Problem with residual conduit message

Status
Not open for further replies.
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 08:34 - 2014-06-30 21:40 - 00000000 __SHD () C:\Jumpshot
2014-06-30 08:31 - 2014-07-01 01:42 - 00000000 ____D () C:\Windows\jumpshot.com
2014-06-28 18:04 - 2014-06-28 18:04 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64.exe
2014-06-26 21:10 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-26 21:10 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 07:32 - 2014-06-24 07:32 - 00123910 _____ () C:\Users\SueB\Documents\Current Schedules.odt
2014-06-20 22:26 - 2014-06-20 22:26 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (1).exe
2014-06-20 21:17 - 2014-06-20 21:17 - 31112616 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-i586.exe
2014-06-20 21:14 - 2014-06-20 21:14 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-20 21:14 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\Program Files\iTunes
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-20 21:13 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-20 20:58 - 2014-06-30 11:35 - 00000000 ____D () C:\Program Files\Java
2014-06-20 20:57 - 2014-06-20 20:58 - 34131368 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-x64.exe
2014-06-20 20:52 - 2014-06-20 20:52 - 02028920 _____ (SafeInstall, LLC) C:\Users\SueB\Downloads\manualdownload.exe
2014-06-20 20:47 - 2014-06-20 20:47 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60.exe
2014-06-12 10:09 - 2014-06-12 10:09 - 00011287 _____ () C:\Users\SueB\Documents\shifts off.odt
2014-06-12 07:45 - 2014-06-12 10:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-11 06:09 - 2014-05-23 22:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 06:09 - 2014-05-23 22:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 06:09 - 2014-05-23 22:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 03958784 _____ (Microsoft Corporation)
 
C:\Windows\system32\jscript9.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 06:09 - 2014-05-23 22:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 06:09 - 2014-05-23 22:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 06:09 - 2014-05-23 22:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 06:09 - 2014-05-23 21:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
 
2014-06-11 06:09 - 2014-05-23 21:25 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 06:09 - 2014-05-23 21:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 06:09 - 2014-05-23 21:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 06:09 - 2014-05-23 20:13 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-11 06:09 - 2014-05-23 20:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-11 06:09 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 06:09 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 06:09 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 06:09 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 06:09 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 06:09 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 06:09 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 06:09 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 06:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 06:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 06:09 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 06:09 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 06:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 06:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation)
 
C:\Windows\SysWOW64\msxml3r.dll
2014-06-05 16:41 - 2014-06-05 16:41 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-05 16:41 - 2014-06-05 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-05 10:21 - 2014-06-05 10:23 - 140910890 _____ () C:\Users\SueB\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-06-04 22:59 - 2014-06-04 22:59 - 00012442 _____ () C:\Users\SueB\Downloads\apa6th_template.zip
2014-06-04 22:46 - 2014-06-04 22:46 - 00010298 _____ () C:\Users\SueB\Downloads\mla_with_second_page_header.zip
2014-06-04 06:20 - 2014-06-04 06:20 - 00013139 _____ () C:\Users\SueB\Documents\June 03 2014 goof card.odt

==================== One Month Modified Files and Folders =======

2014-07-03 09:05 - 2014-07-03 09:05 - 00018412 _____ () C:\Users\SueB\Desktop\FRST.txt
2014-07-03 09:05 - 2014-07-02 08:43 - 00000000 ____D () C:\FRST
2014-07-03 09:00 - 2014-07-03 09:00 - 00001824 _____ () C:\Users\SueB\Desktop\JRT.txt
2014-07-03 08:52 - 2013-12-02 17:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 08:50 - 2014-07-03 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-07-03 08:48 - 2014-07-03 08:48 - 01016261 _____ (Thisisu) C:\Users\SueB\Desktop\JRT.exe
2014-07-03 08:37 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 08:37 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 08:36 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 08:33 - 2013-09-05 20:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA.job
2014-07-03 08:29 - 2014-07-03 08:29 - 00000306 _____ () C:\Windows\PFRO.log
2014-07-03 08:29 - 2014-06-30 14:07 - 00001232 _____ () C:\Windows\setupact.log
2014-07-03 08:29 - 2014-02-19 09:57 - 01484341 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 08:29 - 2013-12-02 17:17 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 08:29 - 2013-08-30 20:14 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-07-03 08:29 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 08:28 - 2014-07-03 08:26 - 00000000 ____D () C:\AdwCleaner
2014-07-03 08:28 - 2012-11-21 17:54 - 00000000 ____D () C:\Users\SueB
2014-07-03 08:27 - 2014-02-27 22:00 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001.job
2014-07-03 08:25 - 2014-07-03 08:25 - 01346519 _____ () C:\Users\SueB\Desktop\AdwCleaner.exe
2014-07-03 08:10 - 2013-11-24 14:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 21:00 - 2014-07-02 08:43 - 00002950 _____ () C:\Users\SueB\Downloads\FRST.txt
2014-07-02 20:49 - 2014-07-02 20:40 - 00000000 ____D () C:\Users\SueB\Desktop\mbar
2014-07-02 20:49 - 2014-07-02 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 20:41 - 2014-07-02 19:45 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 20:41 - 2014-07-02 19:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 20:39 - 2014-07-02 19:35 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 20:34 - 2014-07-02 20:34 - 14196266 _____ () C:\Users\SueB\Downloads\mbar-1.07.0.1012.zip
2014-07-02 20:34 - 2014-07-02 20:34 - 00001202 _____ () C:\Users\SueB\Desktop\mbar-1.07.0.1012 - Shortcut.lnk
2014-07-02 20:31 - 2014-07-02 20:31 - 14349744 _____ (Malwarebytes Corp.) C:\Users\SueB\Downloads\mbar-1.07.0.1012.exe
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 18:49 - 2012-11-23 04:03 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\Skype
2014-07-02 18:33 - 2013-09-05 20:49 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core.job
2014-07-02 08:45 - 2014-07-02 08:44 - 00041611 _____ () C:\Users\SueB\Downloads\Addition.txt
2014-07-02 08:41 - 2014-07-02 08:41 - 02083840 _____ (Farbar) C:\Users\SueB\Desktop\FRST64.exe
2014-07-02 08:30 - 2014-07-02 08:30 - 00262144 _____ () C:\Windows\Minidump\070214-17425-01.dmp
2014-07-02 08:30 - 2014-07-02 08:14 - 778359869 _____ () C:\Windows\MEMORY.DMP
2014-07-02 08:30 - 2014-07-02 08:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:24 - 2014-07-02 08:26 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-02 08:14 - 2014-07-02 08:14 - 00262144 _____ () C:\Windows\Minidump\070214-17503-01.dmp
2014-07-02 08:01 - 2014-07-02 07:56 - 00001437 _____ () C:\Users\SueB\Desktop\aswMBR - Shortcut.lnk
2014-07-02 07:57 - 2014-07-02 07:57 - 00001107 _____ () C:\Users\SueB\Desktop\SecurityCheck (1) - Shortcut.lnk
2014-07-02 07:56 - 2014-07-02 07:56 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (2).exe
2014-07-02 07:56 - 2014-07-02 07:55 - 05185536 _____ (AVAST Software) C:\Users\SueB\Downloads\aswMBR.exe
2014-07-02 07:55 - 2014-07-02 07:54 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (1).exe
2014-07-02 07:46 - 2014-07-02 07:46 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck.exe
2014-07-01 22:51 - 2012-11-21 19:36 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\SoftGrid Client
2014-07-01 14:25 - 2014-02-27 22:00 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001
2014-07-01 01:42 - 2014-07-01 01:42 - 00002467 _____ () C:\Users\SueB\Desktop\microsoft excel starter 2010.lnk
2014-07-01 01:42 - 2014-07-01 01:42 - 00002447 _____ () C:\Users\SueB\Desktop\microsoft word starter 2010.lnk
2014-07-01 01:42 - 2014-07-01 01:42 - 00002023 _____ () C:\Users\Public\Desktop\adobe reader xi.lnk
2014-07-01 01:42 - 2014-07-01 01:42 - 00001958 _____ () C:\Users\Public\Desktop\netflix.lnk
2014-07-01 01:42 - 2014-07-01 01:42 - 00001162 _____ () C:\Users\Public\Desktop\clear.fi photo.lnk
2014-07-01 01:42 - 2014-07-01 01:42 - 00001162 _____ () C:\Users\Public\Desktop\clear.fi media.lnk
2014-07-01 01:42 - 2014-06-30 08:31 - 00000000 ____D () C:\Windows\jumpshot.com
2014-07-01 01:42 - 2012-04-12 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\Recovery Management
2014-07-01 01:36 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:32 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 01:28 - 2013-11-15 01:22 - 00002302 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-07-01 01:28 - 2013-02-22 09:01 - 00001897 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
2014-06-30 23:42 - 2014-06-30 23:42 - 00000000 ____D () C:\Diag-Advisor
2014-06-30 23:24 - 2013-01-05 22:08 - 00000000 ____D () C:\Users\SueB\Downloads\D2000AZNEWGB_Training(1)
2014-06-30 22:49 - 2012-12-09 14:16 - 00000000 ____D () C:\Users\SueB\Documents\Youcam
2014-06-30 21:40 - 2014-06-30 08:34 - 00000000 __SHD () C:\Jumpshot
2014-06-30 14:14 - 2013-05-21 09:04 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4B6C508-3456-47A0-9DC4-7C361428BA62}
2014-06-30 14:07 - 2014-06-30 14:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-30 12:51 - 2014-06-30 12:51 - 00001405 _____ () C:\Users\SueB\Desktop\Spybot-S&D Start Center (2).lnk
2014-06-30 12:51 - 2014-04-08 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-30 11:35 - 2014-06-30 11:35 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-30 11:35 - 2014-06-20 20:58 - 00000000 ____D () C:\Program Files\Java
2014-06-30 11:34 - 2014-06-30 11:34 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64 (1).exe
2014-06-30 11:30 - 2013-10-17 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-30 11:29 - 2014-06-30 11:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
 
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:29 - 2012-11-27 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 09:22 - 2012-11-21 18:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-30 08:34 - 2012-11-21 17:55 - 07864320 ___SH () C:\Users\SueB\.ghost-ntfs-3g-00000000000000000009
2014-06-30 08:34 - 2009-07-13 22:34 - 77332480 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-06-30 08:34 - 2009-07-13 22:34 - 22806528 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-06-28 18:04 - 2014-06-28 18:04 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64.exe
2014-06-26 21:10 - 2014-04-30 23:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-24 07:32 - 2014-06-24 07:32 - 00123910 _____ () C:\Users\SueB\Documents\Current Schedules.odt
2014-06-22 20:32 - 2012-11-21 17:55 - 00064416 _____ () C:\Users\SueB\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-21 03:47 - 2013-12-02 17:17 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 03:47 - 2013-12-02 17:17 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 22:26 - 2014-06-20 22:26 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (1).exe
2014-06-20 21:17 - 2014-06-20 21:17 - 31112616 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-i586.exe
2014-06-20 21:14 - 2014-06-20 21:14 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-20 21:14 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iTunes
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-20 21:13 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-20 21:09 - 2012-12-06 08:04 - 00000000 ____D () C:\ProgramData\Apple
2014-06-20 21:07 - 2013-11-24 14:54 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 21:07 - 2013-11-24 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
2014-06-20 21:07 - 2013-11-24 14:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-20 20:58 - 2014-06-20 20:57 - 34131368 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-x64.exe
2014-06-20 20:52 - 2014-06-20 20:52 - 02028920 _____ (SafeInstall, LLC) C:\Users\SueB\Downloads\manualdownload.exe
2014-06-20 20:49 - 2014-04-06 23:12 - 00000983 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-20 20:47 - 2014-06-20 20:47 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60.exe
2014-06-20 20:45 - 2014-05-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 20:39 - 2014-04-06 23:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-19 07:51 - 2013-12-02 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-18 19:26 - 2014-03-15 17:24 - 00000000 ____D () C:\ProgramData\webex
2014-06-16 18:28 - 2013-09-05 20:49 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA
2014-06-16 18:28 - 2013-09-05 20:49 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core
2014-06-13 07:02 - 2012-11-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 10:09 - 2014-06-12 10:09 - 00011287 _____ () C:\Users\SueB\Documents\shifts off.odt
2014-06-12 10:07 - 2014-06-12 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-12 08:42 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-06-11 10:03 - 2013-08-15 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 10:01 - 2012-11-23 13:34 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 05:13 - 2014-06-26 21:10 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-26 21:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 08:12 - 2012-11-21 18:55 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-07 08:12 - 2012-11-21 18:55 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 08:12 - 2012-11-21 17:57 - 00001409 _____ () C:\Users\SueB\Desktop\Internet Explorer.lnk
2014-06-06 02:52 - 2009-07-14 00:45 - 00295288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-05 16:47 - 2012-11-21 18:28 - 00002230 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-05 16:41 - 2014-06-05 16:41 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-05 16:41 - 2014-06-05 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-05 16:41 - 2013-08-04 13:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-05 10:23 - 2014-06-05 10:21 - 140910890 _____ () C:\Users\SueB\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
 
2014-06-04 22:59 - 2014-06-04 22:59 - 00012442 _____ () C:\Users\SueB\Downloads\apa6th_template.zip
2014-06-04 22:46 - 2014-06-04 22:46 - 00010298 _____ () C:\Users\SueB\Downloads\mla_with_second_page_header.zip
2014-06-04 06:20 - 2014-06-04 06:20 - 00013139 _____ () C:\Users\SueB\Documents\June 03 2014 goof card.odt

Some content of TEMP:
====================
C:\Users\SueB\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
Hi Suemarie,

I am having trouble posting the Farbar Report. I will try breaking it down into smaller sizes.
Click to expand...
:bigthumb: FYI, you can probably make the posts a little larger than the last group. :)

Reset / Change Homepage in Chrome
  • Click the Chrome menu
    chromebrowsertoolbar.png
    on the browser toolbar.
  • Select Settings.
    • On Startup
    • Select the "Open a specific page or set of pages" radio button.
    • Click Set pages in the pop-up window you will see two (2) URL's:
      hxxps://www.google.com/
      hxxp://start.mysearchdial.com/      )
    • Hold the cursor over the My Searchdial URL and click the "x" to delete it.
    • Save changes as required, then close Chrome setting menu.
=========================

Reboot

=========================

Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (save it to your desktop).
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Select Scan tab.
  • Select type of scan to perform:
    • Threat Scan < --- Select this type of scan
    • Custom Scan
    • Hyper Scan
  • Next click the Scan button.
  • When the scan is complete, if no malicious items are found you can close the program.
  • If malicious items are found be sure that everything is checked, and click Quarantine .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================

ESET Online Scanner

*Note:
  • It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
  • Please don't go surfing while your resident protection is disabled!
  • Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
  • Click Scan.
  • Wait for the scan to finish.
  • When the scan completes, click List of found threats
  • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
  • Include the contents of this report in your next reply

    Note - when ESET doesn't find any threats, no report will be created.
  • Push the back button.
  • Push Finish
  • Re-enable your Antivirus software.
=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================

In your next post please provide the following:

  • MBAM log
  • ESET's log.txt
  • new FRST.txt
  • How's the computer running, any symptoms?
 
Hi,
I was able to do the first part. The weather is kicking up again. We are getting feeder bans from the Tropical Storm. They seem to come fast and furious and then leave just a quickly.

I will have better luck in the morning. :)

BTW. I do have Malewarebytes Pro in my system. Would it be ok to run that one?
 
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2014.07.03.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16921
SueB :: SUEB-PC [administrator]

Protection: Enabled

7/3/2014 9:50:27 PM
mbam-log-2014-07-03 (21-50-27).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 417751
Time elapsed: 47 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

----------------------------------------------
ESET SCAN

C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.31.4.510_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkceikmmebhmgcjiemejoaeholbnnjl\10.31.4.510_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkceikmmebhmgcjiemejoaeholbnnjl\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkceikmmebhmgcjiemejoaeholbnnjl\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\Local\NativeMessaging\CT3311875\1_0_0_6\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SueB\AppData\LocalLow\SweetTunes\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Acer Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\Users\SueB\Downloads\CCleaner_Setup [1].exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\SueB\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\SueB\Downloads\dfsetup216.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\SueB\Downloads\dfsetup217.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\SueB\Downloads\download-install_flash_player.exe Win32/JoyDownloader.A potentially unwanted application

-------------------------------------------
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by SueB (administrator) on SUEB-PC on 04-07-2014 00:13:23
Running from C:\Users\SueB\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\GManager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(24im LLC) C:\Program Files (x86)\24im\24im Messenger\IMC.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-24] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [InbitIMC] => C:\Program Files (x86)\24im\24im Messenger\IMC.EXE [3423744 2013-11-30] (24im LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F675470B-C135-4DA8-A601-8A3F063FA64F} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FBF428CE-6C57-4765-978A-D21EB5B3017C} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF ProfilePath: C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\SueB\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\SueB\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-21]

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-24]
CHR Extension: (Google Search) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-24]
CHR Extension: (avast! Online Security) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-02] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-02] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-02] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [145840 2012-12-25] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-20] ()
R3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [410592 2012-09-21] (Magic Control Technology Corp.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-10-06] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 00:13 - 2014-07-04 00:13 - 00018189 _____ () C:\Users\SueB\Desktop\FRST.txt
2014-07-04 00:10 - 2014-07-04 00:10 - 00002633 _____ () C:\Users\SueB\Desktop\ESETScan.txt
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 18:36 - 2014-07-03 18:50 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-03 18:35 - 2014-07-03 18:50 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-03 18:33 - 2014-07-04 00:12 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-03 18:30 - 2014-07-04 00:12 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-03 08:50 - 2014-07-03 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-07-03 08:29 - 2014-07-03 21:47 - 00000634 _____ () C:\Windows\PFRO.log
2014-07-03 08:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-03 08:26 - 2014-07-03 08:28 - 00000000 ____D () C:\AdwCleaner
2014-07-02 20:34 - 2014-07-02 20:34 - 14196266 _____ () C:\Users\SueB\Downloads\mbar-1.07.0.1012.zip
2014-07-02 20:31 - 2014-07-02 20:31 - 14349744 _____ (Malwarebytes Corp.) C:\Users\SueB\Downloads\mbar-1.07.0.1012.exe
2014-07-02 19:45 - 2014-07-02 20:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 19:35 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 19:29 - 2014-07-02 20:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 08:44 - 2014-07-02 08:45 - 00041611 _____ () C:\Users\SueB\Downloads\Addition.txt
2014-07-02 08:43 - 2014-07-04 00:13 - 00000000 ____D () C:\FRST
2014-07-02 08:43 - 2014-07-02 21:00 - 00002950 _____ () C:\Users\SueB\Downloads\FRST.txt
2014-07-02 08:41 - 2014-07-02 08:41 - 02083840 _____ (Farbar) C:\Users\SueB\Desktop\FRST64.exe
2014-07-02 08:30 - 2014-07-02 08:30 - 00262144 _____ () C:\Windows\Minidump\070214-17425-01.dmp
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:26 - 2014-07-02 08:24 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-02 08:14 - 2014-07-02 08:30 - 778359869 _____ () C:\Windows\MEMORY.DMP
2014-07-02 08:14 - 2014-07-02 08:30 - 00000000 ____D () C:\Windows\Minidump
2014-07-02 08:14 - 2014-07-02 08:14 - 00262144 _____ () C:\Windows\Minidump\070214-17503-01.dmp
2014-07-02 07:56 - 2014-07-02 07:56 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (2).exe
2014-07-02 07:55 - 2014-07-02 07:56 - 05185536 _____ (AVAST Software) C:\Users\SueB\Downloads\aswMBR.exe
2014-07-02 07:54 - 2014-07-02 07:55 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (1).exe
2014-07-02 07:46 - 2014-07-02 07:46 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck.exe
2014-07-01 01:42 - 2014-07-01 01:42 - 00001958 _____ () C:\Users\Public\Desktop\netflix.lnk
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:32 - 2014-07-01 01:33 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
2014-06-30 23:42 - 2014-06-30 23:42 - 00000000 ____D () C:\Diag-Advisor
2014-06-30 14:07 - 2014-07-03 21:47 - 00001456 _____ () C:\Windows\setupact.log
2014-06-30 14:07 - 2014-06-30 14:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-30 11:35 - 2014-06-30 11:35 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-30 11:34 - 2014-06-30 11:34 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64 (1).exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 08:34 - 2014-06-30 21:40 - 00000000 __SHD () C:\Jumpshot
2014-06-30 08:31 - 2014-07-01 01:42 - 00000000 ____D () C:\Windows\jumpshot.com
2014-06-28 18:04 - 2014-06-28 18:04 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64.exe
2014-06-26 21:10 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-26 21:10 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 07:32 - 2014-06-24 07:32 - 00123910 _____ () C:\Users\SueB\Documents\Current Schedules.odt
2014-06-20 22:26 - 2014-06-20 22:26 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (1).exe
2014-06-20 21:17 - 2014-06-20 21:17 - 31112616 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-i586.exe
2014-06-20 21:14 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\Program Files\iTunes
2014-06-20 21:13 - 2014-06-20 21:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-20 21:13 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-20 20:58 - 2014-06-30 11:35 - 00000000 ____D () C:\Program Files\Java
2014-06-20 20:57 - 2014-06-20 20:58 - 34131368 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-x64.exe
2014-06-20 20:47 - 2014-06-20 20:47 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60.exe
2014-06-12 10:09 - 2014-06-12 10:09 - 00011287 _____ () C:\Users\SueB\Documents\shifts off.odt
2014-06-12 07:45 - 2014-06-12 10:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-11 06:09 - 2014-05-23 22:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 06:09 - 2014-05-23 22:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 06:09 - 2014-05-23 22:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 06:09 - 2014-05-23 22:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 06:09 - 2014-05-23 22:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 06:09 - 2014-05-23 22:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 06:09 - 2014-05-23 22:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 06:09 - 2014-05-23 21:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 06:09 - 2014-05-23 21:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 06:09 - 2014-05-23 21:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 06:09 - 2014-05-23 21:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 06:09 - 2014-05-23 21:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 06:09 - 2014-05-23 20:13 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-11 06:09 - 2014-05-23 20:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-11 06:09 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 06:09 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 06:09 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 06:09 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 06:09 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 06:09 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 06:09 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 06:09 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 06:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 06:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 06:09 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 06:09 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 06:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 06:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-05 16:41 - 2014-06-05 16:41 - 00001112 _____ () C:\Users\SueB\Desktop\OpenOffice 4.1.0.lnk
2014-06-05 16:41 - 2014-06-05 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-05 10:21 - 2014-06-05 10:23 - 140910890 _____ () C:\Users\SueB\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-06-04 22:59 - 2014-06-04 22:59 - 00012442 _____ () C:\Users\SueB\Downloads\apa6th_template.zip
2014-06-04 22:46 - 2014-06-04 22:46 - 00010298 _____ () C:\Users\SueB\Downloads\mla_with_second_page_header.zip
2014-06-04 06:20 - 2014-06-04 06:20 - 00013139 _____ () C:\Users\SueB\Documents\June 03 2014 goof card.odt

==================== One Month Modified Files and Folders =======

2014-07-04 00:13 - 2014-07-04 00:13 - 00018189 _____ () C:\Users\SueB\Desktop\FRST.txt
2014-07-04 00:13 - 2014-07-02 08:43 - 00000000 ____D () C:\FRST
2014-07-04 00:12 - 2014-07-03 18:33 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-04 00:12 - 2014-07-03 18:30 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-04 00:10 - 2014-07-04 00:10 - 00002633 _____ () C:\Users\SueB\Desktop\ESETScan.txt
2014-07-04 00:10 - 2013-11-24 14:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 23:52 - 2013-12-02 17:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 23:33 - 2013-09-05 20:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA.job
2014-07-03 23:27 - 2014-02-27 22:00 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001.job
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 21:55 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:55 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:54 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 21:52 - 2014-02-19 09:57 - 01514791 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 21:47 - 2014-07-03 08:29 - 00000634 _____ () C:\Windows\PFRO.log
2014-07-03 21:47 - 2014-06-30 14:07 - 00001456 _____ () C:\Windows\setupact.log
2014-07-03 21:47 - 2013-12-02 17:17 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 21:47 - 2013-08-30 20:14 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-07-03 21:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 18:50 - 2014-07-03 18:36 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-03 18:50 - 2014-07-03 18:35 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-03 18:33 - 2013-09-05 20:49 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core.job
2014-07-03 16:04 - 2012-11-23 04:03 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\Skype
2014-07-03 08:50 - 2014-07-03 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-07-03 08:28 - 2014-07-03 08:26 - 00000000 ____D () C:\AdwCleaner
2014-07-03 08:28 - 2012-11-21 17:54 - 00000000 ____D () C:\Users\SueB
2014-07-02 21:00 - 2014-07-02 08:43 - 00002950 _____ () C:\Users\SueB\Downloads\FRST.txt
2014-07-02 20:49 - 2014-07-02 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 20:41 - 2014-07-02 19:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 20:39 - 2014-07-02 19:35 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 20:34 - 2014-07-02 20:34 - 14196266 _____ () C:\Users\SueB\Downloads\mbar-1.07.0.1012.zip
2014-07-02 20:31 - 2014-07-02 20:31 - 14349744 _____ (Malwarebytes Corp.) C:\Users\SueB\Downloads\mbar-1.07.0.1012.exe
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 08:45 - 2014-07-02 08:44 - 00041611 _____ () C:\Users\SueB\Downloads\Addition.txt
2014-07-02 08:41 - 2014-07-02 08:41 - 02083840 _____ (Farbar) C:\Users\SueB\Desktop\FRST64.exe
2014-07-02 08:30 - 2014-07-02 08:30 - 00262144 _____ () C:\Windows\Minidump\070214-17425-01.dmp
2014-07-02 08:30 - 2014-07-02 08:14 - 778359869 _____ () C:\Windows\MEMORY.DMP
2014-07-02 08:30 - 2014-07-02 08:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:24 - 2014-07-02 08:26 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-02 08:14 - 2014-07-02 08:14 - 00262144 _____ () C:\Windows\Minidump\070214-17503-01.dmp
2014-07-02 07:56 - 2014-07-02 07:56 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (2).exe
2014-07-02 07:56 - 2014-07-02 07:55 - 05185536 _____ (AVAST Software) C:\Users\SueB\Downloads\aswMBR.exe
2014-07-02 07:55 - 2014-07-02 07:54 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck (1).exe
2014-07-02 07:46 - 2014-07-02 07:46 - 00854390 _____ () C:\Users\SueB\Downloads\SecurityCheck.exe
2014-07-01 22:51 - 2012-11-21 19:36 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\SoftGrid Client
2014-07-01 14:25 - 2014-02-27 22:00 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001
2014-07-01 01:42 - 2014-07-01 01:42 - 00001958 _____ () C:\Users\Public\Desktop\netflix.lnk
2014-07-01 01:42 - 2014-06-30 08:31 - 00000000 ____D () C:\Windows\jumpshot.com
2014-07-01 01:42 - 2012-04-12 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\Recovery Management
2014-07-01 01:36 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:32 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
2014-06-30 23:42 - 2014-06-30 23:42 - 00000000 ____D () C:\Diag-Advisor
2014-06-30 23:24 - 2013-01-05 22:08 - 00000000 ____D () C:\Users\SueB\Downloads\D2000AZNEWGB_Training(1)
2014-06-30 22:49 - 2012-12-09 14:16 - 00000000 ____D () C:\Users\SueB\Documents\Youcam
2014-06-30 21:40 - 2014-06-30 08:34 - 00000000 __SHD () C:\Jumpshot
2014-06-30 14:14 - 2013-05-21 09:04 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4B6C508-3456-47A0-9DC4-7C361428BA62}
2014-06-30 14:07 - 2014-06-30 14:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-30 12:51 - 2014-04-08 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-30 11:35 - 2014-06-30 11:35 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-30 11:35 - 2014-06-30 11:35 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-30 11:35 - 2014-06-20 20:58 - 00000000 ____D () C:\Program Files\Java
2014-06-30 11:34 - 2014-06-30 11:34 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64 (1).exe
2014-06-30 11:30 - 2013-10-17 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-30 11:29 - 2014-06-30 11:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:29 - 2012-11-27 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 09:22 - 2012-11-21 18:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-30 08:34 - 2012-11-21 17:55 - 07864320 ___SH () C:\Users\SueB\.ghost-ntfs-3g-00000000000000000009
2014-06-30 08:34 - 2009-07-13 22:34 - 77332480 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-06-30 08:34 - 2009-07-13 22:34 - 22806528 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-06-28 18:04 - 2014-06-28 18:04 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64.exe
2014-06-26 21:10 - 2014-04-30 23:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-24 07:32 - 2014-06-24 07:32 - 00123910 _____ () C:\Users\SueB\Documents\Current Schedules.odt
2014-06-22 20:32 - 2012-11-21 17:55 - 00064416 _____ () C:\Users\SueB\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-21 03:47 - 2013-12-02 17:17 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 03:47 - 2013-12-02 17:17 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 22:26 - 2014-06-20 22:26 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (1).exe
2014-06-20 21:17 - 2014-06-20 21:17 - 31112616 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-i586.exe
2014-06-20 21:14 - 2014-06-20 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iTunes
2014-06-20 21:14 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-20 21:13 - 2014-06-20 21:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 21:10 - 2014-06-20 21:10 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-20 21:09 - 2012-12-06 08:04 - 00000000 ____D () C:\ProgramData\Apple
2014-06-20 21:07 - 2013-11-24 14:54 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 21:07 - 2013-11-24 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 21:07 - 2013-11-24 14:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-20 20:58 - 2014-06-20 20:57 - 34131368 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-8u5-windows-x64.exe
2014-06-20 20:47 - 2014-06-20 20:47 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60.exe
2014-06-20 20:45 - 2014-05-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 20:39 - 2014-04-06 23:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-19 07:51 - 2013-12-02 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-18 19:26 - 2014-03-15 17:24 - 00000000 ____D () C:\ProgramData\webex
2014-06-16 18:28 - 2013-09-05 20:49 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA
2014-06-16 18:28 - 2013-09-05 20:49 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core
2014-06-13 07:02 - 2012-11-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 10:09 - 2014-06-12 10:09 - 00011287 _____ () C:\Users\SueB\Documents\shifts off.odt
2014-06-12 10:07 - 2014-06-12 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-12 08:42 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-06-11 10:03 - 2013-08-15 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 10:01 - 2012-11-23 13:34 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 05:13 - 2014-06-26 21:10 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-26 21:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 08:12 - 2012-11-21 18:55 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 08:12 - 2012-11-21 17:57 - 00001409 _____ () C:\Users\SueB\Desktop\Internet Explorer.lnk
2014-06-06 02:52 - 2009-07-14 00:45 - 00295288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-05 16:41 - 2014-06-05 16:41 - 00001112 _____ () C:\Users\SueB\Desktop\OpenOffice 4.1.0.lnk
2014-06-05 16:41 - 2014-06-05 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-05 16:41 - 2013-08-04 13:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-05 10:23 - 2014-06-05 10:21 - 140910890 _____ () C:\Users\SueB\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-06-04 22:59 - 2014-06-04 22:59 - 00012442 _____ () C:\Users\SueB\Downloads\apa6th_template.zip
2014-06-04 22:46 - 2014-06-04 22:46 - 00010298 _____ () C:\Users\SueB\Downloads\mla_with_second_page_header.zip
2014-06-04 06:20 - 2014-06-04 06:20 - 00013139 _____ () C:\Users\SueB\Documents\June 03 2014 goof card.odt

Some content of TEMP:
====================
C:\Users\SueB\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 08:14

==================== End Of Log ============================
 
The computer seems to be run just fine. I was surprised to see that conduit show up in the list. I just hope that I don't have to resort to taking the whole computer back to factory specs. :sad:

If you are planning a holiday weekend, have a good one.
 
Hi Suemarie,

I was surprised to see that conduit show up in the list. I just hope that I don't have to resort to taking the whole computer back to factory specs.
Click to expand...
Those Conduit items are in a quarantine folder and pose no risk to your computer. I don't think resetting back to factory settings will be necessary.

Happy 4th of July to you too.

Delete a File/Folder

Using Windows Explorer (Windows Key + E), locate the following files, and DELETE them (if still present):
  • C:\Users\SueB\Downloads\CCleaner_Setup [1].exe
  • C:\Users\SueB\Downloads\ccsetup412.exe
  • C:\Users\SueB\Downloads\dfsetup216.exe
  • C:\Users\SueB\Downloads\dfsetup217.exe
  • C:\Users\SueB\Downloads\download-install_flash_player.exe
Exit Explorer

=========================

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Code: 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:
  • Fixlog.txt
  • Any remaining issues?
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by SueB at 2014-07-04 13:30:49 Run:2
Running from C:\Users\SueB\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:

--------------------------------------


No other issues. I do have a question. If I were to purchase the pro-version of Spybot, would it clash with my Avast Internet Security or Malwarbytes Pro?

The only thing that I don't like about Avast is their new program called Grimefighter. I made the mistake of putting that in and ended up disabling it because it was causing unwanted problems.

Would Spybot Professional take the place of Avast or should I keep it in?

Thank you ever so much for all you have done for me. If there is a special thread for complimenting you personally as a tech, I want to put in a good word there.
 
Hi Suemarie,

The Fixlist log only contained the header?

If so please run a fresh scan with FRST.

Just for clarification, I do not work for Spybot I am just a volunteer that helps people with malware removal from their personal computers.

Spybot Pro - Compare the different versions of Spybot - http://www.safer-networking.org/private/compare/

Avast Internet Security - http://www.avast.com/en-us/internet-security

Malwarebytes' Pro - https://www.malwarebytes.org/antimalware/premium/
Malwarebytes' Premium is a very good stand alone anti-malware tool to have. It detects and protects against malware in real-time. Don't confuse MBAM with an anti-virus, they are not the same.

Grimefighter - http://www.avast.com/en-us/grimefighter
Although you found not use for this tool that came bundled with Avast you seem to have found a solution to it. In the future when you are installing software (any software) always choose the "custom installation option" this will generally allow you to select what "add-ons" you would like to install. Then you have more control over what's added to your machine.

Would Spybot Professional take the place of Avast or should I keep it in?
Click to expand...
Since Spybot Pro contains anti-virus protection so you would not need to have Avast also.

Thank you ever so much for all you have done for me. If there is a special thread for complimenting you personally as a tech, I want to put in a good word there.
Click to expand...
Your welcome, and I appreciate your thoughtfulness. Generally, most people just add their comments directly into the thread.
 
Status
Not open for further replies.
Back
Top