Task: {DA93948C-0D05-4977-8A42-9F2D97D59C06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-27] (Facebook Inc.)
Task: {E4642D92-16F2-4CB9-A8E6-61C82C3A7889} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {EADAAC26-5C8E-44F4-9C49-B41E5DF83E9F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {F11D5440-2D72-4BB1-963E-ACD9CDE6CA39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {F4A60049-4F85-4701-9DD5-343FB0FE71F0} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {FDBE611F-7FEF-45E5-AFFF-7D826C630903} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core.job => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA.job => C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core.job => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA.job => C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimCleaner Scan.job => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe
Task: C:\Windows\Tasks\SpeedyPC Pro_sch_31962B5C-7D33-11E3-BED2-485B39E79C28.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe

==================== Loaded Modules (whitelisted) =============

2011-08-09 13:28 - 2011-08-09 13:28 - 00032576 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Association\ResourceDll.dll
2009-08-28 18:00 - 2009-08-28 18:00 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-08-28 14:43 - 2009-08-28 14:43 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-04 16:43 - 2010-01-04 16:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-28 16:59 - 2011-06-28 16:59 - 00056800 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\CompInfo.dll
2011-08-09 13:28 - 2011-08-09 13:28 - 00107328 _____ () C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\WUSBResource.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 00323808 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2013-11-18 14:05 - 2013-04-22 10:46 - 01054320 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2014-02-27 01:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-27 01:18 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-27 01:18 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-27 01:18 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-27 01:18 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-02-07 20:05 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 02887904 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2010-04-22 19:33 - 2010-04-22 19:33 - 00025824 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 17:59 - 2010-03-22 17:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2010-02-23 14:14 - 2010-02-23 14:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-23 14:14 - 2010-02-23 14:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 14:11 - 2010-02-23 14:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 14:12 - 2010-02-23 14:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 14:14 - 2010-02-23 14:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 02:20 - 2014-03-01 21:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2013-09-20 12:50 - 2013-09-20 12:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Chuck New_2\Downloads\2009 Honda Accord EX-L.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: btwdins => 3
MSCONFIG\Services: CableAssociation => 2
MSCONFIG\Services: CouponXplorer_5zService => 2
MSCONFIG\Services: DisplayLinkService => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: FreemakeVideoCapture => 2
MSCONFIG\Services: Garmin Core Update Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroReaderDriverReadSpool3 => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: SeagateDashboardService => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Slacker Portable Service => 2
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TelevisionFanaticService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Update lucky leap => 2
MSCONFIG\Services: vToolbarUpdater17.0.12 => 2
MSCONFIG\Services: wifiProtService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chuck^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: D4B72B26CB6875D709FF04D0DB2FBE43355516F8._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Player\DelayPluginI.exe
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: ETDWare => C:\Program Files\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Chuck\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: InboxToolbar => "C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Memeo Send => C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe --silent
MSCONFIG\startupreg: NTRedirect => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Chuck\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader => C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
MSCONFIG\startupreg: TelevisionFanatic Home Page Guard 64 bit => "C:\PROGRA~2\TELEVI~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: TelevisionFanatic Search Scope Monitor => "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Universal Push2TV HD Manager => "C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\Universal Push2TV HD Manager.exe"
MSCONFIG\startupreg: VivoxHDN => "C:\Users\Chuck\AppData\Local\Vivox\HDN\Current\Vivox.HDN.Up.exe" /d
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
second half of Additon.txt

==================== Faulty Device Manager Devices =============

Name: PdaNet Modem
Description: PdaNet Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: JuneFabrics
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SPH-L710 Stevo's
Description: SPH-L710
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 590Plantronics (Mono Audio)
Description: Bluetooth Hands-free Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CSR plc
Service: BthAudioHF
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2014 03:02:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {07217973-115e-4909-b2f7-3f33210f1295}

Error: (03/05/2014 02:51:11 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2014 02:37:53 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27054. CA_Error27054: SetupAction(0xC0070091): Installation failed.

Error: (03/05/2014 00:24:42 AM) (Source: Application Hang) (User: )
Description: The program soffice.bin version 4.0.9714.500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6ec

Start Time: 01cf3830a73aec2f

Termination Time: 8

Application Path: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Report Id:

Error: (03/04/2014 09:18:19 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/04/2014 10:26:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:24:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:22:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:12:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: PdaNetPC.exe, version: 0.0.0.0, time stamp: 0x51754ca7
Faulting module name: PdaNetPC.exe, version: 0.0.0.0, time stamp: 0x51754ca7
Exception code: 0x40000015
Fault offset: 0x0003834e
Faulting process id: 0x1004
Faulting application start time: 0xPdaNetPC.exe0
Faulting application path: PdaNetPC.exe1
Faulting module path: PdaNetPC.exe2
Report Id: PdaNetPC.exe3

Error: (03/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (03/05/2014 04:33:31 PM) (Source: Service Control Manager) (User: )
Description: The Printer Control service terminated unexpectedly. It has done this 1 time(s).

Error: (03/05/2014 02:51:11 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/05/2014 02:50:45 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/05/2014 02:47:34 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/04/2014 09:18:19 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/04/2014 09:17:57 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/04/2014 09:17:46 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:49:33 PM on ‎3/‎4/‎2014 was unexpected.

Error: (03/02/2014 11:25:11 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/02/2014 11:24:58 PM) (Source: Service Control Manager) (User: )
Description: The PDF Architect Service service terminated with the following error:
%%-2147467259

Error: (03/02/2014 11:23:52 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:21:44 PM on ‎3/‎2/‎2014 was unexpected.


Microsoft Office Sessions:
=========================
Error: (03/05/2014 03:02:02 PM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {07217973-115e-4909-b2f7-3f33210f1295}

Error: (03/05/2014 02:51:11 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2014 02:37:53 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27054. CA_Error27054: SetupAction(0xC0070091): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 00:24:42 AM) (Source: Application Hang)(User: )
Description: soffice.bin4.0.9714.5006ec01cf3830a73aec2f8C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Error: (03/04/2014 09:18:19 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/04/2014 10:26:44 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:24:40 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:22:34 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-4229314078-1887863115-615417127-501.bak)0x80070539, The security ID structure is invalid.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {bb6d58eb-c6fd-4281-8bd7-cfc5aff374e9}

Error: (03/04/2014 10:12:08 AM) (Source: Application Error)(User: )
Description: PdaNetPC.exe0.0.0.051754ca7PdaNetPC.exe0.0.0.051754ca7400000150003834e100401cf3698b4c96424C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exeC:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe59bf7dcb-a3af-11e3-a0d8-485b39e79c28

Error: (03/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 3884.55 MB
Available physical RAM: 1061.25 MB
Total Pagefile: 7767.27 MB
Available Pagefile: 4686.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:278.55 GB) (Free:194.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: D59D3FD7)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Hi chucka52,

Thanks for the logs you have posted, but you seem to be over looking the FRST.txt log. It's header should look something like this and it should be located on your desktop.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-05-2013
Ran by SYSTEM on 19-05-2013 18:48:00
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
Click to expand...

If you can't seem to locate it, re-run FRST and generate new log.
 
One third of FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014 01
Ran by Chuck New_2 (administrator) on STEVO-PC on 07-03-2014 02:38:15
Running from C:\Users\Chuck New_2\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Wisair Ltd.) C:\Program Files (x86)\NETGEAR\PTVU1000\Association\CableAssociation.exe
() C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\system32\PrintCtrl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Netgear Ltd.) C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\Universal Push2TV HD Manager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Users\Chuck New_2\Desktop\aswMBR.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Farbar) C:\Users\Chuck New_2\Desktop\FarBar Recovery Scan Tool for Win7 64Bit FRST64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [PrintDisp] - C:\Windows\system32\PrintDisp.exe [870400 2012-10-29] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [Memeo Instant Backup] - C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-04-22] (Memeo Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Universal Push2TV HD Manager] - C:\Program Files (x86)\NETGEAR\PTVU1000\Universal Push2TV HD Manager\Universal Push2TV HD Manager.exe [4116448 2011-06-28] (Netgear Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-22] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [D4B72B26CB6875D709FF04D0DB2FBE43355516F8._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-01] (Google Inc.)
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [Google Update] - C:\Users\Chuck\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [WiFi Protector] - C:\Program Files (x86)\WiFi Protector\WiFiProtLauncher.exe [678728 2013-11-12] ()
HKU\S-1-5-21-4229314078-1887863115-615417127-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-11] (Google Inc.)
HKU\S-1-5-21-4229314078-1887863115-615417127-1009\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-4229314078-1887863115-615417127-1009\...\RunOnce: [Uninstall C:\Users\Chuck New\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Chuck New\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-4229314078-1887863115-615417127-1009\...\Policies\Explorer: [HideSCAPower] 0
HKU\S-1-5-21-4229314078-1887863115-615417127-1011\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [496192 2014-02-25] (BillP Studios)
HKU\S-1-5-21-4229314078-1887863115-615417127-501.bak\...\MountPoints2: E - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3D313FCFBA37CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=382440238&ir=
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: No Name - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File
Handler-x32: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Chuck New_2\AppData\Roaming\Mozilla\Firefox\Profiles\1ygtpeol.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC Media Player Win7 64 Bit\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC Media Player Win7 64 Bit\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @QuotationCafe_45.com/Plugin - C:\Program Files (x86)\QuotationCafe_45\bar\1.bin\NP45Stub.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2 [2013-08-26]
FF HKLM-x32\...\Firefox\Extensions: [5zffxtbr@CouponXplorer_5z.com] - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [downloader@freeyoutubetomp3converter.org] - C:\Program Files (x86)\FreeYouTubeToMP3TURBOConverter\Firefox
FF Extension: FreeYouTubeToMP3TURBOConverter plugin for Mozilla Firefox - C:\Program Files (x86)\FreeYouTubeToMP3TURBOConverter\Firefox [2013-10-25]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com\
FF Extension: No Name - C:\ProgramData\Wondershare\Player\Player@Wondershare.com\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-19]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: thewindowsclub.com
CHR DefaultSearchProvider: thewindowsclub.com
CHR DefaultSearchURL: http://www.thewindowsclub.com/the-windows-club-search-results?cx=partner-pub-5950002284129980%3A7lz6cl-5ojg&cof=FORID%3A11&ie=ISO-8859-1&q={searchTerms}&sa=Search
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-28]
CHR Extension: (Google Drive) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-28]
CHR Extension: (Gliffy Diagrams) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2014-02-28]
CHR Extension: (YouTube) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-28]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2014-02-28]
CHR Extension: (Freemake Video Downloader) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-02-28]
CHR Extension: (Google Search) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-28]
CHR Extension: (MightyText - SMS Text Messaging from Computer) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-02-28]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-02-28]
CHR Extension: (Google Calendar) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-02-28]
CHR Extension: (VNC Viewer for Google Chrome™) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla [2014-02-28]
CHR Extension: (Google Maps) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-28]
CHR Extension: (SkyDrive) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Gmail) - C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-28]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\CHUCKN~1\AppData\Local\mysearchdial-speeddial.crx [2014-02-28]
CHR HKLM-x32\...\Chrome\Extension: [bnkkfcoajiakgkgooblnilgdgcimmael] - C:\Users\Chuck\AppData\Local\CRE\bnkkfcoajiakgkgooblnilgdgcimmael.crx [2014-02-28]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-10-13]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-10-13]
CHR HKLM-x32\...\Chrome\Extension: [lggjockdkhahihjfehmocmjakchihnjb] - C:\Users\Chuck\AppData\Local\CRE\lggjockdkhahihjfehmocmjakchihnjb.crx [2013-10-13]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Chuck\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-10-13]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.0.1.12\avg.crx [2013-10-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 CableAssociation; C:\Program Files (x86)\NETGEAR\PTVU1000\Association\CableAssociation.exe [1458656 2011-06-28] (Wisair Ltd.)
R2 CPMService; C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe [116032 2011-09-05] ()
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9663848 2011-04-10] (DisplayLink Corp.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-26] (Freemake)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-05-30] (Garmin Ltd or its subsidiaries)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2012-10-30] (Nitro PDF Software)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 Slacker Portable Service; C:\Program Files (x86)\Slacker\Software Player\slacker.portable.service.exe [234176 2008-03-03] (Slacker)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-26] (IDT, Inc.)
S4 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-01] (AVG Secure Search)
S4 wifiProtService; C:\Program Files (x86)\WiFi Protector\wifiProtService.exe [1638728 2013-11-12] ()

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-09-23] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-04] (Broadcom Corporation.)
R0 cumon; C:\Windows\System32\drivers\cumon.sys [205512 2011-09-05] (Windows (R) Win 7 DDK provider)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys [17408 2013-10-13] (http://libusb-win32.sourceforge.net)
S3 DLCopyFilter; C:\Windows\System32\Drivers\wsr_tbf.sys [52736 2010-07-21] ()
S3 DWA; C:\Windows\System32\DRIVERS\WSR_DWA.SYS [578048 2010-11-18] ()
S3 EdgeSer; C:\Windows\System32\DRIVERS\edgeser64.sys [264704 2010-05-05] (Digi International)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R0 Evdd; C:\Windows\System32\drivers\evdd.sys [19568 2011-09-05] ()
S3 hwa; C:\Windows\System32\DRIVERS\WSR_HWA.SYS [1028096 2010-11-18] ()
S3 HWARadio; C:\Windows\System32\DRIVERS\WSR_RCI.SYS [167424 2010-11-18] ()
S3 Ionenum; C:\Windows\System32\DRIVERS\ionenum64.sys [24064 2008-12-18] (Digi International)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 MRV6X64U; C:\Windows\System32\DRIVERS\MRVW24C.sys [340480 2007-10-28] (Marvell Semiconductor, Inc)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-11-20] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
S3 NANMp50; System32\Drivers\NANMp50.sys [X]
S3 NANSp50; System32\Drivers\NANSp50.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U3 tmlwf;
U3 tmwfp;
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WSR_USF; System32\Drivers\WSR_USF.sys [X]
U3 aswMBR; \??\C:\Users\CHUCKN~2\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 02:36 - 2014-03-07 02:36 - 00000437 _____ () C:\Users\Chuck New_2\Desktop\aswMBR.zip
2014-03-07 02:33 - 2014-03-07 02:33 - 00000478 _____ () C:\Users\Chuck New_2\Desktop\aswMBR.txt
2014-03-07 01:35 - 2014-03-07 01:36 - 04745728 _____ (AVAST Software) C:\Users\Chuck New_2\Desktop\aswMBR.exe
2014-03-07 01:17 - 2014-03-07 01:18 - 00987442 _____ () C:\Users\Chuck New_2\Desktop\SecurityCheck.exe
2014-03-06 23:56 - 2014-03-07 00:35 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Used Trucks For Sale
2014-03-06 14:51 - 2014-03-06 17:48 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\SSA Letter with Requirements to recieve 11 month Cobra Ext Pg 1 0f 2
2014-03-06 13:40 - 2014-03-06 21:16 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Whithered Tree Buddism Folder
2014-03-06 08:39 - 2014-03-06 08:39 - 00017470 _____ () C:\Windows\CUAppUsage.Dat
2014-03-05 21:48 - 2014-03-05 21:48 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-05 20:26 - 2014-03-05 20:26 - 629145600 ____H () C:\fileimage.dat
2014-03-05 20:26 - 2011-09-05 10:14 - 00205512 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cumon.sys
2014-03-05 20:26 - 2011-09-05 10:14 - 00019568 _____ () C:\Windows\system32\Drivers\evdd.sys
2014-03-05 20:15 - 2014-03-05 20:15 - 00000348 _____ () C:\Windows\PFRO.log
2014-03-05 20:12 - 2014-03-05 20:12 - 00001003 _____ () C:\Users\Public\Desktop\COMODO Programs Manager.lnk
2014-03-05 20:12 - 2014-03-05 20:12 - 00000000 ____D () C:\Program Files\COMODO
2014-03-05 19:29 - 2014-03-05 19:29 - 00017037 _____ () C:\HijackPatrol.log
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\WinPatrol
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-03-05 18:28 - 2014-03-05 18:28 - 00000861 _____ () C:\Users\Chuck New_2\Desktop\JRT.txt
2014-03-05 17:25 - 2014-03-05 17:26 - 00049190 _____ () C:\Users\Chuck New_2\Desktop\Addition.txt
2014-03-05 17:24 - 2014-03-07 02:38 - 00027146 _____ () C:\Users\Chuck New_2\Desktop\FRST.txt
2014-03-05 17:22 - 2014-03-07 02:38 - 00000000 ____D () C:\FRST
2014-03-05 17:20 - 2014-03-07 02:37 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\PC Protection Software Download Folder
2014-03-05 17:20 - 2014-03-05 17:20 - 02156544 _____ (Farbar) C:\Users\Chuck New_2\Desktop\FarBar Recovery Scan Tool for Win7 64Bit FRST64.exe
2014-03-05 17:06 - 2014-03-05 17:07 - 00041124 _____ () C:\Users\Chuck New_2\Desktop\Recommended Protection Programs for your PC by the Windows Club Website in 2011.odt
2014-03-05 17:06 - 2014-03-05 17:06 - 00000115 ____H () C:\Users\Chuck New_2\Desktop\.~lock.Recommended Protection Programs for your PC by the Windows Club Website in 2011.odt#
2014-03-05 16:33 - 2014-03-05 16:39 - 00004174 _____ () C:\Users\Chuck New_2\Desktop\RKill ran on Chuck New_2 on 03-05-2014.txt
2014-03-05 02:16 - 2014-03-05 02:16 - 00068794 _____ () C:\Users\Chuck New_2\Desktop\Safeco Insurance Response to Check question.zip
2014-03-05 01:54 - 2014-03-05 01:54 - 00000000 ____D () C:\Program Files (x86)\Smart Projects
2014-03-05 01:50 - 2014-03-05 01:52 - 04410000 _____ (Smart Projects ) C:\Users\Chuck New_2\Desktop\isobuster_install 3.3 Ver.exe
2014-03-05 01:34 - 2014-03-05 01:37 - 04300296 _____ (Smart Projects ) C:\Users\Chuck New_2\Downloads\IsoBusterSetup.exe
2014-03-05 01:33 - 2014-03-05 01:33 - 00604608 _____ ( ) C:\Users\Chuck New_2\Desktop\IsoBusterSetup-4674877-vffsb.exe
2014-03-05 00:41 - 2014-03-05 00:43 - 00034438 _____ () C:\Users\Chuck New_2\Desktop\How to Get Free WiFi from Your City or Town.odt
2014-03-05 00:33 - 2014-03-05 00:33 - 00008697 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Veticle with no margins Paragragh Centered.odt
2014-03-04 23:40 - 2014-03-04 23:40 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Windows Live
2014-03-04 12:54 - 2014-03-04 12:54 - 00008573 _____ () C:\Users\Chuck New_2\Desktop\CARFAX REPORT ON EBAY HONDA 2009 EX-L VIN 1HGP3689A025118.txt
2014-03-04 11:41 - 2014-03-05 01:20 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Broadmoor Car Rental
2014-03-04 02:07 - 2014-03-04 23:46 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Windows Live Writer
2014-03-04 02:07 - 2014-03-04 23:40 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Windows Live Writer
2014-03-04 01:48 - 2014-03-04 11:36 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\2009 Honda Accord EXL
2014-03-03 20:12 - 2014-03-03 20:12 - 00000217 _____ () C:\Users\Chuck New_2\Desktop\Quick Questions to Ask online Used Car Dealers.txt
2014-03-03 20:10 - 2014-03-03 20:16 - 07454720 _____ () C:\Users\Chuck New\Downloads\pdfedit-20120210_0214.msi
2014-03-03 20:08 - 2014-03-03 20:14 - 06008924 _____ () C:\Users\Chuck New\Downloads\dict-en (1).oxt
2014-03-03 18:12 - 2014-03-03 18:12 - 00000000 _____ () C:\Users\Chuck New_2\Sti_Trace.log
2014-03-03 18:09 - 2014-03-03 18:09 - 00000000 ____D () C:\Users\Chuck New_2\Documents\Fax
2014-03-03 18:06 - 2014-03-07 01:36 - 00019893 _____ () C:\Users\Chuck New_2\Desktop\Used Cars - Questions to ask about condition .odt
2014-03-03 12:20 - 2014-03-03 19:36 - 00000895 _____ () C:\Users\Chuck New_2\Desktop\WIFI HOTSPOT MY OBSTACLES TO PICKUP WIFI SIGNAL FROM MY APT.txt
2014-03-03 12:17 - 2014-03-03 12:17 - 00198397 _____ () C:\Users\Chuck New_2\Desktop\WIFI TECH SUPPORT TO PICK WIFI HOTSPOTS IN MY AREA & NLOS.odt
2014-03-03 12:14 - 2014-03-03 12:14 - 00008546 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Horizontal No Margins.odt
2014-03-03 12:13 - 2014-03-05 16:55 - 00011079 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Vertical No Margins.odt
2014-03-03 12:10 - 2014-03-03 12:12 - 00008558 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text.odt
2014-03-03 12:10 - 2014-03-03 12:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\OpenOffice
2014-03-03 12:03 - 2014-03-03 12:03 - 00000000 _____ () C:\Users\Chuck New_2\Desktop\New Text Document.TXT
2014-03-03 00:21 - 2014-03-03 00:21 - 00282840 _____ (Mozilla) C:\Users\Chuck New_2\Downloads\Firefox Setup Stub 27.0.1(1).exe
2014-03-02 23:23 - 2014-03-06 08:41 - 00000784 _____ () C:\Windows\setupact.log
2014-03-02 23:23 - 2014-03-02 23:23 - 00294568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 23:23 - 2014-03-02 23:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-02 20:44 - 2014-03-02 20:46 - 00000000 ____D () C:\Users\Chuck New\Desktop\2008 SAAB 9-3 210HP 2.0L 4 Cylinder High Outpt Turbo
2014-03-02 19:24 - 2014-03-02 19:24 - 00000855 _____ () C:\Users\Chuck New\Desktop\Blue Harbor Auto Loans Aproved at 2.49 Percent for 60 months.lnk
2014-03-02 18:07 - 2014-03-02 18:07 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Macromedia
2014-03-02 17:56 - 2014-03-02 17:56 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Mozilla
2014-03-02 17:13 - 2014-03-02 17:13 - 00002618 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Make $1000′s Per Day with Penny Stocks_ « Invests.com.lnk
2014-03-02 17:13 - 2014-03-02 17:13 - 00002588 _____ () C:\Users\Chuck New\Desktop\Make $1000′s Per Day with Penny Stocks_ « Invests.com.lnk
2014-03-02 15:33 - 2014-03-02 15:33 - 00847816 _____ (Google Inc.) C:\Users\Chuck New\Downloads\GoogleEarthSetup.exe
2014-03-02 12:30 - 2014-03-02 12:30 - 00064024 _____ () C:\Users\Chuck New\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 01:53 - 2014-03-02 12:31 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\FileTypeAssistant
2014-03-02 00:00 - 2014-03-02 00:00 - 00003358 _____ () C:\Users\Chuck New\Desktop\Amazon.com _ WIFI EXPERT - WiFi Antenna 18dBi YAGI + ALFA R36 + G Netw Long Range Booster GET FREE INTERNET _ Network Antennas _ Electronics.lnk
2014-03-01 22:23 - 2014-03-01 22:23 - 00010631 _____ () C:\Users\Chuck New\Desktop\JRT.txt
2014-03-01 21:17 - 2014-03-01 21:18 - 01037734 _____ (Thisisu) C:\Users\Chuck New\Downloads\JRT Software Clean & Remove Unwanted Toolbars on your browsers like FireFox, Chrome & IE.exe
2014-03-01 16:32 - 2014-03-04 10:21 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Devicescape
2014-03-01 16:26 - 2014-03-01 16:28 - 07087608 _____ (Microsoft Corporation) C:\Users\Chuck New_2\Downloads\easywifi-win-4.0.78.exe
2014-03-01 11:10 - 2014-03-01 11:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Macromedia
2014-03-01 10:18 - 2014-03-01 10:19 - 00282840 _____ (Mozilla) C:\Users\Chuck New_2\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-01 10:17 - 2014-03-01 10:18 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Mozilla
2014-03-01 10:17 - 2014-03-01 10:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Mozilla
2014-03-01 02:29 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-03-01 02:28 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-01 02:28 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-03-01 02:27 - 2014-03-01 02:27 - 00002190 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-03-01 02:21 - 2014-03-01 02:23 - 07087608 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\easywifi-win-4.0.78.exe
2014-03-01 01:58 - 2014-03-01 01:59 - 01324940 _____ () C:\Users\Chuck New\Downloads\netstumblerinstaller_0_4_0 (1).exe
2014-03-01 01:57 - 2014-03-01 01:58 - 01324940 _____ () C:\Users\Chuck New\Downloads\netstumblerinstaller_0_4_0.exe
2014-03-01 01:19 - 2014-03-01 01:18 - 00000374 _____ () C:\Users\Chuck New\Desktop\WiFI Everything You Need To Know & where to Buy.url
2014-03-01 01:08 - 2014-03-04 10:26 - 00000000 ____D () C:\Windows\SysWOW64\webclient
2014-03-01 01:06 - 2014-03-01 01:07 - 00905426 _____ () C:\Users\Chuck New\Downloads\WebClient.exe
2014-02-28 23:27 - 2014-02-28 23:35 - 00000000 ____D () C:\Users\Chuck New\Desktop\CARCHEX USED CAR INSPECTION COUPONS & INSPECTION SHEETS FOLDER
2014-02-28 22:12 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Chuck New\Desktop\PEP BOYS USED CAR INSPECTION COUPONS & INSPECTION SHEETS FOLDER
2014-02-28 20:34 - 2014-02-28 20:34 - 17268616 _____ (Adobe Systems Incorporated) C:\Users\Chuck New\Downloads\AdobeFlashPlayerActiveXSetup.exe
2014-02-28 14:33 - 2014-02-28 14:33 - 00001369 _____ () C:\Users\Chuck New\Desktop\Medicare Info Folder - Shortcut.lnk
2014-02-28 14:28 - 2014-02-28 14:28 - 00001320 _____ () C:\Users\Chuck New\Desktop\Used CAR Folder - Shortcut.lnk
2014-02-28 14:22 - 2014-02-28 14:22 - 00001500 _____ () C:\Users\Chuck New\Desktop\New Text, Spread etcSheets Document - Shortcut.lnk
2014-02-28 14:02 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Chuck New\Desktop\Cars I am Interested In looking at
2014-02-28 08:50 - 2014-02-28 08:50 - 00012453 _____ () C:\Users\Chuck New_2\Downloads\2009 Honda Accord EX-L.eml
2014-02-28 04:15 - 2014-02-28 04:15 - 00004096 _____ () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Used Cars for Sale in Michigan - MLive.com.lnk
2014-02-28 04:15 - 2014-02-28 04:15 - 00004066 _____ () C:\Users\Chuck New_2\Desktop\Used Cars for Sale in Michigan - MLive.com.lnk
2014-02-28 04:10 - 2014-02-28 04:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Adobe
2014-02-28 03:51 - 2014-03-03 19:07 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\2008 Saab 9-3 4 cylinder or 6 Cylinder Automatic Transmision with 48,200Miles PrivateParty price should be around 8,600
2014-02-28 02:20 - 2014-02-28 02:20 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Seagate
2014-02-28 02:17 - 2014-03-04 10:12 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\CrashDumps
2014-02-28 02:17 - 2014-02-28 02:17 - 00064024 _____ () C:\Users\Chuck New_2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Memeo
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\AVG2014
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Avg2014
2014-02-28 02:16 - 2014-02-28 04:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Adobe
2014-02-28 02:16 - 2014-02-28 02:21 - 00002257 _____ () C:\Users\Chuck New_2\Desktop\Google Chrome.lnk
2014-02-28 02:16 - 2014-02-28 02:17 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-28 02:16 - 2014-02-28 02:17 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-28 02:16 - 2014-02-28 02:16 - 00001415 _____ () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-28 02:16 - 2014-02-28 02:16 - 00000000 ___RD () C:\Users\Chuck New_2\Virtual Machines
2014-02-28 02:15 - 2014-02-28 02:15 - 00000884 __RSH () C:\Users\Chuck New_2\ntuser.pol
2014-02-28 02:15 - 2014-02-28 02:15 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\VirtualStore
2014-02-28 02:14 - 2014-03-04 22:39 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Google
2014-02-28 02:14 - 2014-03-03 18:12 - 00000000 ____D () C:\Users\Chuck New_2
2014-02-28 02:14 - 2014-02-28 02:14 - 00000020 ___SH () C:\Users\Chuck New_2\ntuser.ini
2014-02-28 02:14 - 2014-02-26 01:39 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-28 02:14 - 2014-02-26 01:39 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-28 02:14 - 2014-02-26 01:38 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Macromedia
2014-02-28 02:14 - 2013-06-08 15:44 - 00002102 _____ () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-02-28 02:14 - 2013-03-07 17:58 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\TuneUp Software
2014-02-27 21:11 - 2014-02-28 11:19 - 00002420 _____ () C:\Users\Chuck New\Desktop\Windows7 Registry Backup by CCleaner on 2-4-14 - Shortcut.lnk
2014-02-27 18:30 - 2014-02-27 18:30 - 00003326 _____ () C:\Windows\System32\Tasks\BatteryCareAuto
2014-02-27 17:36 - 2014-02-27 17:36 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\BatteryCare
2014-02-27 17:36 - 2014-02-27 17:36 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2014-02-27 17:34 - 2014-03-07 02:33 - 00530275 _____ () C:\Windows\WindowsUpdate.log
2014-02-27 09:41 - 2014-03-01 01:39 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Windows Live
2014-02-27 07:53 - 2014-02-27 07:53 - 00002590 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Repocast- Repossesion- Foreclosure- and Consignment Online Auctions.lnk
2014-02-27 06:01 - 2014-02-27 06:02 - 04765152 _____ (Piriform Ltd) C:\Users\Chuck New\Downloads\ccsetup411.exe
2014-02-27 05:45 - 2014-02-27 05:45 - 00003342 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-02-27 05:45 - 2014-02-27 05:45 - 00002264 _____ () C:\Users\Chuck New\Desktop\SpyHunter.lnk
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\sh4ldr
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 _____ () C:\autoexec.bat
2014-02-27 05:45 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-02-27 05:43 - 2014-02-27 05:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-27 05:42 - 2014-02-27 05:43 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Chuck New\Downloads\SpyHunter-Installer.exe
2014-02-27 04:56 - 2014-02-27 04:56 - 15776072 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Chuck New\Downloads\outlook-pst-repair-508.exe
2014-02-27 04:38 - 2014-02-27 04:39 - 00009378 _____ () C:\Users\Chuck New\Downloads\SystemLook.txt
2014-02-27 04:37 - 2014-02-27 04:37 - 00165376 _____ () C:\Users\Chuck New\Downloads\SystemLook_x64.exe
2014-02-27 04:12 - 2014-02-27 04:12 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Chuck New\Downloads\rkill.exe
2014-02-27 03:34 - 2009-06-10 16:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140227-033453.backup
2014-02-27 02:50 - 2014-02-27 02:50 - 00000000 ____D () C:\Users\Chuck New\Documents\ProcAlyzer Dumps
2014-02-27 02:37 - 2014-02-27 02:37 - 00007600 _____ () C:\Users\Chuck New\AppData\Local\Resmon.ResmonCfg
2014-02-27 01:24 - 2014-02-27 01:25 - 06951200 _____ () C:\Users\Chuck New\Downloads\spybotsd_includes.exe
2014-02-27 01:21 - 2014-02-27 01:21 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Safer Networking
2014-02-27 01:19 - 2014-02-27 01:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-27 01:18 - 2014-02-27 03:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-27 01:18 - 2014-02-27 03:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-27 01:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-27 01:16 - 2014-02-27 01:17 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Chuck New\Downloads\spybot-2.2.exe
2014-02-26 22:18 - 2014-02-26 22:18 - 00025556 _____ () C:\Users\Chuck New\Downloads\Safeco-Jesten Question, Concerns Descrepancies with My Safeco online Account, Rebate, Montly Vehicle Payments, Remove Christines Info.odt
2014-02-26 20:37 - 2014-02-26 20:37 - 01752632 _____ (Safer-Networking Ltd. ) C:\Users\Chuck New\Downloads\regalyz-1.6.2.16.exe
2014-02-26 20:02 - 2014-02-26 20:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\MicrosoftFixit.malware.FISC.16316889920737457.3.1.Run.exe
2014-02-26 20:02 - 2014-02-26 20:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\MicrosoftFixit.IEPerformance.FISC.16316889920737457.3.2.Run.exe
2014-02-26 19:54 - 2014-02-26 19:54 - 00102909 _____ () C:\Users\Chuck New\Downloads\97D1.tmp
2014-02-26 13:50 - 2014-02-26 13:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Slacker
2014-02-26 13:16 - 2014-02-26 13:16 - 06031785 _____ () C:\Users\Chuck New\Downloads\dict-en.oxt
2014-02-25 21:50 - 2014-02-25 21:56 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Nitro
2014-02-25 21:50 - 2014-02-25 21:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\FileOpen
2014-02-25 20:36 - 2014-02-27 04:49 - 00000000 ____D () C:\Users\Chuck New\Desktop\RESTORED THIS PC ON 2-25-14 Using Restore Point Date of 1-17-14 time 1-55 AM
2014-02-17 01:30 - 2014-02-17 01:31 - 00000000 ____D () C:\Users\Chuck New\My Picture old
2014-02-16 23:13 - 2014-02-16 23:13 - 00001054 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-16 23:01 - 2014-02-16 23:01 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\PDF Architect
2014-02-16 22:54 - 2014-02-16 22:54 - 06083640 _____ (NCH Software) C:\Users\Chuck New\Downloads\vppsetup.exe
2014-02-16 22:54 - 2014-02-16 22:54 - 00001136 _____ () C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2014-02-16 22:47 - 2014-02-16 22:47 - 00001304 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-02-16 22:47 - 2014-02-16 22:47 - 00001172 _____ () C:\Users\Public\Desktop\PhotoStage Slideshow Producer.lnk
2014-02-16 12:51 - 2014-02-16 12:51 - 00000000 ____D () C:\Users\Chuck New\SystemRequirementsLab
 
two thirds of FRST.txt

2014-02-16 04:59 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 04:59 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 04:59 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 04:59 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 04:59 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 04:59 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 04:59 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 04:59 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 04:59 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 04:59 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 04:59 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 04:58 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 04:58 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 04:58 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 04:58 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 04:58 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 04:58 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 04:58 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 04:58 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 04:58 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 04:58 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 04:58 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 04:58 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 04:58 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 04:58 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 04:58 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 04:58 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 04:58 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 04:58 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 04:58 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 04:58 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 04:58 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 04:58 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 04:58 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 04:58 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 04:58 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 04:58 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 04:58 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 04:58 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 04:58 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 04:58 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-16 04:52 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-16 04:52 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-16 04:52 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 04:52 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 04:52 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 04:52 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 04:52 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-16 04:52 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-16 04:52 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-16 04:52 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-16 04:52 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-16 04:52 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-16 04:52 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-16 04:52 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 04:52 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-16 04:52 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-16 04:52 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-16 04:52 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-16 04:52 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-16 04:51 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 04:51 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 04:51 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-16 04:51 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-16 04:51 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-16 04:51 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-16 04:51 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-16 04:51 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 04:51 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-16 04:49 - 2014-02-27 09:44 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Windows Live Writer
2014-02-16 04:49 - 2014-02-16 04:49 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Windows Live Writer
2014-02-16 04:45 - 2014-03-01 00:55 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\CrashDumps
2014-02-16 01:08 - 2014-02-16 01:08 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\VirtualStore
2014-02-16 00:55 - 2014-02-16 01:05 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Adobe
2014-02-16 00:47 - 2014-02-16 00:47 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\FreeFileViewer
2014-02-15 16:16 - 2014-02-15 16:16 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-14 12:22 - 2014-02-27 19:59 - 00000000 ____D () C:\Users\Chuck New\Desktop\Affordable Care Act Insurance Providers & Info on What they all must cover
2014-02-13 12:03 - 2014-02-16 02:27 - 00000000 ____D () C:\ProgramData\VMware
2014-02-13 12:03 - 2014-02-13 12:03 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-13 12:03 - 2014-02-13 12:03 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-11 21:59 - 2014-02-11 21:58 - 00001357 _____ () C:\Users\Chuck New\Desktop\SkyDrive - Shortcut.lnk
2014-02-11 21:39 - 2014-02-28 14:33 - 00000000 ____D () C:\Users\Chuck New\Desktop\ALL DESKTOP FOLDERS TO QUICK REFERNCE ON DESKTOP FOR NOW
2014-02-11 19:50 - 2014-02-11 19:50 - 00000000 ____D () C:\Users\New User\AppData\Roaming\vlc
2014-02-11 19:24 - 2014-02-11 19:24 - 00187078 _____ () C:\Users\New User\Desktop\Defaut Window 7 Computer Menu.odt
2014-02-11 19:04 - 2014-02-11 19:04 - 00001415 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-11 18:44 - 2014-02-11 18:44 - 00000000 ____D () C:\Users\New User\AppData\Local\Adobe
2014-02-11 18:40 - 2014-02-11 18:40 - 00008278 _____ () C:\Users\New User\Desktop\Narow Margin New Rich Text Document.odt
2014-02-11 18:38 - 2014-02-16 02:40 - 00000000 ____D () C:\Users\New User\AppData\Roaming\OpenOffice
2014-02-11 18:16 - 2014-02-11 20:57 - 00000000 ____D () C:\Users\New User\Desktop\In Windows 7 to configure all Primary & Subfolders to there original Default Setup
2014-02-11 17:33 - 2014-02-11 17:33 - 00000000 ___RD () C:\Users\New User\SkyDrive
2014-02-11 17:26 - 2014-02-16 02:40 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Memeo
2014-02-11 17:26 - 2014-02-16 02:40 - 00000000 ____D () C:\Users\New User\AppData\Roaming\AVG2014
2014-02-11 17:26 - 2014-02-11 18:44 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Adobe
2014-02-11 17:26 - 2014-02-11 17:26 - 00064024 _____ () C:\Users\New User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-11 17:26 - 2014-02-11 17:26 - 00002257 _____ () C:\Users\New User\Desktop\Google Chrome.lnk
2014-02-11 17:26 - 2014-02-11 17:26 - 00001415 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\Virtual Machines
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ____D () C:\Users\New User\AppData\Local\Avg2014
2014-02-11 17:25 - 2014-02-16 02:46 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-11 17:25 - 2014-02-16 02:46 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-11 17:25 - 2014-02-16 02:40 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Macromedia
2014-02-11 17:25 - 2014-02-11 17:33 - 00002169 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-02-11 17:25 - 2014-02-11 17:25 - 00000884 __RSH () C:\Users\New User\ntuser.pol
2014-02-11 17:25 - 2014-02-11 17:25 - 00000020 ___SH () C:\Users\New User\ntuser.ini
2014-02-11 17:25 - 2014-02-11 17:25 - 00000000 ____D () C:\Users\New User\AppData\Local\VirtualStore
2014-02-11 17:25 - 2013-10-10 15:01 - 00000000 ____D () C:\Users\New User\AppData\Local\Google
2014-02-11 17:25 - 2013-03-07 17:58 - 00000000 ____D () C:\Users\New User\AppData\Roaming\TuneUp Software
2014-02-10 17:43 - 2014-02-10 17:43 - 01238645 _____ () C:\Users\Chuck New\Downloads\aoo-pdf-import-0.1.0-windows-x86.oxt
2014-02-10 08:44 - 2014-02-10 08:44 - 02661226 _____ () C:\Users\Chuck New\Downloads\oracle-pdfimport (1).oxt
2014-02-10 08:23 - 2014-02-16 02:46 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Iceni
2014-02-10 08:23 - 2014-02-16 02:46 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Iceni
2014-02-10 08:23 - 2014-02-16 02:39 - 00000000 ____D () C:\ProgramData\Iceni
2014-02-10 08:23 - 2014-02-16 02:39 - 00000000 ____D () C:\ProgramData\Aspell
2014-02-10 08:23 - 2014-02-10 08:23 - 00000000 ____D () C:\Windows\Infix PDF
2014-02-10 08:23 - 2014-02-10 08:23 - 00000000 ____D () C:\ActMask
2014-02-10 08:23 - 2013-02-04 05:17 - 00429568 _____ (ActMask - http://www.all2pdf.com) C:\Windows\system32\PrtTools.exe
2014-02-10 08:23 - 2013-02-01 04:05 - 00925696 _____ (ActMask http://www.all2pdf.com) C:\Windows\SysWOW64\SaveTo.dll
2014-02-10 08:23 - 2012-12-31 13:02 - 00028160 _____ (ActMask Co., Ltd - http:\\WWW.ALL2PDF.COM) C:\Windows\SysWOW64\SaveToEx.dll
2014-02-10 08:23 - 2012-12-16 12:37 - 01175552 _____ (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\system32\PrtClient.exe
2014-02-10 08:23 - 2012-12-10 09:21 - 00398848 _____ (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\SysWOW64\SetPrinter.exe
2014-02-10 08:23 - 2012-12-10 09:21 - 00398848 _____ (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\system32\SetPrinter.exe
2014-02-10 08:23 - 2012-10-29 08:45 - 00870400 _____ (ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\system32\PrintDisp.exe
2014-02-10 08:23 - 2012-10-21 09:36 - 00121856 _____ (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\system32\PrintCtrl.exe
2014-02-10 08:23 - 2011-11-13 19:03 - 04067736 _____ (DynaForms GmbH) C:\Windows\SysWOW64\CPDF3.dll
2014-02-10 08:23 - 2011-05-25 11:26 - 00526848 _____ (ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\system32\PrtPass.exe
2014-02-10 08:23 - 2011-05-14 02:17 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm80.dll
2014-02-10 08:23 - 2010-11-20 08:25 - 04583424 _____ (Microsoft Corporation) C:\Windows\system32\wordpad.exe
2014-02-10 08:23 - 2008-01-18 23:36 - 01391616 _____ () C:\Windows\SysWOW64\ActPDF.dll
2014-02-10 08:23 - 2001-09-05 19:00 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-02-10 08:22 - 2014-02-16 02:39 - 00000000 ____D () C:\Program Files (x86)\Iceni
2014-02-10 08:19 - 2014-02-10 08:19 - 00930440 _____ (CNET Download.com) C:\Users\Chuck New\Downloads\cbsidlm-cbsi176-Infix_PDF_Editor-SEO-10391701.exe
2014-02-10 07:29 - 2014-02-10 07:29 - 02661226 _____ () C:\Users\Chuck New\Downloads\oracle-pdfimport.oxt
2014-02-10 07:01 - 2014-02-16 02:46 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utilities
2014-02-10 06:19 - 2014-02-16 03:03 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-02-10 05:47 - 2014-02-10 05:47 - 00000042 _____ () C:\Users\Chuck New\AppData\Roaming\WB.CFG
2014-02-08 15:55 - 2010-03-02 03:45 - 01594368 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-02-08 15:17 - 2014-02-08 15:18 - 13729983 _____ () C:\Users\Chuck New\Downloads\CAMERA_AzureWave_WIN7_64.zip
2014-02-08 15:10 - 2014-02-08 15:10 - 03607660 _____ () C:\Users\Chuck New\Downloads\Camera_AW_AM-VS011_WIN7_64_Z5854000204.zip
2014-02-08 14:09 - 2014-02-08 14:09 - 04092088 _____ (Piriform Ltd) C:\Users\Chuck New\Downloads\rcsetup150.exe
2014-02-08 00:56 - 2014-02-08 00:56 - 00002718 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Security Online - Medicare Information.lnk
2014-02-07 20:11 - 2014-02-07 20:11 - 00000034 _____ () C:\Windows\SysWOW64\BD7020.DAT
2014-02-07 20:06 - 2014-02-07 20:06 - 00000050 _____ () C:\Windows\system32\bd7020.dat
2014-02-07 20:05 - 2014-02-07 20:05 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-02-07 20:05 - 2009-01-15 19:20 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-02-07 20:05 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-02-07 20:05 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-02-07 20:05 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-02-07 20:05 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2014-02-07 19:44 - 2014-02-07 19:53 - 00000000 ____D () C:\brodnt
2014-02-07 19:40 - 2014-02-07 19:40 - 00000000 ____D () C:\ProgramData\Brother
2014-02-07 19:36 - 2014-02-07 20:04 - 00000000 ____D () C:\bront
2014-02-07 19:13 - 2014-02-07 19:13 - 00003102 _____ () C:\Windows\System32\Tasks\{15225D4F-88F4-489D-812D-24A3BB55A5F9}
2014-02-07 19:13 - 2014-02-07 19:13 - 00003102 _____ () C:\Windows\System32\Tasks\{00C73705-0303-4247-B539-7F2C5F566AC2}
2014-02-07 19:13 - 2014-02-07 19:13 - 00000000 ____D () C:\Windows\SysWOW64\rempnp
2014-02-07 19:09 - 2014-02-07 19:09 - 00003302 _____ () C:\Windows\System32\Tasks\{6307A71B-BD51-42DF-B267-F91801AE5C2E}
2014-02-07 18:57 - 2014-02-07 18:57 - 00003514 _____ () C:\Windows\System32\Tasks\{5D26674A-1AA6-463D-AD6E-B5E0F98D63A8}
2014-02-05 20:40 - 2014-02-05 20:40 - 00001037 _____ () C:\Users\Chuck New\Desktop\Chuck New His Folders Shortcut.lnk
2014-02-05 13:07 - 2014-02-05 13:07 - 00422624 _____ () C:\Users\Chuck New\Downloads\CloudConnect-v18-prod.apk
2014-02-05 09:18 - 2014-02-05 09:17 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Chuck New\Downloads\AdobeAIRSetup.exe

==================== One Month Modified Files and Folders =======

2014-03-07 02:38 - 2014-03-05 17:24 - 00027146 _____ () C:\Users\Chuck New_2\Desktop\FRST.txt
2014-03-07 02:38 - 2014-03-05 17:22 - 00000000 ____D () C:\FRST
2014-03-07 02:37 - 2014-03-05 17:20 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\PC Protection Software Download Folder
2014-03-07 02:36 - 2014-03-07 02:36 - 00000437 _____ () C:\Users\Chuck New_2\Desktop\aswMBR.zip
2014-03-07 02:36 - 2013-10-05 17:20 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000UA.job
2014-03-07 02:33 - 2014-03-07 02:33 - 00000478 _____ () C:\Users\Chuck New_2\Desktop\aswMBR.txt
2014-03-07 02:33 - 2014-02-27 17:34 - 00530275 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 02:16 - 2013-06-25 19:44 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 01:44 - 2013-08-13 00:41 - 00000000 ____D () C:\Program Files (x86)\File Type Assistant
2014-03-07 01:39 - 2013-04-19 16:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 01:36 - 2014-03-07 01:35 - 04745728 _____ (AVAST Software) C:\Users\Chuck New_2\Desktop\aswMBR.exe
2014-03-07 01:36 - 2014-03-03 18:06 - 00019893 _____ () C:\Users\Chuck New_2\Desktop\Used Cars - Questions to ask about condition .odt
2014-03-07 01:18 - 2014-03-07 01:17 - 00987442 _____ () C:\Users\Chuck New_2\Desktop\SecurityCheck.exe
2014-03-07 00:51 - 2013-11-25 00:51 - 00000402 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2014-03-07 00:35 - 2014-03-06 23:56 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Used Trucks For Sale
2014-03-07 00:00 - 2014-02-04 14:01 - 00000388 _____ () C:\Windows\Tasks\SlimCleaner Scan.job
2014-03-06 23:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2014-03-06 23:36 - 2013-10-05 17:20 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4229314078-1887863115-615417127-1000Core.job
2014-03-06 22:45 - 2013-03-06 13:35 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-06 21:16 - 2014-03-06 13:40 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Whithered Tree Buddism Folder
2014-03-06 17:48 - 2014-03-06 14:51 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\SSA Letter with Requirements to recieve 11 month Cobra Ext Pg 1 0f 2
2014-03-06 08:50 - 2009-07-14 00:13 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 08:49 - 2009-07-13 23:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 08:49 - 2009-07-13 23:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 08:47 - 2013-06-25 19:44 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 08:43 - 2013-03-01 23:34 - 00003133 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-06 08:41 - 2014-03-02 23:23 - 00000784 _____ () C:\Windows\setupact.log
2014-03-06 08:41 - 2014-01-05 23:48 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-06 08:41 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 08:39 - 2014-03-06 08:39 - 00017470 _____ () C:\Windows\CUAppUsage.Dat
2014-03-05 21:48 - 2014-03-05 21:48 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-05 21:48 - 2013-04-19 16:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-05 21:48 - 2013-04-19 16:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-05 21:48 - 2013-04-19 16:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-05 21:32 - 2014-01-03 15:19 - 00000000 ____D () C:\Users\Chuck New\Bluetooth Drivers for Cirago Model BTA6210 Ver2.1 for Windows 7 64 (bit)
2014-03-05 20:26 - 2014-03-05 20:26 - 629145600 ____H () C:\fileimage.dat
2014-03-05 20:17 - 2013-03-01 23:34 - 00003532 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-05 20:15 - 2014-03-05 20:15 - 00000348 _____ () C:\Windows\PFRO.log
2014-03-05 20:12 - 2014-03-05 20:12 - 00001003 _____ () C:\Users\Public\Desktop\COMODO Programs Manager.lnk
2014-03-05 20:12 - 2014-03-05 20:12 - 00000000 ____D () C:\Program Files\COMODO
2014-03-05 19:48 - 2013-11-15 09:53 - 00000000 ____D () C:\Program Files\Speccy
2014-03-05 19:29 - 2014-03-05 19:29 - 00017037 _____ () C:\HijackPatrol.log
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\WinPatrol
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-05 19:07 - 2014-03-05 19:07 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-03-05 18:28 - 2014-03-05 18:28 - 00000861 _____ () C:\Users\Chuck New_2\Desktop\JRT.txt
2014-03-05 17:26 - 2014-03-05 17:25 - 00049190 _____ () C:\Users\Chuck New_2\Desktop\Addition.txt
2014-03-05 17:20 - 2014-03-05 17:20 - 02156544 _____ (Farbar) C:\Users\Chuck New_2\Desktop\FarBar Recovery Scan Tool for Win7 64Bit FRST64.exe
2014-03-05 17:07 - 2014-03-05 17:06 - 00041124 _____ () C:\Users\Chuck New_2\Desktop\Recommended Protection Programs for your PC by the Windows Club Website in 2011.odt
2014-03-05 17:06 - 2014-03-05 17:06 - 00000115 ____H () C:\Users\Chuck New_2\Desktop\.~lock.Recommended Protection Programs for your PC by the Windows Club Website in 2011.odt#
2014-03-05 16:55 - 2014-03-03 12:13 - 00011079 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Vertical No Margins.odt
2014-03-05 16:39 - 2014-03-05 16:33 - 00004174 _____ () C:\Users\Chuck New_2\Desktop\RKill ran on Chuck New_2 on 03-05-2014.txt
2014-03-05 02:16 - 2014-03-05 02:16 - 00068794 _____ () C:\Users\Chuck New_2\Desktop\Safeco Insurance Response to Check question.zip
2014-03-05 01:54 - 2014-03-05 01:54 - 00000000 ____D () C:\Program Files (x86)\Smart Projects
2014-03-05 01:52 - 2014-03-05 01:50 - 04410000 _____ (Smart Projects ) C:\Users\Chuck New_2\Desktop\isobuster_install 3.3 Ver.exe
2014-03-05 01:37 - 2014-03-05 01:34 - 04300296 _____ (Smart Projects ) C:\Users\Chuck New_2\Downloads\IsoBusterSetup.exe
2014-03-05 01:33 - 2014-03-05 01:33 - 00604608 _____ ( ) C:\Users\Chuck New_2\Desktop\IsoBusterSetup-4674877-vffsb.exe
2014-03-05 01:20 - 2014-03-04 11:41 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\Broadmoor Car Rental
2014-03-05 00:43 - 2014-03-05 00:41 - 00034438 _____ () C:\Users\Chuck New_2\Desktop\How to Get Free WiFi from Your City or Town.odt
2014-03-05 00:33 - 2014-03-05 00:33 - 00008697 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Veticle with no margins Paragragh Centered.odt
2014-03-04 23:46 - 2014-03-04 02:07 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Windows Live Writer
2014-03-04 23:40 - 2014-03-04 23:40 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Windows Live
2014-03-04 23:40 - 2014-03-04 02:07 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Windows Live Writer
2014-03-04 22:39 - 2014-02-28 02:14 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Google
2014-03-04 16:49 - 2014-01-15 02:07 - 00000000 ____D () C:\Users\Chuck New\2014 Reciepts & Payments
2014-03-04 12:54 - 2014-03-04 12:54 - 00008573 _____ () C:\Users\Chuck New_2\Desktop\CARFAX REPORT ON EBAY HONDA 2009 EX-L VIN 1HGP3689A025118.txt
2014-03-04 11:36 - 2014-03-04 01:48 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\2009 Honda Accord EXL
2014-03-04 10:26 - 2014-03-01 01:08 - 00000000 ____D () C:\Windows\SysWOW64\webclient
2014-03-04 10:23 - 2013-06-08 23:47 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-04 10:21 - 2014-03-01 16:32 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Devicescape
2014-03-04 10:12 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\CrashDumps
2014-03-03 20:16 - 2014-03-03 20:10 - 07454720 _____ () C:\Users\Chuck New\Downloads\pdfedit-20120210_0214.msi
2014-03-03 20:14 - 2014-03-03 20:08 - 06008924 _____ () C:\Users\Chuck New\Downloads\dict-en (1).oxt
2014-03-03 20:12 - 2014-03-03 20:12 - 00000217 _____ () C:\Users\Chuck New_2\Desktop\Quick Questions to Ask online Used Car Dealers.txt
2014-03-03 19:36 - 2014-03-03 12:20 - 00000895 _____ () C:\Users\Chuck New_2\Desktop\WIFI HOTSPOT MY OBSTACLES TO PICKUP WIFI SIGNAL FROM MY APT.txt
2014-03-03 19:07 - 2014-02-28 03:51 - 00000000 ____D () C:\Users\Chuck New_2\Desktop\2008 Saab 9-3 4 cylinder or 6 Cylinder Automatic Transmision with 48,200Miles PrivateParty price should be around 8,600
2014-03-03 18:12 - 2014-03-03 18:12 - 00000000 _____ () C:\Users\Chuck New_2\Sti_Trace.log
2014-03-03 18:12 - 2014-02-28 02:14 - 00000000 ____D () C:\Users\Chuck New_2
2014-03-03 18:09 - 2014-03-03 18:09 - 00000000 ____D () C:\Users\Chuck New_2\Documents\Fax
2014-03-03 16:40 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\Social Security Disability folder
2014-03-03 12:17 - 2014-03-03 12:17 - 00198397 _____ () C:\Users\Chuck New_2\Desktop\WIFI TECH SUPPORT TO PICK WIFI HOTSPOTS IN MY AREA & NLOS.odt
2014-03-03 12:14 - 2014-03-03 12:14 - 00008546 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text Horizontal No Margins.odt
2014-03-03 12:12 - 2014-03-03 12:10 - 00008558 _____ () C:\Users\Chuck New_2\Desktop\New OpenDocument Text.odt
2014-03-03 12:10 - 2014-03-03 12:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\OpenOffice
2014-03-03 12:03 - 2014-03-03 12:03 - 00000000 _____ () C:\Users\Chuck New_2\Desktop\New Text Document.TXT
2014-03-03 00:21 - 2014-03-03 00:21 - 00282840 _____ (Mozilla) C:\Users\Chuck New_2\Downloads\Firefox Setup Stub 27.0.1(1).exe
2014-03-02 23:23 - 2014-03-02 23:23 - 00294568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 23:23 - 2014-03-02 23:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-02 20:46 - 2014-03-02 20:44 - 00000000 ____D () C:\Users\Chuck New\Desktop\2008 SAAB 9-3 210HP 2.0L 4 Cylinder High Outpt Turbo
2014-03-02 19:24 - 2014-03-02 19:24 - 00000855 _____ () C:\Users\Chuck New\Desktop\Blue Harbor Auto Loans Aproved at 2.49 Percent for 60 months.lnk
2014-03-02 18:59 - 2014-01-26 17:38 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68B306AF-9DC4-44C6-B925-2C91982BBDAF}
2014-03-02 18:07 - 2014-03-02 18:07 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Macromedia
2014-03-02 17:56 - 2014-03-02 17:56 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Mozilla
2014-03-02 17:56 - 2013-12-30 17:40 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Mozilla
2014-03-02 17:13 - 2014-03-02 17:13 - 00002618 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Make $1000′s Per Day with Penny Stocks_ « Invests.com.lnk
2014-03-02 17:13 - 2014-03-02 17:13 - 00002588 _____ () C:\Users\Chuck New\Desktop\Make $1000′s Per Day with Penny Stocks_ « Invests.com.lnk
2014-03-02 16:05 - 2013-12-28 18:11 - 00000000 ____D () C:\Users\Chuck New\Desktop\WiFi Master Folder for anything related to Wifi
2014-03-02 15:35 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Google
2014-03-02 15:33 - 2014-03-02 15:33 - 00847816 _____ (Google Inc.) C:\Users\Chuck New\Downloads\GoogleEarthSetup.exe
2014-03-02 12:31 - 2014-03-02 01:53 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\FileTypeAssistant
2014-03-02 12:30 - 2014-03-02 12:30 - 00064024 _____ () C:\Users\Chuck New\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 12:05 - 2013-11-18 15:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 00:00 - 2014-03-02 00:00 - 00003358 _____ () C:\Users\Chuck New\Desktop\Amazon.com _ WIFI EXPERT - WiFi Antenna 18dBi YAGI + ALFA R36 + G Netw Long Range Booster GET FREE INTERNET _ Network Antennas _ Electronics.lnk
2014-03-01 22:23 - 2014-03-01 22:23 - 00010631 _____ () C:\Users\Chuck New\Desktop\JRT.txt
2014-03-01 21:18 - 2014-03-01 21:17 - 01037734 _____ (Thisisu) C:\Users\Chuck New\Downloads\JRT Software Clean & Remove Unwanted Toolbars on your browsers like FireFox, Chrome & IE.exe
2014-03-01 16:28 - 2014-03-01 16:26 - 07087608 _____ (Microsoft Corporation) C:\Users\Chuck New_2\Downloads\easywifi-win-4.0.78.exe
2014-03-01 11:10 - 2014-03-01 11:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Macromedia
2014-03-01 10:19 - 2014-03-01 10:18 - 00282840 _____ (Mozilla) C:\Users\Chuck New_2\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-01 10:18 - 2014-03-01 10:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Mozilla
2014-03-01 10:17 - 2014-03-01 10:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Mozilla
2014-03-01 02:27 - 2014-03-01 02:27 - 00002190 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-03-01 02:23 - 2014-03-01 02:21 - 07087608 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\easywifi-win-4.0.78.exe
2014-03-01 01:59 - 2014-03-01 01:58 - 01324940 _____ () C:\Users\Chuck New\Downloads\netstumblerinstaller_0_4_0 (1).exe
2014-03-01 01:58 - 2014-03-01 01:57 - 01324940 _____ () C:\Users\Chuck New\Downloads\netstumblerinstaller_0_4_0.exe
2014-03-01 01:39 - 2014-02-27 09:41 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Windows Live
2014-03-01 01:18 - 2014-03-01 01:19 - 00000374 _____ () C:\Users\Chuck New\Desktop\WiFI Everything You Need To Know & where to Buy.url
2014-03-01 01:07 - 2014-03-01 01:06 - 00905426 _____ () C:\Users\Chuck New\Downloads\WebClient.exe
2014-03-01 00:55 - 2014-02-16 04:45 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\CrashDumps
2014-02-28 23:35 - 2014-02-28 23:27 - 00000000 ____D () C:\Users\Chuck New\Desktop\CARCHEX USED CAR INSPECTION COUPONS & INSPECTION SHEETS FOLDER
2014-02-28 23:34 - 2014-02-28 22:12 - 00000000 ____D () C:\Users\Chuck New\Desktop\PEP BOYS USED CAR INSPECTION COUPONS & INSPECTION SHEETS FOLDER
2014-02-28 23:34 - 2014-02-28 14:02 - 00000000 ____D () C:\Users\Chuck New\Desktop\Cars I am Interested In looking at
2014-02-28 22:12 - 2013-12-28 18:11 - 00000000 ____D () C:\Users\Chuck New\Desktop\Disabled people Jobs
2014-02-28 20:34 - 2014-02-28 20:34 - 17268616 _____ (Adobe Systems Incorporated) C:\Users\Chuck New\Downloads\AdobeFlashPlayerActiveXSetup.exe
2014-02-28 17:30 - 2014-01-03 15:16 - 00000000 ____D () C:\Users\Chuck New\2013 Reciepts & Payments
2014-02-28 17:30 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New
2014-02-28 14:33 - 2014-02-28 14:33 - 00001369 _____ () C:\Users\Chuck New\Desktop\Medicare Info Folder - Shortcut.lnk
2014-02-28 14:33 - 2014-02-11 21:39 - 00000000 ____D () C:\Users\Chuck New\Desktop\ALL DESKTOP FOLDERS TO QUICK REFERNCE ON DESKTOP FOR NOW
2014-02-28 14:28 - 2014-02-28 14:28 - 00001320 _____ () C:\Users\Chuck New\Desktop\Used CAR Folder - Shortcut.lnk
2014-02-28 14:22 - 2014-02-28 14:22 - 00001500 _____ () C:\Users\Chuck New\Desktop\New Text, Spread etcSheets Document - Shortcut.lnk
2014-02-28 14:19 - 2014-01-03 14:12 - 00000000 ____D () C:\Users\Chuck New\Desktop\Romactic SMS Messages to send
2014-02-28 14:19 - 2013-12-30 12:37 - 00000000 ____D () C:\Users\Chuck New\Desktop\Window 7 How to Change, Fix ,Delete
2014-02-28 11:19 - 2014-02-27 21:11 - 00002420 _____ () C:\Users\Chuck New\Desktop\Windows7 Registry Backup by CCleaner on 2-4-14 - Shortcut.lnk
2014-02-28 08:50 - 2014-02-28 08:50 - 00012453 _____ () C:\Users\Chuck New_2\Downloads\2009 Honda Accord EX-L.eml
2014-02-28 04:15 - 2014-02-28 04:15 - 00004096 _____ () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Used Cars for Sale in Michigan - MLive.com.lnk
2014-02-28 04:15 - 2014-02-28 04:15 - 00004066 _____ () C:\Users\Chuck New_2\Desktop\Used Cars for Sale in Michigan - MLive.com.lnk
2014-02-28 04:10 - 2014-02-28 04:10 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Adobe
2014-02-28 04:10 - 2014-02-28 02:16 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Adobe
2014-02-28 02:21 - 2014-02-28 02:16 - 00002257 _____ () C:\Users\Chuck New_2\Desktop\Google Chrome.lnk
2014-02-28 02:20 - 2014-02-28 02:20 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Seagate
2014-02-28 02:17 - 2014-02-28 02:17 - 00064024 _____ () C:\Users\Chuck New_2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Memeo
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\AVG2014
2014-02-28 02:17 - 2014-02-28 02:17 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\Avg2014
 
Last third of FRST.txt

2014-02-28 02:17 - 2014-02-28 02:16 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-28 02:17 - 2014-02-28 02:16 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-28 02:16 - 2014-02-28 02:16 - 00001415 _____ () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-28 02:16 - 2014-02-28 02:16 - 00000000 ___RD () C:\Users\Chuck New_2\Virtual Machines
2014-02-28 02:15 - 2014-02-28 02:15 - 00000884 __RSH () C:\Users\Chuck New_2\ntuser.pol
2014-02-28 02:15 - 2014-02-28 02:15 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Local\VirtualStore
2014-02-28 02:15 - 2013-10-31 09:04 - 00003182 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl
2014-02-28 02:14 - 2014-02-28 02:14 - 00000020 ___SH () C:\Users\Chuck New_2\ntuser.ini
2014-02-27 21:13 - 2014-01-03 15:18 - 00000000 ____D () C:\Users\Chuck New\Windows 7 Misc Required Repairs & Required modications Folder
2014-02-27 19:59 - 2014-02-14 12:22 - 00000000 ____D () C:\Users\Chuck New\Desktop\Affordable Care Act Insurance Providers & Info on What they all must cover
2014-02-27 19:18 - 2014-01-14 16:18 - 00000000 ____D () C:\Users\Chuck New\Desktop\Icon's 2014
2014-02-27 19:16 - 2014-01-07 15:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-27 18:30 - 2014-02-27 18:30 - 00003326 _____ () C:\Windows\System32\Tasks\BatteryCareAuto
2014-02-27 17:36 - 2014-02-27 17:36 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\BatteryCare
2014-02-27 17:36 - 2014-02-27 17:36 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2014-02-27 09:44 - 2014-02-16 04:49 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Windows Live Writer
2014-02-27 07:53 - 2014-02-27 07:53 - 00002590 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Repocast- Repossesion- Foreclosure- and Consignment Online Auctions.lnk
2014-02-27 06:03 - 2013-11-19 14:04 - 00001388 _____ () C:\Users\Chuck\Desktop\Quick Access to Icons used in 2013 -.lnk
2014-02-27 06:02 - 2014-02-27 06:01 - 04765152 _____ (Piriform Ltd) C:\Users\Chuck New\Downloads\ccsetup411.exe
2014-02-27 05:45 - 2014-02-27 05:45 - 00003342 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-02-27 05:45 - 2014-02-27 05:45 - 00002264 _____ () C:\Users\Chuck New\Desktop\SpyHunter.lnk
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\sh4ldr
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-27 05:45 - 2014-02-27 05:45 - 00000000 _____ () C:\autoexec.bat
2014-02-27 05:45 - 2014-02-27 05:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-27 05:43 - 2014-02-27 05:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Chuck New\Downloads\SpyHunter-Installer.exe
2014-02-27 04:56 - 2014-02-27 04:56 - 15776072 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Chuck New\Downloads\outlook-pst-repair-508.exe
2014-02-27 04:49 - 2014-02-25 20:36 - 00000000 ____D () C:\Users\Chuck New\Desktop\RESTORED THIS PC ON 2-25-14 Using Restore Point Date of 1-17-14 time 1-55 AM
2014-02-27 04:39 - 2014-02-27 04:38 - 00009378 _____ () C:\Users\Chuck New\Downloads\SystemLook.txt
2014-02-27 04:37 - 2014-02-27 04:37 - 00165376 _____ () C:\Users\Chuck New\Downloads\SystemLook_x64.exe
2014-02-27 04:12 - 2014-02-27 04:12 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Chuck New\Downloads\rkill.exe
2014-02-27 03:40 - 2014-02-27 01:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-27 03:32 - 2014-02-27 01:18 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-27 02:50 - 2014-02-27 02:50 - 00000000 ____D () C:\Users\Chuck New\Documents\ProcAlyzer Dumps
2014-02-27 02:49 - 2014-01-04 20:32 - 00000000 ____D () C:\Users\Guest Account
2014-02-27 02:37 - 2014-02-27 02:37 - 00007600 _____ () C:\Users\Chuck New\AppData\Local\Resmon.ResmonCfg
2014-02-27 01:25 - 2014-02-27 01:24 - 06951200 _____ () C:\Users\Chuck New\Downloads\spybotsd_includes.exe
2014-02-27 01:21 - 2014-02-27 01:21 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Safer Networking
2014-02-27 01:19 - 2014-02-27 01:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-27 01:17 - 2014-02-27 01:16 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Chuck New\Downloads\spybot-2.2.exe
2014-02-26 22:18 - 2014-02-26 22:18 - 00025556 _____ () C:\Users\Chuck New\Downloads\Safeco-Jesten Question, Concerns Descrepancies with My Safeco online Account, Rebate, Montly Vehicle Payments, Remove Christines Info.odt
2014-02-26 20:37 - 2014-02-26 20:37 - 01752632 _____ (Safer-Networking Ltd. ) C:\Users\Chuck New\Downloads\regalyz-1.6.2.16.exe
2014-02-26 20:02 - 2014-02-26 20:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\MicrosoftFixit.malware.FISC.16316889920737457.3.1.Run.exe
2014-02-26 20:02 - 2014-02-26 20:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Chuck New\Downloads\MicrosoftFixit.IEPerformance.FISC.16316889920737457.3.2.Run.exe
2014-02-26 19:54 - 2014-02-26 19:54 - 00102909 _____ () C:\Users\Chuck New\Downloads\97D1.tmp
2014-02-26 19:17 - 2014-01-03 15:16 - 00000000 ____D () C:\Users\Chuck New\ASUS MASTER WITH COMPUTER MANUALS DRIVER SOFTWARE, , BATTERY MAINTENACE,Folder
2014-02-26 13:50 - 2014-02-26 13:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Slacker
2014-02-26 13:50 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-26 13:16 - 2014-02-26 13:16 - 06031785 _____ () C:\Users\Chuck New\Downloads\dict-en.oxt
2014-02-26 01:44 - 2013-12-28 21:35 - 00000000 ____D () C:\Users\Guest
2014-02-26 01:44 - 2013-03-02 07:34 - 00000000 ____D () C:\Users\Chuck
2014-02-26 01:41 - 2013-03-03 09:14 - 00000000 ____D () C:\Users\Chuck\2013 Reciepts & Payments
2014-02-26 01:39 - 2014-02-28 02:14 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-26 01:39 - 2014-02-28 02:14 - 00000000 ___RD () C:\Users\Chuck New_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-26 01:39 - 2013-12-28 14:21 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-26 01:39 - 2013-12-20 20:33 - 00000000 ____D () C:\Users\Chuck\Documents\Wifi Protector
2014-02-26 01:39 - 2013-11-29 13:08 - 00000000 ____D () C:\Users\Chuck\AppData\Local\RadioSure
2014-02-26 01:39 - 2013-11-25 09:07 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\FreeFileViewer
2014-02-26 01:39 - 2013-11-23 17:51 - 00000000 ____D () C:\Users\Chuck\Microsoft Fix-it Updates 11-23-13
2014-02-26 01:39 - 2013-11-22 18:33 - 00000000 ____D () C:\Users\Chuck\Desktop\GR Aparments as of 11-22-13 searched
2014-02-26 01:39 - 2013-11-19 13:07 - 00000000 ____D () C:\Users\Chuck\Desktop Icons Quick Access to them
2014-02-26 01:39 - 2013-11-18 16:28 - 00000000 ____D () C:\Users\Chuck\Windows 7 Misc Required Repairs & Required modications Folder
2014-02-26 01:39 - 2013-11-18 03:18 - 00000000 ____D () C:\Users\Chuck\AppData\Local\WhiteListing
2014-02-26 01:39 - 2013-11-06 08:09 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-26 01:39 - 2013-10-26 13:36 - 00000000 ____D () C:\Users\Chuck\OpenOffice 4.0.1 (en-US) Installation Files
2014-02-26 01:39 - 2013-10-13 13:15 - 00000000 ____D () C:\Users\Chuck\AppData\Local\{A2E709BB-D3E4-426A-9D1E-2CD0E6D11617}
2014-02-26 01:39 - 2013-10-13 12:17 - 00000000 ____D () C:\Users\Chuck\NETGEAR PTVU1000 Push2TV HD Adapter Folder
2014-02-26 01:39 - 2013-09-03 00:55 - 00000000 ___RD () C:\Users\Chuck\Dropbox
2014-02-26 01:39 - 2013-08-10 17:41 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\BitTorrent
2014-02-26 01:39 - 2013-07-02 12:24 - 00000000 ____D () C:\Users\Chuck\AppData\Local\File Viewer
2014-02-26 01:39 - 2013-06-18 09:40 - 00000000 ____D () C:\Users\Chuck\softi scan to pdf Software
2014-02-26 01:39 - 2013-06-05 21:14 - 00000000 ___RD () C:\Users\Chuck\Virtual Machines
2014-02-26 01:39 - 2013-06-05 16:07 - 00000000 ____D () C:\Users\Chuck\SafeCo Car Insurance
2014-02-26 01:39 - 2013-06-05 16:07 - 00000000 ____D () C:\Users\Chuck\Parks in Lansing Area
2014-02-26 01:39 - 2013-05-27 16:45 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2014-02-26 01:39 - 2013-05-23 23:17 - 00000000 ____D () C:\Users\Chuck\OpenOffice.org 3.4.1 (en-US) Installation Files
2014-02-26 01:39 - 2013-05-21 19:38 - 00000000 ____D () C:\Users\Chuck\GoogleCal_v2.2
2014-02-26 01:39 - 2013-05-16 23:23 - 00000000 ____D () C:\Users\Chuck\GefenGTV-DD-2AA
2014-02-26 01:39 - 2013-05-03 19:17 - 00000000 ___RD () C:\Users\Chuck\Documents\Notes
2014-02-26 01:39 - 2013-04-14 23:53 - 00000000 ____D () C:\Users\Chuck\AppData\Local\SwvUpdater
2014-02-26 01:39 - 2013-03-12 15:14 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Skype
2014-02-26 01:39 - 2013-03-02 07:35 - 00000000 ___RD () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 01:39 - 2013-03-02 07:35 - 00000000 ___RD () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-26 01:39 - 2013-03-02 07:34 - 00000000 ___RD () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-26 01:39 - 2013-03-02 07:34 - 00000000 ___RD () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-26 01:39 - 2009-07-13 22:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-26 01:39 - 2009-07-13 22:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-26 01:39 - 2009-07-13 22:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-26 01:39 - 2009-07-13 22:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-26 01:38 - 2014-02-28 02:14 - 00000000 ____D () C:\Users\Chuck New_2\AppData\Roaming\Macromedia
2014-02-26 01:38 - 2014-01-03 15:18 - 00000000 ___RD () C:\Users\Chuck New\Virtual Machines
2014-02-26 01:38 - 2013-11-19 14:00 - 00000000 ____D () C:\Users\Chuck\Quick Access to Recent Info in Folders
2014-02-26 01:38 - 2013-05-27 16:56 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-26 01:38 - 2013-05-27 16:56 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-26 01:38 - 2013-03-01 23:37 - 00000000 ____D () C:\ProgramData\P4G
2014-02-26 01:38 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Default
2014-02-26 01:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-02-26 01:37 - 2013-12-27 17:19 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Malwarebytes
2014-02-26 01:37 - 2013-11-29 14:19 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Wondershare
2014-02-26 01:37 - 2013-11-20 15:57 - 00000000 ____D () C:\Users\Chuck\AppData\Local\SlimWare Utilities Inc
2014-02-26 01:37 - 2013-11-18 03:18 - 00000000 ____D () C:\Users\Chuck\AppData\Local\NativeMessaging
2014-02-26 01:37 - 2013-10-19 12:51 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Seagate
2014-02-26 01:37 - 2013-10-19 12:51 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Memeo
2014-02-26 01:37 - 2013-10-13 11:06 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-02-26 01:37 - 2013-10-11 11:04 - 00000000 ____D () C:\Users\Chuck\AppData\Local\QuotationCafe_45
2014-02-26 01:37 - 2013-09-20 19:16 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\AVG2014
2014-02-26 01:37 - 2013-08-24 07:02 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Dropbox
2014-02-26 01:37 - 2013-08-13 15:49 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\OpenOffice
2014-02-26 01:37 - 2013-08-10 17:57 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\IDM
2014-02-26 01:37 - 2013-07-29 10:55 - 00000000 ____D () C:\Users\Chuck\Documents\samsung
2014-02-26 01:37 - 2013-07-29 10:55 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Samsung
2014-02-26 01:37 - 2013-07-29 10:55 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Samsung
2014-02-26 01:37 - 2013-06-06 15:27 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-02-26 01:37 - 2013-05-23 23:26 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\OpenOffice.org
2014-02-26 01:37 - 2013-05-14 19:49 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Mozilla
2014-02-26 01:37 - 2013-05-08 11:55 - 00000000 ____D () C:\Users\Chuck\AppData\Local\The Weather Channel
2014-02-26 01:37 - 2013-05-01 19:29 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\FLEXnet
2014-02-26 01:37 - 2013-05-01 12:43 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Zeon
2014-02-26 01:37 - 2013-04-19 16:58 - 00000000 ____D () C:\Users\Chuck\Documents\Fax
2014-02-26 01:37 - 2013-04-12 21:32 - 00000000 ___RD () C:\Users\Chuck\AppData\Roaming\Brother
2014-02-26 01:37 - 2013-03-04 13:23 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Macromedia
2014-02-26 01:37 - 2013-03-04 13:05 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Nitro
2014-02-26 01:37 - 2013-03-02 10:42 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Adobe
2014-02-26 01:37 - 2013-03-02 07:34 - 00000000 ____D () C:\Users\Chuck\AppData\Local\VirtualStore
2014-02-26 01:36 - 2014-01-20 19:59 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPubsoft
2014-02-26 01:36 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-26 01:36 - 2013-12-27 09:43 - 00000000 ____D () C:\Users\Chuck\AppData\Local\LogMeIn Rescue Applet
2014-02-26 01:36 - 2013-12-21 12:26 - 00000000 ____D () C:\Users\Chuck\AppData\Local\mHotspot_Inc
2014-02-26 01:36 - 2013-06-03 08:32 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Garmin
2014-02-26 01:36 - 2013-05-27 16:44 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Facebook
2014-02-26 01:36 - 2013-05-01 12:43 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Downloaded Installations
2014-02-26 01:36 - 2013-04-19 16:11 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Google
2014-02-26 01:36 - 2013-04-14 23:52 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Conduit
2014-02-26 01:36 - 2013-03-24 18:48 - 00000000 ____D () C:\Users\Chuck\AppData\Local\ASUS
2014-02-26 01:36 - 2013-03-03 11:36 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Apps\2.0
2014-02-26 01:35 - 2013-04-11 17:18 - 00000000 ____D () C:\Data
2014-02-26 01:35 - 2013-03-01 23:35 - 00000000 ____D () C:\eSupport
2014-02-25 21:56 - 2014-02-25 21:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Nitro
2014-02-25 21:50 - 2014-02-25 21:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\FileOpen
2014-02-25 20:15 - 2013-12-28 19:57 - 00000000 ____D () C:\Users\Chuck New\Push2TV By Netgear Folder
2014-02-25 20:15 - 2013-12-20 20:33 - 00000000 ____D () C:\Users\Chuck New\Documents\Wifi Protector
2014-02-25 20:15 - 2013-10-29 14:07 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-02-25 20:15 - 2013-05-23 23:34 - 00000000 ____D () C:\Users\Chuck New\Documents\My Smilebox Creations
2014-02-25 20:14 - 2013-08-10 08:46 - 00000000 ____D () C:\Users\Chuck\Targus Ext USB Plugin Bluetooth Model ABC10US1 Drivers & Manual
2014-02-25 19:02 - 2013-12-28 14:21 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\WinRAR
2014-02-25 19:02 - 2013-05-22 14:35 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\webex
2014-02-25 19:02 - 2013-03-04 13:11 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\PrimoPDF
2014-02-25 19:01 - 2013-11-15 23:27 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\Open Download Manager
2014-02-25 19:01 - 2013-08-10 17:57 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\DMCache
2014-02-25 19:01 - 2013-08-10 17:33 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\DownLite
2014-02-25 19:01 - 2013-06-25 17:10 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Vivox
2014-02-25 19:01 - 2013-05-21 19:10 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Windows Live
2014-02-25 19:01 - 2013-03-04 13:05 - 00000000 ____D () C:\Users\Chuck\AppData\Roaming\FileOpen
2014-02-25 18:56 - 2014-01-05 00:08 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CRE
2014-02-25 18:56 - 2013-12-28 01:03 - 00000000 ____D () C:\Users\Chuck\AppData\Local\FileTypeAssistant
2014-02-25 18:56 - 2013-11-25 00:55 - 00000000 ____D () C:\Users\Chuck\AppData\Local\FreeFileViewer
2014-02-25 18:56 - 2013-09-30 15:46 - 00000000 ____D () C:\Users\Chuck\AppData\Local\avgchrome
2014-02-25 18:56 - 2013-03-26 11:50 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CrashDumps
2014-02-25 10:16 - 2009-07-29 00:10 - 00000000 __SHD () C:\Recovery
2014-02-25 04:27 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-25 01:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-02-17 01:31 - 2014-02-17 01:30 - 00000000 ____D () C:\Users\Chuck New\My Picture old
2014-02-17 01:04 - 2014-01-09 15:37 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\vlc
2014-02-16 23:13 - 2014-02-16 23:13 - 00001054 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-16 23:01 - 2014-02-16 23:01 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\PDF Architect
2014-02-16 22:54 - 2014-02-16 22:54 - 06083640 _____ (NCH Software) C:\Users\Chuck New\Downloads\vppsetup.exe
2014-02-16 22:54 - 2014-02-16 22:54 - 00001136 _____ () C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2014-02-16 22:54 - 2014-01-12 17:13 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\NCH Software
2014-02-16 22:54 - 2013-12-25 22:12 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-02-16 22:47 - 2014-02-16 22:47 - 00001304 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-02-16 22:47 - 2014-02-16 22:47 - 00001172 _____ () C:\Users\Public\Desktop\PhotoStage Slideshow Producer.lnk
2014-02-16 22:47 - 2013-12-25 22:11 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-02-16 13:00 - 2013-05-21 19:59 - 00003114 _____ () C:\Windows\System32\Tasks\P4G Sidebar
2014-02-16 12:51 - 2014-02-16 12:51 - 00000000 ____D () C:\Users\Chuck New\SystemRequirementsLab
2014-02-16 09:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-16 07:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-02-16 07:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-16 07:47 - 2013-10-02 10:30 - 00000000 ____D () C:\Windows\pss
2014-02-16 05:25 - 2014-01-03 15:19 - 00000000 ____D () C:\Users\Chuck New\Quick Acces to Documents recent used
2014-02-16 05:12 - 2013-07-13 00:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 05:11 - 2013-06-25 19:44 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 05:11 - 2013-06-25 19:44 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 05:08 - 2013-04-25 07:33 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 05:02 - 2013-05-09 01:53 - 00777446 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-16 04:49 - 2014-02-16 04:49 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Windows Live Writer
2014-02-16 03:03 - 2014-02-10 06:19 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-02-16 02:49 - 2014-01-19 13:22 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IconLover
2014-02-16 02:49 - 2014-01-12 17:13 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-02-16 02:47 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-16 02:46 - 2014-02-11 17:25 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-16 02:46 - 2014-02-11 17:25 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-16 02:46 - 2014-02-10 08:23 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Iceni
2014-02-16 02:46 - 2014-02-10 08:23 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Iceni
2014-02-16 02:46 - 2014-02-10 07:01 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utilities
2014-02-16 02:46 - 2014-02-04 14:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-16 02:46 - 2014-02-04 12:10 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Free Download Manager
2014-02-16 02:46 - 2014-01-28 13:27 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Garmin
2014-02-16 02:46 - 2014-01-26 18:56 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\CyberMatrix
2014-02-16 02:46 - 2014-01-25 09:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-16 02:46 - 2014-01-20 21:02 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Samsung
2014-02-16 02:46 - 2014-01-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Advanced Scan to PDF Free
2014-02-16 02:46 - 2014-01-06 00:33 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\RealPlayer Free Download Packages
2014-02-16 02:46 - 2014-01-05 23:50 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Malwarebytes
2014-02-16 02:46 - 2013-12-28 19:38 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\{A2E709BB-D3E4-426A-9D1E-2CD0E6D11617}
2014-02-16 02:46 - 2013-12-28 17:53 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\AVG2014
2014-02-16 02:46 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 02:46 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-16 02:46 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 02:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-16 02:40 - 2014-02-11 18:38 - 00000000 ____D () C:\Users\New User\AppData\Roaming\OpenOffice
2014-02-16 02:40 - 2014-02-11 17:26 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Memeo
2014-02-16 02:40 - 2014-02-11 17:26 - 00000000 ____D () C:\Users\New User\AppData\Roaming\AVG2014
2014-02-16 02:40 - 2014-02-11 17:25 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Macromedia
2014-02-16 02:40 - 2014-01-07 15:14 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\SlimWare Utilities Inc
2014-02-16 02:40 - 2014-01-01 23:45 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\OpenOffice
2014-02-16 02:40 - 2013-12-28 17:57 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Adobe
2014-02-16 02:40 - 2013-12-28 17:54 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Memeo
2014-02-16 02:40 - 2013-12-28 17:52 - 00000000 ____D () C:\Users\Chuck New\AppData\Roaming\Macromedia
2014-02-16 02:39 - 2014-02-10 08:23 - 00000000 ____D () C:\ProgramData\Iceni
2014-02-16 02:39 - 2014-02-10 08:23 - 00000000 ____D () C:\ProgramData\Aspell
2014-02-16 02:39 - 2014-02-10 08:22 - 00000000 ____D () C:\Program Files (x86)\Iceni
2014-02-16 02:27 - 2014-02-13 12:03 - 00000000 ____D () C:\ProgramData\VMware
2014-02-16 01:08 - 2014-02-16 01:08 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\VirtualStore
2014-02-16 01:05 - 2014-02-16 00:55 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Adobe
2014-02-16 00:47 - 2014-02-16 00:47 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\FreeFileViewer
2014-02-16 00:29 - 2013-12-28 17:53 - 00000000 ____D () C:\Users\Chuck New\AppData\Local\Avg2014
2014-02-15 16:16 - 2014-02-15 16:16 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-13 12:03 - 2014-02-13 12:03 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-13 12:03 - 2014-02-13 12:03 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-12 18:57 - 2014-01-03 15:19 - 00000000 ____D () C:\Users\Chuck New\Local 333 Cobra Extension Info
2014-02-11 21:58 - 2014-02-11 21:59 - 00001357 _____ () C:\Users\Chuck New\Desktop\SkyDrive - Shortcut.lnk
2014-02-11 21:58 - 2014-01-03 15:20 - 00000000 ___RD () C:\Users\Chuck New\SkyDrive Cloud
2014-02-11 21:39 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\FaceBook Letter sent to protect my privacy
2014-02-11 21:36 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\DNR ORV Riding Trails
2014-02-11 21:35 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\DBT Information Includes Outpatient Program overiew & Pine Rest DBT Program Folder
2014-02-11 21:26 - 2014-01-03 15:19 - 00000000 ____D () C:\Users\Chuck New\Mental Health diseases and conditions
2014-02-11 20:57 - 2014-02-11 18:16 - 00000000 ____D () C:\Users\New User\Desktop\In Windows 7 to configure all Primary & Subfolders to there original Default Setup
2014-02-11 19:50 - 2014-02-11 19:50 - 00000000 ____D () C:\Users\New User\AppData\Roaming\vlc
2014-02-11 19:24 - 2014-02-11 19:24 - 00187078 _____ () C:\Users\New User\Desktop\Defaut Window 7 Computer Menu.odt
2014-02-11 19:04 - 2014-02-11 19:04 - 00001415 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-11 18:44 - 2014-02-11 18:44 - 00000000 ____D () C:\Users\New User\AppData\Local\Adobe
2014-02-11 18:44 - 2014-02-11 17:26 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Adobe
2014-02-11 18:40 - 2014-02-11 18:40 - 00008278 _____ () C:\Users\New User\Desktop\Narow Margin New Rich Text Document.odt
2014-02-11 17:33 - 2014-02-11 17:33 - 00000000 ___RD () C:\Users\New User\SkyDrive
2014-02-11 17:33 - 2014-02-11 17:25 - 00002169 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-02-11 17:26 - 2014-02-11 17:26 - 00064024 _____ () C:\Users\New User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-11 17:26 - 2014-02-11 17:26 - 00002257 _____ () C:\Users\New User\Desktop\Google Chrome.lnk
2014-02-11 17:26 - 2014-02-11 17:26 - 00001415 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\Virtual Machines
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ___RD () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-11 17:26 - 2014-02-11 17:26 - 00000000 ____D () C:\Users\New User\AppData\Local\Avg2014
2014-02-11 17:25 - 2014-02-11 17:25 - 00000884 __RSH () C:\Users\New User\ntuser.pol
2014-02-11 17:25 - 2014-02-11 17:25 - 00000020 ___SH () C:\Users\New User\ntuser.ini
2014-02-11 17:25 - 2014-02-11 17:25 - 00000000 ____D () C:\Users\New User\AppData\Local\VirtualStore
2014-02-11 16:53 - 2013-04-19 16:58 - 00000000 ____D () C:\Users\Chuck New\Fax Blank Cover Sheets -that you made in Windows Fax and Scan Program
2014-02-11 16:18 - 2014-01-09 16:37 - 00000000 ____D () C:\Users\Chuck New\Faxes that you made in Windows Fax and Scan Program
2014-02-11 15:38 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\FAXES
2014-02-11 15:34 - 2014-01-03 15:16 - 00000000 ____D () C:\Users\Chuck New\D-Link WIRELES ROUTERS Information Folder
2014-02-11 15:18 - 2014-01-03 15:16 - 00000000 ____D () C:\Users\Chuck New\Cisco-Linksys WiFI USB Adapter Model AE1000 Info Folder
2014-02-11 14:58 - 2013-03-01 23:30 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-02-11 13:38 - 2014-01-03 15:20 - 00000000 ____D () C:\Users\Chuck New\Local UA 333 Info Folder
2014-02-10 17:43 - 2014-02-10 17:43 - 01238645 _____ () C:\Users\Chuck New\Downloads\aoo-pdf-import-0.1.0-windows-x86.oxt
2014-02-10 08:44 - 2014-02-10 08:44 - 02661226 _____ () C:\Users\Chuck New\Downloads\oracle-pdfimport (1).oxt
2014-02-10 08:23 - 2014-02-10 08:23 - 00000000 ____D () C:\Windows\Infix PDF
2014-02-10 08:23 - 2014-02-10 08:23 - 00000000 ____D () C:\ActMask
2014-02-10 08:19 - 2014-02-10 08:19 - 00930440 _____ (CNET Download.com) C:\Users\Chuck New\Downloads\cbsidlm-cbsi176-Infix_PDF_Editor-SEO-10391701.exe
2014-02-10 07:29 - 2014-02-10 07:29 - 02661226 _____ () C:\Users\Chuck New\Downloads\oracle-pdfimport.oxt
2014-02-10 07:01 - 2013-12-28 01:04 - 00000000 ____D () C:\ProgramData\NCH Software
2014-02-10 05:48 - 2013-11-25 00:54 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-10 05:47 - 2014-02-10 05:47 - 00000042 _____ () C:\Users\Chuck New\AppData\Roaming\WB.CFG
2014-02-09 22:03 - 2013-03-25 16:44 - 00000426 _____ () C:\Windows\BRWMARK.INI
2014-02-08 18:46 - 2013-03-02 11:22 - 00000024 _____ () C:\Windows\ATKPF.ini
2014-02-08 16:01 - 2013-11-15 10:05 - 00000000 ____D () C:\Program Files\Recuva
2014-02-08 15:18 - 2014-02-08 15:17 - 13729983 _____ () C:\Users\Chuck New\Downloads\CAMERA_AzureWave_WIN7_64.zip
2014-02-08 15:10 - 2014-02-08 15:10 - 03607660 _____ () C:\Users\Chuck New\Downloads\Camera_AW_AM-VS011_WIN7_64_Z5854000204.zip
2014-02-08 14:09 - 2014-02-08 14:09 - 04092088 _____ (Piriform Ltd) C:\Users\Chuck New\Downloads\rcsetup150.exe
2014-02-08 00:56 - 2014-02-08 00:56 - 00002718 _____ () C:\Users\Chuck New\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Security Online - Medicare Information.lnk
2014-02-07 20:11 - 2014-02-07 20:11 - 00000034 _____ () C:\Windows\SysWOW64\BD7020.DAT
2014-02-07 20:06 - 2014-02-07 20:06 - 00000050 _____ () C:\Windows\system32\bd7020.dat
2014-02-07 20:05 - 2014-02-07 20:05 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-02-07 20:05 - 2013-03-01 23:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-07 20:04 - 2014-02-07 19:36 - 00000000 ____D () C:\bront
2014-02-07 19:53 - 2014-02-07 19:44 - 00000000 ____D () C:\brodnt
2014-02-07 19:40 - 2014-02-07 19:40 - 00000000 ____D () C:\ProgramData\Brother
2014-02-07 19:13 - 2014-02-07 19:13 - 00003102 _____ () C:\Windows\System32\Tasks\{15225D4F-88F4-489D-812D-24A3BB55A5F9}
2014-02-07 19:13 - 2014-02-07 19:13 - 00003102 _____ () C:\Windows\System32\Tasks\{00C73705-0303-4247-B539-7F2C5F566AC2}
2014-02-07 19:13 - 2014-02-07 19:13 - 00000000 ____D () C:\Windows\SysWOW64\rempnp
2014-02-07 19:09 - 2014-02-07 19:09 - 00003302 _____ () C:\Windows\System32\Tasks\{6307A71B-BD51-42DF-B267-F91801AE5C2E}
2014-02-07 18:57 - 2014-02-07 18:57 - 00003514 _____ () C:\Windows\System32\Tasks\{5D26674A-1AA6-463D-AD6E-B5E0F98D63A8}
2014-02-06 07:16 - 2014-02-16 04:58 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-16 04:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-16 04:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-16 04:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-16 04:58 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-16 04:58 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-16 04:58 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-16 04:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-16 04:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-16 04:58 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-16 04:58 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-16 04:58 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-16 04:58 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-16 04:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-16 04:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-16 04:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-16 04:58 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-16 04:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-16 04:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-16 04:58 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-16 04:58 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-16 04:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-16 04:58 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-16 04:58 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-16 04:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-16 04:58 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-16 04:58 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-16 04:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:25 - 2014-02-16 04:58 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:24 - 2014-02-16 04:58 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-16 04:58 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-16 04:58 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-16 04:58 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-16 04:58 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-16 04:58 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-16 04:58 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-16 04:58 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-16 04:58 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-16 04:58 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 20:40 - 2014-02-05 20:40 - 00001037 _____ () C:\Users\Chuck New\Desktop\Chuck New His Folders Shortcut.lnk
2014-02-05 16:51 - 2013-12-20 22:07 - 00000000 ____D () C:\Users\Chuck New\Wirless Key View program
2014-02-05 13:28 - 2014-01-19 14:11 - 00000000 ____D () C:\Users\Chuck New\2013 FEDEAL INCOME TAX INFO SSDI TOTAL PAID IN 2013, IRS FORMS , TAX DEDUCTION, INTEREST FOLDER
2014-02-05 13:07 - 2014-02-05 13:07 - 00422624 _____ () C:\Users\Chuck New\Downloads\CloudConnect-v18-prod.apk
2014-02-05 09:17 - 2014-02-05 09:18 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Chuck New\Downloads\AdobeAIRSetup.exe

Some content of TEMP:
====================
C:\Users\Chuck New_2\AppData\Local\Temp\easywifi-win-4.0.110.exe
C:\Users\Chuck New_2\AppData\Local\Temp\feedback.dll
C:\Users\Chuck New_2\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 06:40

==================== End Of Log ============================
 
Hi OCD,
I am sorry I did not see the fault code stating the FRST.txt was too big to post all together...So I broke it up into thirds.

I also removed AVG

Please let me know how to proceed from here....

Thanks, Chuck
 
Hi chucka52,

I am sorry I did not see the fault code stating the FRST.txt was too big to post all together...So I broke it up into thirds
Click to expand...
:bigthumb:

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Code: 
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\CHUCKN~1\AppData\Local\mysearchdial-speeddial.crx [2014-02-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-01] (AVG Secure Search)
2014-02-26 01:36 - 2013-04-14 23:52 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Conduit

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

AdwCleaner v3: Scan & Clean
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that log file in your next reply.
  • A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================

Junkware Removal Tool

Download Junkware Removal Tool to your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Shut down your protection software now to avoid potential conflicts.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
=========================

In your next post please provide the following:
  • Fixlog.txt
  • AdwCleaner[S0].txt
  • JRT.txt
 
fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2014
Ran by Chuck New_2 at 2014-03-11 10:44:11 Run:1
Running from C:\Users\Chuck New_2\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0101&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=322700616&ir=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\CHUCKN~1\AppData\Local\mysearchdial-speeddial.crx [2014-02-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-01] (AVG Secure Search)
2014-02-26 01:36 - 2013-04-14 23:52 - 00000000 ____D () C:\Users\Chuck\AppData\Local\Conduit
*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully.
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\CHUCKN~1\AppData\Local\mysearchdial-speeddial.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
vToolbarUpdater17.0.12 => Service deleted successfully.
C:\Users\Chuck\AppData\Local\Conduit => Moved successfully.

==== End of Fixlog ====
 
AdwCleaner(SO).txt

# AdwCleaner v3.021 - Report created 11/03/2014 at 10:53:19
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Chuck New_2 - STEVO-PC
# Running from : C:\Users\Chuck New_2\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdfforge
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Program Files\pdfforge
[#] Folder Deleted : C:\Users\Chuck\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Chuck\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Chuck\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Chuck\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Chuck\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Chuck\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Chuck New\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Chuck New\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Chuck New_2\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jwvkve0p.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Chuck New\AppData\Roaming\Mozilla\Firefox\Profiles\m9vx4ir1.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jwvkve0p.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jwvkve0p.default\user.js
File Deleted : C:\Users\Chuck New\AppData\Roaming\Mozilla\Firefox\Profiles\m9vx4ir1.default\user.js
File Deleted : C:\Windows\System32\Tasks\NCH Software
File Deleted : C:\Windows\System32\Tasks\SpyHunter4Startup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1368B44-60A8-470F-9537-C1BC2390C8E3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E29C446-AC83-49C9-800D-A8459A05900D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : [x64] HKLM\SOFTWARE\caphyon
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jwvkve0p.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=file0103&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0EyBzy0CtBzzyCyEyDyCtN0D0Tzu0CyByBtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Chuck New\AppData\Roaming\Mozilla\Firefox\Profiles\m9vx4ir1.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Chuck New\AppData\Roaming\Mozilla\Firefox\Profiles\vpa48ln3.default\prefs.js ]


[ File : C:\Users\Chuck New_2\AppData\Roaming\Mozilla\Firefox\Profiles\1ygtpeol.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Chuck New\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Chuck New_2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url

[ File : C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [16332 octets] - [11/03/2014 10:50:30]
AdwCleaner[S0].txt - [16173 octets] - [11/03/2014 10:53:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16234 octets] ##########
 
JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Chuck New_2 on Tue 03/11/2014 at 11:13:09.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Chuck New_2\AppData\Roaming\mozilla\firefox\profiles\1ygtpeol.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/11/2014 at 11:20:16.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Hi chucka52,

How is the computer running now?

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================

In your next post please provide the following:
  • FRST.txt
 
Status
Not open for further replies.
Back
Top