Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Logs are too long to post

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 2014-07-26, 08:37 #1
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default Logs are too long to post

    REFER BACK TO:
    http://forums.spybot.info/showthread...570#post455570
    I've tried posting my logs to the forum but keep being told that they are too long... All I've done is copy and paste. Not sure if I'm missing something. The spacecount is currently 437561 characters after running the entire thing through Notepadd++ and removing all the whitespace... Any suggestions would be greatly appreciated.
    Thanks
    Frank
  2. 2014-07-26, 15:11 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Sorry your having problems Frank, I am assuming that the logs you want to post are FRST, Additions and aswMBR ...Correct ?

    Why dont you do this, press the Ctrl key with your left hand and with your mouse select each log and then right click on them and select Send To ...Compressed Zip Folder, name it Logs and save it to your desktop and then go down to Manage Attachments and attach the file, then Submit Reply, also give me a brief description of whats going on on your system
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2014-07-26, 16:19 #3
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default morning, morning.

    Quote Originally Posted by ken545 View Post


    Sorry your having problems Frank, I am assuming that the logs you want to post are FRST, Additions and aswMBR ...Correct ?

    Why dont you do this, press the Ctrl key with your left hand and with your mouse select each log and then right click on them and select Send To ...Compressed Zip Folder, name it Logs and save it to your desktop and then go down to Manage Attachments and attach the file, then Submit Reply, also give me a brief description of whats going on on your system
    10-4. are zip files always welcome? i'll get those over right away.
  4. 2014-07-26, 16:34 #4
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hello Frank,

    We prefer that logs are directly copy and pasted in the thread but if its to large and the forum wont except them then attaching them is fine
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2014-07-26, 17:02 #5
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default hope this works

    Quote Originally Posted by ken545 View Post
    Hello Frank,

    We prefer that logs are directly copy and pasted in the thread but if its to large and the forum wont except them then attaching them is fine
    Attached is a file containing all of the requested info. the breakdown of the events leading up to and following are also included . Thanks!
    Frankallin1.zip
  6. 2014-07-26, 17:40 #6
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    FF NetworkProxy: "http_port", 8080 <-- Did you set this proxy ?


    Very long log, its going to take some time to go over it

    In the meantime run this scan please

    Download CKScanner by askey127 from Here & save it to your Desktop.
    • Doubleclick CKScanner.exe then click Search For Files
    • When the cursor hourglass disappears, click Save List To File
    • A message box will verify the file saved
    • Please Run this program only once
    • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  7. 2014-07-28, 19:52 #7
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default fix .txt log

    ken,
    thanks for your patience... so it was my understanding that i wasn't supposed to scan again right? just hit fix. that\s what i did anyway.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
    Ran by e (ATTENTION: The logged in user is not administrator) on e on 28-07-2014 11:46:30
    Running from C:\Users\e\Desktop\Antiattacker
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel Corporation) C:\Windows\System32\igfxTray.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
    () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    (Akamai Technologies, Inc.) C:\Users\e\AppData\Local\Akamai\netsession_win.exe
    (Apache Software Foundation) C:\Webserver\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Akamai Technologies, Inc.) C:\Users\e\AppData\Local\Akamai\netsession_win.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\prevhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-12] (IDT, Inc.)
    HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
    HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-07-26] (Synaptics Incorporated)
    HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
    HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876528 2014-01-17] (Intel(R) Corporation)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-23] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-23] (Hewlett-Packard)
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-3935980490-2378437961-526367122-1001\...\Run: [Akamai NetSession Interface] => C:\Users\e\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3935980490-2378437961-526367122-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-3935980490-2378437961-526367122-1001\...\MountPoints2: {073f0977-515c-11e2-be71-806e6f6e6963} - "E:\MInst.exe"
    HKU\S-1-5-21-3935980490-2378437961-526367122-1001\...\MountPoints2: {11e356cc-9e49-11e3-bed4-84a6c8863282} - "F:\LaunchU3.exe" -a
    HKU\S-1-5-21-3935980490-2378437961-526367122-1001\...\MountPoints2: {e968cacc-821f-11e3-bec4-84a6c8863282} - "F:\AutoLaunch.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\aiStarter.lnk
    ShortcutTarget: aiStarter.lnk -> C:\Program Files (x86)\AppInventor\aiStarter.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
    ShortcutTarget: Monitor Apache Servers.lnk -> C:\Webserver\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk.disabled
    ShortcutTarget: QuickBooks Update Agent.lnk.disabled -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
    Startup: C:\Users\e\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk.disabled
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk.disabled -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
    SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
    ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPCON13/4
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ca.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9FA99D4DF817CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
    SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
    SearchScopes: HKLM - {4DABDDBA-3607-487A-BF21-92E49C647822} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3320218&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP19AC0FCF-EB89-40DE-9886-B7E591B04D49&q={searchTerms}&SSPV=
    SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
    SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - No File
    Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 64.59.184.13 64.59.190.242

    FireFox:
    ========
    FF ProfilePath: C:\Users\e\AppData\Roaming\Mozilla\Firefox\Profiles\na5z5xw6.default
    FF NetworkProxy: "http", "localhost"
    FF NetworkProxy: "http_port", 8080
    FF NetworkProxy: "type", 1
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\e\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF Plugin HKCU: hp.com/HPDetect - C:\Users\e\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
    FF Plugin HKCU: LWAPlugin15.8 - C:\Users\e\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\e\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.8.0.14\coFFFw

    Chrome:
    =======
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\e\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
    CHR Extension: (Google Wallet) - C:\Users\e\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
    R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
    R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-07-26] (Intel Corporation)
    S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
    R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-14] (Microsoft Corporation)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
    R2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
    R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 MerakiPCCAgent; C:\Program Files (x86)\Meraki\PCC Agent 1.0.86\m_agent_service.exe [2721810 2013-06-18] () [File not signed]
    R2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76800 2014-04-10] (PostgreSQL Global Development Group) [File not signed]
    R2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [70239 2014-06-05] (http://www.ruby-lang.org/) [File not signed]
    R2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [70239 2014-06-05] (http://www.ruby-lang.org/) [File not signed]
    R2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [70239 2014-06-05] (http://www.ruby-lang.org/) [File not signed]
    R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-11] (Autodesk, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
    R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
    R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-11-28] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [146944 2014-03-06] (Microsoft Corporation)
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-16] (Microsoft Corporation)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-13] (Advanced Micro Devices, Inc.)
    R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
    S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1362232 2013-02-14] (Motorola Solutions, Inc.)
    R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
    R1 mirrorv3; C:\Windows\system32\DRIVERS\rminiv3.sys [5632 2012-12-18] (Famatech International Corp.)
    S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation)
    R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-02-24] (Intel Corporation)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-28] (CACE Technologies, Inc.)
    S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
    S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-07-26] (Synaptics Incorporated)
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
    S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
    S3 ATP; \SystemRoot\system32\DRIVERS\cmdatp.sys [X]
    S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
    U3 aswMBR; \??\C:\Users\ADMINI~1\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\ADMINI~1\AppData\Local\Temp\aswVmm.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-07-28 00:40 - 2014-07-28 00:40 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2014-07-28 00:32 - 2014-07-28 00:34 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-28 00:32 - 2014-07-28 00:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-28 00:32 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files\iPod
    2014-07-28 00:32 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
    2014-07-27 01:43 - 2014-07-27 17:06 - 00005922 _____ () C:\WINDOWS\PFRO.log
    2014-07-27 01:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
    2014-07-27 00:52 - 2014-07-27 00:52 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-07-27 00:03 - 2014-07-27 01:41 - 00000000 ____D () C:\AdwCleaner
    2014-07-26 23:46 - 2014-07-28 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-07-26 23:45 - 2014-07-26 23:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-26 23:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-07-26 23:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2014-07-26 23:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-07-26 08:49 - 2014-07-26 08:50 - 00000000 ____D () C:\Program Files\7-Zip
    2014-07-26 01:24 - 2014-07-26 01:26 - 00000000 ____D () C:\Users\frank
    2014-07-25 10:12 - 2014-07-25 10:55 - 00000610 _____ () C:\procs.html
    2014-07-25 10:07 - 2014-07-25 10:08 - 19049228 _____ () C:\baseline.xml
    2014-07-25 02:12 - 2014-07-25 07:01 - 00000794 _____ () C:\WINDOWS\setupact.log
    2014-07-25 02:12 - 2014-07-25 02:12 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-24 21:38 - 2014-07-28 11:46 - 00000000 ____D () C:\FRST
    2014-07-24 19:45 - 2014-07-24 19:45 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-e-Microsoft-Windows-8.1-(64-bit).dat
    2014-07-24 19:44 - 2014-07-24 19:44 - 00000000 ____D () C:\RegBackup
    2014-07-24 19:43 - 2014-07-24 19:43 - 00000000 ____D () C:\Tweaking.com
    2014-07-24 19:43 - 2014-07-24 19:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-07-24 15:42 - 2014-07-28 11:15 - 01415054 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-07-23 13:11 - 2014-07-23 13:11 - 00000000 ____D () C:\Android
    2014-07-23 12:46 - 2014-07-23 12:52 - 00000000 ____D () C:\AndroidSDK
    2014-07-23 12:42 - 2014-07-23 12:42 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
    2014-07-22 16:10 - 2014-07-09 22:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2014-07-22 16:10 - 2014-07-09 22:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2014-07-22 16:10 - 2014-07-09 21:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2014-07-21 05:25 - 2014-07-21 05:34 - 00000000 ____D () C:\WINDOWS\pss
    2014-07-19 05:02 - 2014-07-19 05:24 - 00000000 ____D () C:\Users\TEMP
    2014-07-18 22:05 - 2014-07-18 22:16 - 00000000 ____D () C:\metasploit
    2014-07-17 01:44 - 2014-07-17 01:44 - 00030046 _____ () C:\results.txt
    2014-07-16 16:30 - 2014-07-16 16:47 - 00000000 ____D () C:\cygwin64
    2014-07-15 19:42 - 2014-07-15 19:42 - 00000147 _____ () C:\WINDOWS\ODBC.INI
    2014-07-15 08:17 - 2014-07-15 08:17 - 00000000 ____D () C:\LocalMachine
    2014-07-12 01:17 - 2014-07-12 01:17 - 00000000 ____D () C:\Program Files (x86)\Overlook Fing 2.2
    2014-07-11 16:42 - 2014-07-11 16:42 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2014-07-11 04:20 - 2014-07-11 04:20 - 00049541 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407110420128603.log
    2014-07-11 04:20 - 2014-07-11 04:20 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
    2014-07-11 04:13 - 2014-07-11 04:13 - 00000000 ____D () C:\Intel
    2014-07-11 04:09 - 2014-07-11 04:09 - 00227476 _____ () C:\WINDOWS\SysWOW64\dd_vcredist_x86_1_vcRuntimeAdditional_x86.log
    2014-07-11 04:09 - 2014-07-11 04:09 - 00146198 _____ () C:\WINDOWS\SysWOW64\dd_vcredist_x86_0_vcRuntimeMinimum_x86.log
    2014-07-11 04:07 - 2014-07-11 04:07 - 00000000 ____D () C:\AMD
    2014-07-11 04:03 - 2014-05-03 05:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2014-07-11 04:03 - 2014-05-03 03:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2014-07-11 04:03 - 2014-05-02 21:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2014-07-11 04:03 - 2014-05-02 21:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2014-07-11 04:03 - 2014-04-30 23:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2014-07-11 04:03 - 2014-04-29 22:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2014-07-11 04:03 - 2014-04-29 21:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2014-07-11 04:03 - 2014-04-28 16:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2014-07-11 04:03 - 2014-04-26 16:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2014-07-11 04:03 - 2014-04-26 14:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2014-07-11 04:03 - 2014-04-14 03:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2014-07-11 04:03 - 2014-04-14 02:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2014-07-11 04:02 - 2014-06-05 08:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
    2014-07-11 04:02 - 2014-06-05 07:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
    2014-07-11 04:02 - 2014-06-01 20:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2014-07-11 04:02 - 2014-05-31 04:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2014-07-11 04:02 - 2014-05-31 04:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
    2014-07-11 04:02 - 2014-05-31 04:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
    2014-07-11 04:02 - 2014-05-31 04:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
    2014-07-11 04:02 - 2014-05-31 04:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
    2014-07-11 04:02 - 2014-05-31 00:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
    2014-07-11 04:02 - 2014-05-31 00:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2014-07-11 04:02 - 2014-05-31 00:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
    2014-07-11 04:02 - 2014-05-31 00:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
    2014-07-11 04:02 - 2014-05-30 22:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
    2014-07-11 04:02 - 2014-05-30 22:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2014-07-11 04:02 - 2014-05-30 22:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
    2014-07-11 04:02 - 2014-05-27 09:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2014-07-11 04:02 - 2014-05-27 03:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
    2014-07-11 04:02 - 2014-05-27 03:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
    2014-07-11 04:02 - 2014-05-16 22:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2014-07-11 04:02 - 2014-05-16 22:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2014-07-11 04:02 - 2014-05-13 01:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
    2014-07-11 04:02 - 2014-05-12 23:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2014-07-11 04:02 - 2014-05-12 22:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
    2014-07-11 04:02 - 2014-05-12 22:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
    2014-07-11 04:02 - 2014-05-12 21:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2014-07-11 04:02 - 2014-05-12 21:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
    2014-07-11 04:02 - 2014-05-02 23:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2014-07-11 04:02 - 2014-05-02 23:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
    2014-07-11 04:02 - 2014-05-02 23:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
    2014-07-11 04:02 - 2014-05-02 23:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
    2014-07-11 04:02 - 2014-05-02 22:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
    2014-07-11 04:02 - 2014-05-02 22:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
    2014-07-11 04:02 - 2014-05-02 22:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
    2014-07-11 04:02 - 2014-05-02 17:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
    2014-07-11 04:02 - 2014-04-30 00:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
    2014-07-11 04:02 - 2014-04-30 00:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2014-07-11 04:02 - 2014-04-30 00:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
    2014-07-11 04:02 - 2014-04-30 00:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
    2014-07-11 04:02 - 2014-04-29 23:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
    2014-07-11 04:02 - 2014-04-29 22:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
    2014-07-11 04:02 - 2014-04-29 22:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2014-07-11 04:02 - 2014-04-29 22:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2014-07-11 04:02 - 2014-04-29 22:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2014-07-11 04:02 - 2014-04-29 22:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2014-07-11 04:02 - 2014-04-29 21:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2014-07-11 04:02 - 2014-04-29 21:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2014-07-11 04:02 - 2014-04-29 21:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2014-07-11 04:02 - 2014-04-29 21:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2014-07-11 04:02 - 2014-04-29 21:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2014-07-11 04:02 - 2014-04-26 10:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2014-07-11 04:02 - 2014-04-13 23:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
    2014-07-11 04:02 - 2014-04-09 00:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
    2014-07-11 04:02 - 2014-04-08 23:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
    2014-07-10 05:44 - 2014-07-18 22:07 - 00000000 ____D () C:\Program Files\WinPcap
    2014-07-09 23:34 - 2014-07-09 23:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
    2014-07-09 16:42 - 2014-07-09 16:42 - 00000000 ____D () C:\muttildae hacker
    2014-07-09 12:33 - 2014-04-13 21:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2014-07-09 03:00 - 2014-07-09 03:00 - 00000000 ____D () C:\sql
    2014-07-09 02:55 - 2014-06-18 19:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-07-09 02:55 - 2014-06-18 18:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-07-09 02:55 - 2014-06-18 18:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-07-09 02:55 - 2014-06-18 18:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-07-09 02:55 - 2014-06-18 17:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-07-09 02:55 - 2014-06-18 17:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-07-09 02:55 - 2014-06-18 17:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-07-09 02:55 - 2014-06-18 17:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-07-09 02:55 - 2014-06-18 17:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-07-09 02:55 - 2014-06-18 17:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-07-09 02:55 - 2014-06-18 17:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-07-09 02:55 - 2014-06-18 17:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-07-09 02:55 - 2014-06-18 17:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-07-09 02:55 - 2014-06-18 16:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-07-09 02:55 - 2014-06-18 16:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-07-09 02:55 - 2014-06-18 16:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-07-09 02:55 - 2014-06-18 16:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2014-07-09 02:55 - 2014-06-18 16:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-07-09 02:55 - 2014-06-18 16:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-07-09 02:55 - 2014-06-18 16:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-07-09 02:55 - 2014-06-18 16:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-07-09 02:55 - 2014-06-18 16:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-07-09 02:55 - 2014-06-18 16:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-07-09 02:55 - 2014-06-18 16:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-07-09 02:55 - 2014-06-18 16:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-07-09 02:55 - 2014-06-18 16:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-07-09 02:55 - 2014-06-18 16:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-07-09 02:55 - 2014-06-16 16:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
    2014-07-09 02:55 - 2014-06-16 16:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
    2014-07-09 02:55 - 2014-06-06 08:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-07-09 02:55 - 2014-06-06 07:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2014-07-09 02:55 - 2014-06-06 06:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2014-07-09 02:55 - 2014-05-29 21:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2014-07-09 02:55 - 2014-05-29 06:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2014-07-09 02:55 - 2014-05-29 01:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
    2014-07-09 02:55 - 2014-05-29 00:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
    2014-07-09 02:55 - 2014-05-29 00:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2014-07-09 02:55 - 2014-05-28 23:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2014-07-09 02:55 - 2014-05-28 23:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2014-07-09 02:54 - 2014-05-31 04:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2014-07-09 02:54 - 2014-05-31 04:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2014-07-09 02:54 - 2014-05-30 21:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2014-07-09 02:54 - 2014-05-30 21:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2014-07-09 02:54 - 2014-05-30 21:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-09 02:54 - 2014-05-30 21:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2014-07-09 02:54 - 2014-05-30 21:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2014-07-09 02:54 - 2014-05-30 21:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-09 02:54 - 2014-05-30 20:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2014-07-09 02:54 - 2014-05-30 20:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2014-07-09 02:54 - 2014-05-30 20:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2014-07-09 02:54 - 2014-05-30 20:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2014-07-09 02:54 - 2014-05-30 20:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2014-07-09 02:54 - 2014-05-30 20:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2014-07-09 02:54 - 2014-05-30 20:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2014-07-09 02:49 - 2014-07-09 02:49 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-08 16:03 - 2014-07-08 16:03 - 00000000 ____D () C:\Program Files (x86)\iExplorer
    2014-07-08 16:03 - 2012-04-09 16:27 - 00352144 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\cbfs3.sys
    2014-07-08 16:03 - 2012-04-09 16:27 - 00223760 _____ (EldoS Corporation) C:\WINDOWS\SysWOW64\CbFsNetRdr3.dll
    2014-07-08 16:03 - 2012-04-09 16:27 - 00190480 _____ (EldoS Corporation) C:\WINDOWS\system32\CbFsMntNtf3.dll
    2014-07-08 16:03 - 2012-04-09 16:27 - 00158224 _____ (EldoS Corporation) C:\WINDOWS\SysWOW64\CbFsMntNtf3.dll
    2014-07-08 16:03 - 2012-04-09 16:27 - 00141328 _____ (EldoS Corporation) C:\WINDOWS\system32\CbFsNetRdr3.dll
    2014-07-06 20:52 - 2014-07-06 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-07-05 17:43 - 2014-07-05 20:47 - 00000000 ____D () C:\mssqlscan
    2014-07-05 17:06 - 2014-07-05 17:06 - 00000000 ____D () C:\ncat
    2014-07-05 17:02 - 2014-07-05 17:04 - 00000000 ____D () C:\Program Files\Wireshark
    2014-07-05 11:10 - 2014-07-05 11:10 - 00868373 _____ () C:\WINDOWS\system32\wfpdiag.cab
    2014-07-05 08:10 - 2014-07-05 08:11 - 00000000 ____D () C:\Ruby193
    2014-07-05 07:38 - 2014-07-05 07:38 - 00000000 ____D () C:\~
    2014-07-04 22:16 - 2014-07-04 22:19 - 00000000 ____D () C:\PortQryUI
    2014-07-04 22:08 - 2014-07-11 05:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\rserver30
    2014-06-29 08:01 - 2014-06-29 08:46 - 00000000 ____D () C:\Webserver
    2014-06-28 20:40 - 2014-06-28 20:40 - 00000000 ____D () C:\Program Files (x86)\AppInventor

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-07-28 11:46 - 2014-07-24 21:38 - 00000000 ____D () C:\FRST
    2014-07-28 11:15 - 2014-07-24 15:42 - 01415054 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-07-28 11:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-07-28 00:40 - 2014-07-28 00:40 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2014-07-28 00:34 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-28 00:34 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-28 00:32 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files\iPod
    2014-07-28 00:32 - 2014-07-28 00:32 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
    2014-07-28 00:30 - 2013-08-03 00:36 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-07-28 00:19 - 2014-07-26 23:46 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-07-27 22:34 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-07-27 22:22 - 2014-01-16 21:09 - 00000000 ____D () C:\Users\Administrator
    2014-07-27 17:53 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-07-27 17:52 - 2013-08-22 07:25 - 04456448 ___SH () C:\WINDOWS\system32\config\BBI
    2014-07-27 17:06 - 2014-07-27 01:43 - 00005922 _____ () C:\WINDOWS\PFRO.log
    2014-07-27 16:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2014-07-27 10:30 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\System
    2014-07-27 01:44 - 2013-09-15 07:53 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-07-27 01:44 - 2013-07-27 00:16 - 00000366 _____ () C:\WINDOWS\Tasks\HPCeeScheduleFore.job
    2014-07-27 01:44 - 2013-07-04 23:52 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-27 01:44 - 2013-07-04 23:52 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-27 01:43 - 2013-08-30 19:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-07-27 01:43 - 2013-08-30 19:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-07-27 01:43 - 2013-08-22 08:44 - 00698712 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-07-27 01:41 - 2014-07-27 00:03 - 00000000 ____D () C:\AdwCleaner
    2014-07-27 00:52 - 2014-07-27 00:52 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-07-27 00:39 - 2014-06-15 12:04 - 00000000 ____D () C:\Program Files (x86)\Notepad++
    2014-07-26 23:45 - 2014-07-26 23:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-26 08:50 - 2014-07-26 08:49 - 00000000 ____D () C:\Program Files\7-Zip
    2014-07-26 01:26 - 2014-07-26 01:24 - 00000000 ____D () C:\Users\frank
    2014-07-25 10:55 - 2014-07-25 10:12 - 00000610 _____ () C:\procs.html
    2014-07-25 10:08 - 2014-07-25 10:07 - 19049228 _____ () C:\baseline.xml
    2014-07-25 07:04 - 2013-11-14 01:28 - 00960608 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-07-25 07:01 - 2014-07-25 02:12 - 00000794 _____ () C:\WINDOWS\setupact.log
    2014-07-25 03:56 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-07-25 02:12 - 2014-07-25 02:12 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-24 19:45 - 2014-07-24 19:45 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-e-Microsoft-Windows-8.1-(64-bit).dat
    2014-07-24 19:44 - 2014-07-24 19:44 - 00000000 ____D () C:\RegBackup
    2014-07-24 19:43 - 2014-07-24 19:43 - 00000000 ____D () C:\Tweaking.com
    2014-07-24 19:43 - 2014-07-24 19:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-07-24 19:36 - 2013-10-16 14:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-07-24 05:18 - 2014-04-07 15:42 - 00000000 ____D () C:\WINDOWS\Minidump
    2014-07-23 20:24 - 2014-01-16 21:09 - 00000000 ____D () C:\Users\e
    2014-07-23 13:11 - 2014-07-23 13:11 - 00000000 ____D () C:\Android
    2014-07-23 12:52 - 2014-07-23 12:46 - 00000000 ____D () C:\AndroidSDK
    2014-07-23 12:42 - 2014-07-23 12:42 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
    2014-07-22 19:36 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-07-21 05:34 - 2014-07-21 05:25 - 00000000 ____D () C:\WINDOWS\pss
    2014-07-19 05:24 - 2014-07-19 05:02 - 00000000 ____D () C:\Users\TEMP
    2014-07-18 22:16 - 2014-07-18 22:05 - 00000000 ____D () C:\metasploit
    2014-07-18 22:07 - 2014-07-10 05:44 - 00000000 ____D () C:\Program Files\WinPcap
    2014-07-18 10:47 - 2013-08-22 05:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\TFTP.EXE
    2014-07-18 05:48 - 2013-07-12 00:33 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
    2014-07-17 04:25 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\tracing
    2014-07-17 01:44 - 2014-07-17 01:44 - 00030046 _____ () C:\results.txt
    2014-07-16 16:47 - 2014-07-16 16:30 - 00000000 ____D () C:\cygwin64
    2014-07-15 19:42 - 2014-07-15 19:42 - 00000147 _____ () C:\WINDOWS\ODBC.INI
    2014-07-15 18:48 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Registration
    2014-07-15 08:17 - 2014-07-15 08:17 - 00000000 ____D () C:\LocalMachine
    2014-07-12 01:17 - 2014-07-12 01:17 - 00000000 ____D () C:\Program Files (x86)\Overlook Fing 2.2
    2014-07-11 16:42 - 2014-07-11 16:42 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2014-07-11 15:36 - 2014-01-16 21:09 - 00000000 ____D () C:\Users\e
    2014-07-11 14:24 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
    2014-07-11 14:24 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\FileManager
    2014-07-11 14:24 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Camera
    2014-07-11 05:54 - 2014-01-24 13:00 - 00000000 ____D () C:\Program Files (x86)\MultiBit-0.5.16
    2014-07-11 05:52 - 2014-07-04 22:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\rserver30
    2014-07-11 04:20 - 2014-07-11 04:20 - 00049541 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407110420128603.log
    2014-07-11 04:20 - 2014-07-11 04:20 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
    2014-07-11 04:19 - 2012-12-28 18:13 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-07-11 04:19 - 2012-09-11 22:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-07-11 04:13 - 2014-07-11 04:13 - 00000000 ____D () C:\Intel
    2014-07-11 04:09 - 2014-07-11 04:09 - 00227476 _____ () C:\WINDOWS\SysWOW64\dd_vcredist_x86_1_vcRuntimeAdditional_x86.log
    2014-07-11 04:09 - 2014-07-11 04:09 - 00146198 _____ () C:\WINDOWS\SysWOW64\dd_vcredist_x86_0_vcRuntimeMinimum_x86.log
    2014-07-11 04:07 - 2014-07-11 04:07 - 00000000 ____D () C:\AMD
    2014-07-11 04:02 - 2014-04-23 21:46 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2014-07-11 04:00 - 2014-06-10 23:11 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2014-07-09 23:34 - 2014-07-09 23:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
    2014-07-09 22:16 - 2014-07-22 16:10 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2014-07-09 22:03 - 2014-07-22 16:10 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2014-07-09 21:33 - 2014-07-22 16:10 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2014-07-09 16:42 - 2014-07-09 16:42 - 00000000 ____D () C:\muttildae hacker
    2014-07-09 14:39 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-07-09 14:39 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-07-09 12:38 - 2013-08-04 11:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-07-09 12:35 - 2013-07-04 23:49 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-07-09 12:32 - 2013-11-14 01:17 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-07-09 03:00 - 2014-07-09 03:00 - 00000000 ____D () C:\sql
    2014-07-09 02:49 - 2014-07-09 02:49 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-08 16:03 - 2014-07-08 16:03 - 00000000 ____D () C:\Program Files (x86)\iExplorer
    2014-07-08 15:42 - 2014-04-24 22:48 - 00000000 ____D () C:\Temp
    2014-07-08 14:53 - 2014-03-02 15:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime
    2014-07-06 20:52 - 2014-07-06 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-07-05 20:47 - 2014-07-05 17:43 - 00000000 ____D () C:\mssqlscan
    2014-07-05 17:15 - 2014-01-17 00:48 - 00000000 ____D () C:\OEAT
    2014-07-05 17:06 - 2014-07-05 17:06 - 00000000 ____D () C:\ncat
    2014-07-05 17:04 - 2014-07-05 17:02 - 00000000 ____D () C:\Program Files\Wireshark
    2014-07-05 12:41 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-07-05 11:10 - 2014-07-05 11:10 - 00868373 _____ () C:\WINDOWS\system32\wfpdiag.cab
    2014-07-05 08:11 - 2014-07-05 08:10 - 00000000 ____D () C:\Ruby193
    2014-07-05 07:38 - 2014-07-05 07:38 - 00000000 ____D () C:\~
    2014-07-04 22:19 - 2014-07-04 22:16 - 00000000 ____D () C:\PortQryUI
    2014-06-29 08:46 - 2014-06-29 08:01 - 00000000 ____D () C:\Webserver
    2014-06-28 20:40 - 2014-06-28 20:40 - 00000000 ____D () C:\Program Files (x86)\AppInventor

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ==================== End Of Log ============================
  8. 2014-07-27, 23:06 #8
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default Thought i posted this already

    ken,
    here are the logs you requested.

    Thanks,
    frank
    Attached Files Attached Files
  9. 2014-07-28, 00:35 #9
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt. (it has to be right next to FRST/64)

    Start
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
    FF NetworkProxy: "http", "localhost"
    FF NetworkProxy: "http_port", 8080
    FF NetworkProxy: "type", 1
    2014-07-19 11:14 - 2014-07-19 11:14 - 00019203 _____ () C:\Users\e\Downloads\[kickass.to]offensive.security.wireless.attacks.wifu.v2.0.torrent
    2014-07-24 05:19 - 2013-09-19 07:02 - 00000000 ____D () C:\Users\e\AppData\Roaming\BitTorrent
    2014-07-19 11:14 - 2014-07-19 11:14 - 00019203 _____ () C:\Users\e\Downloads\[kickass.to]offensive.security.wireless.attacks.wifu.v2.0.torrent
    Hosts:
    End
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Then open FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


    Then let me know how your system is behaving now
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  10. 2014-07-27, 09:34 #10
    frankhero
    frankhero is offline
    Junior Member frankhero's Avatar
    Join Date
    Jul 2014
    Posts
    18

    Default k, here's what came back...

    Ken,
    I didn't disclose it because i didn't even remember about it. I got it to play around with burp.suite. I think i used it but once about 1.5 months ago. as far as torrents, i didn't remember using a torrent downloader on this comp... but now that you've mentioned it i do recall getting some books around the same time as i was playing with burp.
    anyway, this is what came back. I haven't actually applied any of the fixes. Pretty sure that's what you expected?
    Thanks,
    Frank

    # AdwCleaner v3.216 - Report created 27/07/2014 at 00:48:43
    # Updated 17/07/2014 by Xplode
    # Operating System : Windows 8.1 (64 bits)
    # Username : a - c
    # Running from : C:\Users\a\Desktop\AdwCleaner.exe
    # Option : Scan
    ***** [ Services ] *****
    ***** [ Files / Folders ] *****
    File Found : C:\END
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    \Search.lnk
    File Found : C:\WINDOWS\System32\Tasks\UpdaterEX
    File Found : C:\WINDOWS\Tasks\UpdaterEX.job
    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
    Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
    Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
    Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
    \Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
    \Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
    \Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\a\AppData\LocalLow\Conduit
    Folder Found : C:\Users\a\AppData\Roaming\DriverCure
    Folder Found : C:\Users\a\AppData\Roaming\pdfforge
    Folder Found : C:\Users\a\AppData\Roaming\UpdaterEX
    Folder Found : C:\Users\bLtd\AppData\Local\Google
    \Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\bLtd\AppData\Local\Google
    \Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    Folder Found : C:\Users\bLtd\AppData\Local\Google
    \Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
    ***** [ Shortcuts ] *****
    ***** [ Registry ] *****
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKCU\Software\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKCU\Software\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
    \{25A3A431-30BB-47C8-AD6A-E1063801134F}
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\UpdaterEX
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\UpdaterEX
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
    \eiebcgmnpbbifoagcaobgelgnijgpaog
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    \{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    \{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKLM\Software\Uniblue
    Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout
    \ConduitToolbar
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer
    \SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer
    \SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    ***** [ Browsers ] *****
    -\\ Internet Explorer v11.0.9600.17126
    -\\ Mozilla Firefox v30.0 (en-US)
    [ File : C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles
    \na5z5xw6.default\prefs.js ]
    -\\ Google Chrome v36.0.1985.125
    [ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data
    \Default\preferences ]
    Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
    [ File : C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default
    \preferences ]
    [ File : C:\Users\a\AppData\Local\Google\Chrome\User Data\Default
    \preferences ]
    Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
    [ File : C:\Users\a\AppData\Local\Google\Chrome\User Data\Default
    \preferences ]
    [ File : C:\Users\bLtd\AppData\Local\Google\Chrome\User
    Data\Default\preferences ]
    Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
    [ File : C:\Users\VIRTUAL\AppData\Local\Google\Chrome\User Data\Default
    \preferences ]
    *************************
    AdwCleaner[R0].txt - [4609 octets] - [27/07/2014 00:48:44]
    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4669 octets]
    ##########
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 8.1 x64
    Ran by a on Sun 07/27/2014 at 0:52:38.41
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~ Services
    ~~~ Registry Values
    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4DABDDBA-3607-487A-BF21-92E49C647822}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    ~~~ Files
    Successfully deleted: [File] "C:\end"
    ~~~ Folders
    Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
    Successfully deleted: [Folder] "C:\Users\a\AppData\Roaming\drivercure"
    Successfully deleted: [Folder] "C:\Users\a\AppData\Roaming\pdfforge"
    Successfully deleted: [Folder] "C:\Users\a\appdata\locallow\conduit"
    Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{09A183F0-3A66-4344-B4ED-85722C6111F1}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{17C49671-D795-4883-AA65-AD4F28821BFE}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{275EDE2D-F86B-43AD-9302-75B72B2A02CA}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{3A012331-A6C8-43A4-B9E7-9D5C7A16D5F1}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{49D80A72-B5D4-47CC-9F67-396A80DB13EC}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{9E680478-E665-41C5-B8F0-8AF3BEB18E91}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{9F327ACA-0073-483B-A98B-D32032EC3A2B}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{CF99848C-F99F-4AEB-B59D-C9B7B1F9DF5A}
    Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{D434EB7D-DCD8-4073-AFCA-E6412C77FB05}
    ~~~ Event Viewer Logs were cleared
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 07/27/2014 at 0:57:43.92
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 7/27/2014
    Scan Time: 12:59:08 AM
    Logfile:
    Administrator: Yes
    Version: 2.00.2.1012
    Malware Database: v2014.07.27.04
    Rootkit Database: v2014.07.17.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: a
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 583762
    Time Elapsed: 24 min, 40 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Modules: 0
    (No malicious items detected)
    Registry Keys: 1
    PUP.Optional.Softonic.A, HKU\S-1-5-21-3935980490-2378437961-526367122-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [f38d8f15ea91fb3b0aeda142887a2bd5],
    Registry Values: 0
    (No malicious items detected)
    Registry Data: 0
    (No malicious items detected)
    Folders: 1
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc, , [07791a8ad4a794a23b7d8e3819e9e31d],
    Files: 11
    PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3935980490-2378437961-526367122-1059\$R3IRTAX.exe, , [7f01475d562537ff158f2267a061ca36],
    PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe, , [6d13cada99e268ce9956d55337cadb25],
    PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_visual-basic (1).exe, , [730debb9611a7bbb9956b27643beb947],
    PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_visual-basic.exe, , [3947c4e02556e05643acc95ff50c41bf],
    PUP.Optional.OutBrowse, C:\Users\bLtd\Downloads\setup (1).exe, , [136dddc7136813236ee53f5c8c758977],
    PUP.Optional.Softonic.A, C:\Users\bLtd\Downloads\SoftonicDownloader_for_abcaus-excel-accounting-template.exe, , [85fbfea62f4cc274a24d40e8d62b06fa],
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\config.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\info.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\prod.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\STTL.DAT, , [07791a8ad4a794a23b7d8e3819e9e31d],
    PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\TTL.DAT, , [07791a8ad4a794a23b7d8e3819e9e31d],
    Physical Sectors: 0
    (No malicious items detected)
    (end)
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules