Sponsored By

mell2003

Members
  • Content Count

    11
  • Joined

  • Last visited

About mell2003

  • Rank
    Member
  1. # DelFix v1.010 - Logfile created 09/08/2015 at 16:42:25 # Updated 26/04/2015 by Xplode # Username : Kellee - KELLEE-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\AdwCleaner Deleted : C:\Users\Kellee\Desktop\dds.txt Deleted : C:\Users\Kellee\Desktop\JRT.txt Deleted : C:\Users\Kellee\Downloads\Extras.Txt Deleted : C:\Users\Kellee\Downloads\JRT.exe Deleted : C:\Users\Kellee\Downloads\OTL.Txt Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #114 [scheduled Checkpoint | 06/15/2015 01:04:10] Deleted : RP #115 [scheduled Checkpoint | 07/29/2015 01:41:07] Deleted : RP #116 [JRT Pre-Junkware Removal | 08/08/2015 02:09:25] Deleted : RP #117 [Removed Adobe Acrobat Reader DC. | 08/09/2015 22:33:16] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-21-316649051-4046440699-241404406-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-316649051-4046440699-241404406-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/MVT\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator\ deleted successfully. C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\_metadata folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\Resources folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0 folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_1 folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419 folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css folder moved successfully. C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0 folder moved successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. File Protocol\Handler\skype4com - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. File EY_USERS\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Classes\<extension>] not found. File ptyjava] not found. File ptyflash] not found. File PTYTEMP] not found. File SETHOSTS] not found. File EATERESTOREPOINT] not found. File boot] not found. OTL by OldTimer - Version 3.2.69.0 log created on 08082015_123823 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
  3. OTL Extras logfile created on: 8/8/2015 11:03:09 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kellee\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17207) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.74 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 47.59% Memory free 7.48 Gb Paging File | 5.12 Gb Available in Paging File | 68.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.07 Gb Total Space | 367.59 Gb Free Space | 81.49% Space Free | Partition Type: NTFS Drive E: | 14.65 Gb Total Space | 7.77 Gb Free Space | 53.02% Space Free | Partition Type: NTFS Computer Name: KELLEE-PC | User Name: Kellee | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1" Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1" Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E19CE22-4495-4DB3-9882-18A8887A3A8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{325F3F76-1703-4478-A304-756FBA2A19DE}" = lport=445 | protocol=6 | dir=in | app=system | "{3664CE91-A728-4D73-ACD2-279706BF92E2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3C77EB1C-057E-4133-ABE1-58A2ACD47AFB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5FCF1CF4-9072-4F6B-9D1D-BA591AA1ACA6}" = rport=445 | protocol=6 | dir=out | app=system | "{64C69211-5A9F-4B95-AE32-5711A38885FA}" = rport=138 | protocol=17 | dir=out | app=system | "{654FF24D-2043-4FFD-A7CF-AF40BDA7B9FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{75D3BBF1-B503-40ED-A749-58CE04442EC5}" = lport=139 | protocol=6 | dir=in | app=system | "{8FBDBA81-1708-4EAF-BD96-7920673D292F}" = rport=139 | protocol=6 | dir=out | app=system | "{BC1332B9-50A2-4F1C-BE00-C700EAFD9438}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C560F552-3D56-422F-AFF3-81ADE8898895}" = lport=138 | protocol=17 | dir=in | app=system | "{C845AECD-2829-4453-98F1-6FA9FE80554F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D4EE3AD8-8C45-46A3-86C7-6E3FACD75699}" = lport=137 | protocol=17 | dir=in | app=system | "{DCC9779F-CE0B-46F0-B3FA-B1E2CC93CE0F}" = rport=137 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{266EFF26-BD81-4CFD-85A3-6DDE44892B30}" = protocol=1 | dir=out | [email protected],-28544 | "{5DFC9914-7D18-471E-AED7-8B7127F08228}" = protocol=1 | dir=in | [email protected],-28543 | "{6273B6D8-9156-4124-99E5-D32CC360BFB8}" = protocol=58 | dir=in | [email protected],-28545 | "{9E24408A-2921-4A27-B5B4-7357E7551B9A}" = protocol=58 | dir=out | [email protected],-28546 | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{19E88D03-44D4-46aa-9F3C-D6CFC035BFE6}" = Pantech Android USB Driver Ver1 "{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes "{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 340.52 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 340.52 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 15.3.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23 "{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support "{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skypeâ„¢ 7.4 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor "{3B03E732-6150-4D0A-849F-C6F4141EA78C}" = EPSON Perfection V33/V330 Photo Scanner Driver Update "{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX "{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support "{88D68A69-D247-466B-90DD-575F6BE16230}_is1" = CardRecovery 6.00 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5 "{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7 "{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager "{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "{FB46F473-333E-4A06-A777-31C54188593E}" = ArcSoft MediaImpression 2 "{FF8455A9-21E8-457D-AC64-510A705D53B3}" = ArcSoft Scan-n-Stitch Deluxe "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI "Advanced Audio FX Engine" = Advanced Audio FX Engine "Blue's 123 Time Activities" = Blue's 123 Time Activities "Dell Webcam Central" = Dell Webcam Central "Digital Photo Professional" = Canon Utilities Digital Photo Professional "EOS Sample Music" = Canon Utilities EOS Sample Music "EOS Utility" = Canon Utilities EOS Utility "EPSON Scanner" = EPSON Scan "Google Chrome" = Google Chrome "ImageBrowser EX" = Canon Utilities ImageBrowser EX "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.8.1057 "McAfee Virtual Technician" = McAfee Virtual Technician "MSC" = McAfee Total Protection "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.SingleImage" = Microsoft Office Home and Student 2010 "Pantech PC Suite" = Pantech PC Suite "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "Samsung PC Studio 7" = Samsung PC Studio 7 "VTechDownloadManager" = Learning Lodge Navigator ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Image Editor Packages" = Image Editor Packages "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 8/4/2015 5:13:30 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 8/4/2015 5:13:30 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14337 Error - 8/4/2015 5:13:30 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14337 Error - 8/4/2015 5:13:31 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 8/4/2015 5:13:31 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15366 Error - 8/4/2015 5:13:31 AM | Computer Name = Kellee-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15366 Error - 8/4/2015 10:36:45 PM | Computer Name = Kellee-PC | Source = Application Error | ID = 1000 Description = Faulting application name: saUpd.exe, version: 4.0.1.115, time stamp: 0x55ae713e Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000374 Fault offset: 0x00000000000c4102 Faulting process id: 0xd10 Faulting application start time: 0x01d0cf274ef0ad12 Faulting application path: c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: cfeddcfe-3b1a-11e5-b513-207c8f310418 Error - 8/4/2015 10:57:01 PM | Computer Name = Kellee-PC | Source = Application Error | ID = 1000 Description = Faulting application name: saUpd.exe, version: 4.0.1.115, time stamp: 0x55ae713e Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000005382a Faulting process id: 0xef4 Faulting application start time: 0x01d0cf2a6365de9f Faulting application path: c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: a4959293-3b1d-11e5-b513-207c8f310418 Error - 8/7/2015 6:58:21 PM | Computer Name = Kellee-PC | Source = Application Hang | ID = 1002 Description = The program IEXPLORE.EXE version 11.0.9600.17207 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 17e4 Start Time: 01d0d1646576413e Termination Time: 0 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error - 8/8/2015 11:17:27 AM | Computer Name = Kellee-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\TIS_VistaPIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. [ Media Center Events ] Error - 4/29/2013 6:01:02 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 4:01:01 PM - Failed to retrieve MCESpotlight.cab (Error: BITS 0x80070424) Error - 4/29/2013 6:01:02 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 4:01:02 PM - Failed to retrieve dSM.cab (Error: BITS 0x80070424) 4:01:02 PM - Failed to retrieve Logos.cab (Error: BITS 0x80070424) 4:01:02 PM - Failed to retrieve SMTiles.cab (Error: BITS 0x80070424) 4:01:02 PM - Failed to retrieve UpdateableMarkup.cab (Error: BITS 0x80070424) Error - 4/29/2013 6:01:03 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 4:01:03 PM - Failed to retrieve SportsSchedule.enc (Error: BITS 0x80070424) Error - 4/29/2013 6:01:03 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 4:01:03 PM - Failed to retrieve ScheduleSupplement.cab (Error: BITS 0x80070424) 4:01:03 PM - Failed to retrieve SportsTemplate.cab (Error: BITS 0x80070424) 4:01:03 PM - Failed to retrieve SportsTemplateCore.cab (Error: BITS 0x80070424) Error - 4/29/2013 6:01:09 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 4:01:04 PM - Failed to retrieve Broadband.enc (Error: BITS 0x80070424) Error - 4/29/2013 8:09:57 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 6:09:57 PM - Failed to retrieve MCESpotlight.cab (Error: BITS 0x80070424) Error - 4/29/2013 8:09:57 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 6:09:57 PM - Failed to retrieve dSM.cab (Error: BITS 0x80070424) 6:09:57 PM - Failed to retrieve Logos.cab (Error: BITS 0x80070424) 6:09:57 PM - Failed to retrieve SMTiles.cab (Error: BITS 0x80070424) 6:09:57 PM - Failed to retrieve UpdateableMarkup.cab (Error: BITS 0x80070424) Error - 4/29/2013 8:09:58 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 6:09:58 PM - Failed to retrieve SportsSchedule.enc (Error: BITS 0x80070424) Error - 4/29/2013 8:09:59 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 6:09:58 PM - Failed to retrieve ScheduleSupplement.cab (Error: BITS 0x80070424) 6:09:58 PM - Failed to retrieve SportsTemplate.cab (Error: BITS 0x80070424) 6:09:58 PM - Failed to retrieve SportsTemplateCore.cab (Error: BITS 0x80070424) Error - 4/29/2013 8:10:02 PM | Computer Name = Kellee-PC | Source = MCUpdate | ID = 0 Description = 6:10:00 PM - Failed to retrieve Broadband.enc (Error: BITS 0x80070424) [ System Events ] Error - 8/7/2015 11:09:06 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7000 Description = The Base Filtering Engine service failed to start due to the following error: %%1290 Error - 8/7/2015 11:09:06 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7001 Description = The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: %%1290 Error - 8/7/2015 11:09:09 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7000 Description = The Base Filtering Engine service failed to start due to the following error: %%1290 Error - 8/7/2015 11:09:09 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7001 Description = The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: %%1290 Error - 8/7/2015 11:09:11 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7000 Description = The Security Center service failed to start due to the following error: %%1314 Error - 8/7/2015 11:09:21 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7000 Description = The Base Filtering Engine service failed to start due to the following error: %%1290 Error - 8/7/2015 11:09:21 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7001 Description = The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: %%1290 Error - 8/7/2015 11:09:30 PM | Computer Name = Kellee-PC | Source = Service Control Manager | ID = 7024 Description = The HomeGroup Listener service terminated with service-specific error %%-2147023143. Error - 8/7/2015 11:09:36 PM | Computer Name = Kellee-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 8/7/2015 11:26:36 PM | Computer Name = Kellee-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll < End of report >
  4. OTL logfile created on: 8/8/2015 11:03:09 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kellee\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17207) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.74 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 47.59% Memory free 7.48 Gb Paging File | 5.12 Gb Available in Paging File | 68.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.07 Gb Total Space | 367.59 Gb Free Space | 81.49% Space Free | Partition Type: NTFS Drive E: | 14.65 Gb Total Space | 7.77 Gb Free Space | 53.02% Space Free | Partition Type: NTFS Computer Name: KELLEE-PC | User Name: Kellee | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015/08/08 11:02:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kellee\Downloads\OTL.scr PRC - [2015/08/07 20:06:01 | 002,018,360 | ---- | M] (Spotify Ltd) -- C:\Users\Kellee\AppData\Roaming\Spotify\SpotifyWebHelper.exe PRC - [2015/07/21 12:26:00 | 001,551,488 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe PRC - [2015/07/18 08:53:10 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014/07/25 08:02:45 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014/07/25 08:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2014/07/02 11:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2014/06/20 00:42:16 | 000,401,280 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe PRC - [2013/10/03 11:42:30 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe PRC - [2011/09/16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/08/19 18:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2008/12/06 01:48:08 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe PRC - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2008/10/27 14:08:04 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2008/06/03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe ========== Modules (No Company Name) ========== MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2014/07/02 14:48:32 | 000,013,272 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll MOD - [2014/06/20 00:42:16 | 000,401,280 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe MOD - [2014/05/06 04:44:30 | 000,307,712 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll MOD - [2014/05/06 04:44:22 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll MOD - [2014/05/06 04:44:18 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll MOD - [2014/05/06 04:44:16 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll MOD - [2014/05/06 00:31:52 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll MOD - [2014/05/05 23:58:30 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll MOD - [2014/05/05 23:39:22 | 000,861,184 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll MOD - [2014/05/05 23:38:30 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll MOD - [2014/05/05 23:38:28 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll MOD - [2014/05/05 23:38:26 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll MOD - [2014/05/05 23:38:20 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll MOD - [2014/05/05 23:38:16 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll MOD - [2014/04/21 20:14:50 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll MOD - [2014/03/04 05:20:40 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll MOD - [2013/10/03 11:42:30 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll MOD - [2013/10/03 11:42:30 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe MOD - [2012/06/13 18:51:53 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll MOD - [2012/06/13 08:13:46 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll MOD - [2012/06/13 08:13:38 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll MOD - [2012/06/08 07:29:05 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll MOD - [2012/06/08 07:29:04 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll MOD - [2012/06/08 07:28:58 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll MOD - [2012/06/08 07:26:44 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll MOD - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe MOD - [2009/05/16 00:10:46 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM.dll MOD - [2008/12/06 01:50:24 | 000,713,728 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\Styles\NGLStyle.dll MOD - [2008/12/06 01:48:08 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe MOD - [2008/12/06 01:25:14 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSL.dll MOD - [2008/12/05 16:31:08 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\Imageformats\qjpeg4.dll MOD - [2008/12/05 16:23:58 | 006,402,048 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtGui4.dll MOD - [2008/12/05 16:15:14 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtXml4.dll MOD - [2008/12/05 16:15:06 | 001,581,056 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtCore4.dll MOD - [2008/10/27 14:08:04 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe ========== Services (SafeList) ========== SRV:64bit: - [2015/07/06 17:27:18 | 000,373,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms) SRV:64bit: - [2015/06/29 10:03:32 | 000,254,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2015/06/29 10:01:22 | 000,232,656 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:64bit: - [2015/05/13 15:00:50 | 000,754,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2015/05/06 22:58:02 | 000,340,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc) SRV:64bit: - [2015/05/05 06:26:22 | 000,609,592 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV:64bit: - [2015/04/08 07:06:16 | 000,207,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe -- (mccspsvc) SRV:64bit: - [2014/08/05 17:35:53 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2014/07/25 08:02:38 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/03/05 10:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [1999/12/31 18:00:00 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV:64bit: - [1999/12/31 18:00:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2015/07/21 12:25:02 | 000,155,368 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2015/07/21 12:19:07 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2015/02/18 20:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/07/25 08:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2014/07/02 11:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV:64bit: - [2015/07/02 15:33:00 | 000,875,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2015/07/02 15:33:00 | 000,496,888 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2015/07/02 15:33:00 | 000,412,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack) DRV:64bit: - [2015/07/02 15:33:00 | 000,347,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2015/07/02 15:33:00 | 000,344,704 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2015/07/02 15:33:00 | 000,077,536 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2015/06/18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2015/05/08 01:42:00 | 000,076,064 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv) DRV:64bit: - [2015/04/27 08:02:58 | 000,198,448 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK) DRV:64bit: - [2015/03/26 12:46:00 | 000,100,720 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk) DRV:64bit: - [2015/03/26 12:45:54 | 000,483,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc) DRV:64bit: - [2015/02/17 14:39:52 | 000,101,872 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfedisk.sys -- (mfedisk) DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2014/07/25 08:02:38 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:64bit: - [2014/07/02 14:48:32 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2014/06/28 14:50:26 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:64bit: - [2014/03/31 10:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/25 09:57:38 | 000,213,504 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011/10/25 09:57:38 | 000,096,768 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011/10/07 01:35:32 | 000,183,808 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNMSMVSP.sys -- (PSMNMSMVSP) DRV:64bit: - [2011/10/07 01:35:32 | 000,183,808 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNMDMVSP.sys -- (PSMNMDMVSP) DRV:64bit: - [2011/10/07 01:35:32 | 000,113,408 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNNET61.sys -- (PSMNNET61) DRV:64bit: - [2011/10/07 01:35:32 | 000,063,744 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNRMNET.sys -- (PSMNRMNET) DRV:64bit: - [2011/10/07 01:35:30 | 000,183,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNMDM.sys -- (PSMNMDM) DRV:64bit: - [2011/10/07 01:35:30 | 000,102,784 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSMNBUS.sys -- (PSMNBUS) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/08/12 10:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2010/07/02 01:46:58 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt) DRV:64bit: - [2010/05/31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2010/03/26 15:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [1999/12/31 18:00:00 | 012,312,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [1999/12/31 18:00:00 | 000,872,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [1999/12/31 18:00:00 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [1999/12/31 18:00:00 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [1999/12/31 18:00:00 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV - [2015/07/21 12:25:46 | 000,037,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49713;https=127.0.0.1:49713 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49713;https=127.0.0.1:49713 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 79 1E C0 56 26 41 CD 01 [binary data] IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-316649051-4046440699-241404406-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\Kellee\AppData\Roaming\CATALI~1\NPBCSK~1.DLL File not found 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR [2015/07/25 10:10:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2015/07/25 10:10:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2015/07/28 18:15:33 | 000,000,000 | ---D | M] [2013/05/29 17:26:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions ========== Chrome ========== CHR - Extension: No name found = C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\ CHR - Extension: No name found = C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_1\ CHR - Extension: No name found = C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKU\.DEFAULT..\Run: [samsung.PCSync] C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia) O4 - HKU\S-1-5-18..\Run: [samsung.PCSync] C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-316649051-4046440699-241404406-1000..\Run: [s60 PC Suite Tray] C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe () O4 - HKU\S-1-5-21-316649051-4046440699-241404406-1000..\Run: [spotify] C:\Users\Kellee\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-316649051-4046440699-241404406-1000..\Run: [spotify Web Helper] C:\Users\Kellee\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC1562F1-DF6E-4C37-8EE5-D032FFF3EC29}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015/08/07 20:06:07 | 000,000,000 | ---D | C] -- C:\Users\Kellee\AppData\Local\CEF [2015/08/07 19:43:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2015/08/07 17:03:25 | 000,198,448 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys [2015/07/28 07:46:11 | 000,076,064 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\McPvDrv.sys [2015/07/21 20:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV [2015/07/10 17:28:10 | 000,000,000 | ---D | C] -- C:\Users\Kellee\AppData\Local\Xenocode [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015/08/08 11:01:36 | 000,000,682 | ---- | M] () -- C:\Users\Kellee\Desktop\External link.url [2015/08/08 11:00:41 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/08/08 11:00:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/08/08 10:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/08/08 09:31:41 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015/08/08 08:58:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/08/08 08:41:42 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015/08/08 08:41:41 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015/08/08 08:33:06 | 3010,695,168 | -HS- | M] () -- C:\hiberfil.sys [2015/08/07 20:39:05 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015/08/07 16:59:51 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015/07/28 07:36:19 | 377,839,590 | ---- | M] () -- C:\Windows\MEMORY.DMP [2015/07/21 12:19:05 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015/07/21 12:19:05 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2015/08/08 11:01:36 | 000,000,682 | ---- | C] () -- C:\Users\Kellee\Desktop\External link.url [2015/04/09 19:43:00 | 000,002,448 | ---- | C] () -- C:\Users\Kellee\AppData\Roaming\NMM-MetaData.db [2015/02/17 11:10:28 | 000,000,412 | ---- | C] () -- C:\Windows\hegames.ini [2014/03/19 08:31:49 | 000,000,479 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2013/12/12 21:08:47 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2013/07/29 01:58:45 | 000,000,222 | ---- | C] () -- C:\Users\Kellee\AppData\Roaming\WB.CFG [2012/11/17 09:05:14 | 000,000,790 | ---- | C] () -- C:\Users\Kellee\AppData\Local\cookies.ini [2012/08/31 16:22:50 | 000,005,632 | ---- | C] () -- C:\Users\Kellee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/04 21:51:04 | 000,103,832 | ---- | C] () -- C:\Users\Kellee\GoToAssistDownloadHelper.exe [2012/06/03 16:19:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2013/09/18 14:16:02 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b}\L [2012/09/23 13:30:16 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b}\U [2011/11/17 00:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Kellee\AppData\Local\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b}\L [2011/11/17 00:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Kellee\AppData\Local\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b}\U [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Purity Check ========== < End of report >
  5. Results of screen317's Security Check version 1.006 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 18.0.0.209 Adobe Reader 9 Adobe Reader out of Date! Google Chrome (44.0.2403.125) Google Chrome (44.0.2403.130) ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````
  6. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 8/7/2015 Scan Time: 8:47 PM Logfile: mbamlog.txt Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.08.07.06 Rootkit Database: v2015.08.06.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Kellee Scan Type: Threat Scan Result: Completed Objects Scanned: 407645 Time Elapsed: 18 min, 6 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 7 PUP.Optional.DealKeeper.A, HKU\S-1-5-21-316649051-4046440699-241404406-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254}, Quarantined, [000208fe48439a9c797e5a38649e2ad6], PUP.Optional.DealKeeper.A, HKU\S-1-5-21-316649051-4046440699-241404406-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254}, Quarantined, [000208fe48439a9c797e5a38649e2ad6], PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [5fa3c640addef640804fa1046f95d62a], Trojan.Zaccess, HKU\S-1-5-21-316649051-4046440699-241404406-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32, Quarantined, [57ab8b7b0586d363bdb23dfb3dc7f30d], Trojan.Zaccess, HKU\S-1-5-21-316649051-4046440699-241404406-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}, Quarantined, [57ab8b7b0586d363bdb23dfb3dc7f30d], Trojan.Zaccess, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}, Delete-on-Reboot, [57ab8b7b0586d363bdb23dfb3dc7f30d], Trojan.Zaccess, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}, Delete-on-Reboot, [57ab8b7b0586d363bdb23dfb3dc7f30d], Registry Values: 2 PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Astromenda\\, Quarantined, [6c9609fdef9c58de557c9980a55ef709] Trojan.Zaccess, HKU\S-1-5-21-316649051-4046440699-241404406-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32, C:\Users\Kellee\AppData\Local\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b}\n., Quarantined, [57ab8b7b0586d363bdb23dfb3dc7f30d] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 PUP.Optional.WebToSave.A, C:\Users\Kellee\AppData\Local\WebToSave.crx, Quarantined, [58aa20e6ddae999d812dbb5a41c238c8], Physical Sectors: 0 (No malicious items detected) (end)
  7. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17207 Run by Kellee at 8:53:00 on 2015-08-08 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3828.1544 [GMT -6:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\mfevtps.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\McAfee\MSC\McAPExe.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Users\Kellee\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe C:\Users\Kellee\AppData\Roaming\Spotify\Spotify.exe C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Users\Kellee\AppData\Roaming\Spotify\SpotifyCrashService.exe C:\Users\Kellee\AppData\Roaming\Spotify\Spotify.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\Kellee\AppData\Roaming\Spotify\Spotify.exe C:\Windows\system32\taskeng.exe C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\RunDll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = about:blank mWinlogon: Userinit = userinit.exe, BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL uRun: [spotify Web Helper] "C:\Users\Kellee\AppData\Roaming\Spotify\SpotifyWebHelper.exe" uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [spotify] "C:\Users\Kellee\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized uRun: [s60 PC Suite Tray] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe" -onlytray mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" dRun: [samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IMAGEB~1.LNK - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll TCP: NameServer = 192.168.2.1 TCP: Interfaces\{DC1562F1-DF6E-4C37-8EE5-D032FFF3EC29} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{DC1562F1-DF6E-4C37-8EE5-D032FFF3EC29}\A5978554C4 : DHCPNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings x64-mStart Page = about:blank x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 mfedisk;McAfee AAC Disk Filter Driver;C:\Windows\System32\drivers\mfedisk.sys [2015-2-17 101872] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-12-5 875928] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-1-27 344704] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-8-5 32544] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-6-2 55280] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 50464] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-8-5 98208] R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816] R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-20 340744] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2015-7-22 155368] R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-2-20 754280] R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [2015-4-8 207344] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-20 340744] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-20 340744] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-20 340744] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-20 340744] R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2015-7-28 76064] R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-5-21 373704] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-2-20 254792] R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-5 1720608] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-12 18956064] R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-8-5 290520] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-5 411936] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-2 2533400] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-1-27 77536] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-6-2 175168] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-6-2 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2013-11-4 158976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-11-4 317440] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-5 25816] R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2015-2-17 412440] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-1-27 347800] R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-2-20 232656] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-1-27 496888] R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2015-3-26 483240] R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-7-22 37960] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-25 96768] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-25 213504] R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-5 20256] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-5 40392] R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2010-7-2 29288] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-5 872152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-4-4 1133880] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-2-18 315488] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2015-8-7 198448] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-5 111616] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-6-2 160880] S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-4-4 63704] S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2015-3-26 100720] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240] S3 PSMNBUS;Pantech Android USB Composite Device Ver1 Driver;C:\Windows\System32\drivers\PSMNBUS.sys [2014-8-5 102784] S3 PSMNMDM;Pantech Android USB Modem Ver1 Drivers;C:\Windows\System32\drivers\PSMNMDM.sys [2014-8-5 183680] S3 PSMNMDMVSP;Pantech Android MDM Diagnostic Serial Port Ver1;C:\Windows\System32\drivers\PSMNMDMVSP.sys [2014-8-5 183808] S3 PSMNMSMVSP;Pantech Android MSM Diagnostic Serial Port Ver1;C:\Windows\System32\drivers\PSMNMSMVSP.sys [2014-8-5 183808] S3 PSMNNET61;Pantech Android MDM WWAN (NDIS6.1);C:\Windows\System32\drivers\PSMNNET61.sys [2014-8-5 113408] S3 PSMNRMNET;Pantech Android MDM RMNET Device;C:\Windows\System32\drivers\PSMNRMNET.sys [2014-8-5 63744] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-4 1255736] . =============== Created Last 30 ================ . 2015-08-08 02:06:07 -------- d-----w- C:\Users\Kellee\AppData\Local\CEF 2015-08-08 01:43:34 -------- d-----w- C:\AdwCleaner 2015-08-07 23:03:25 198448 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2015-07-28 13:46:11 76064 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys 2015-07-22 02:00:13 -------- d-----w- C:\Program Files\Common Files\AV 2015-07-10 23:28:10 -------- d-----w- C:\Users\Kellee\AppData\Local\Xenocode . ==================== Find3M ==================== . 2015-08-08 02:47:36 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-07-21 18:19:05 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2015-07-21 18:19:05 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2015-07-02 21:33:00 875928 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2015-07-02 21:33:00 77536 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2015-07-02 21:33:00 496888 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2015-07-02 21:33:00 412440 ----a-w- C:\Windows\System32\drivers\mfeaack.sys 2015-07-02 21:33:00 347800 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2015-07-02 21:33:00 344704 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2015-06-29 16:03:32 254792 ----a-w- C:\Windows\System32\mfevtps.exe 2015-06-18 14:41:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-06-18 14:41:44 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-06-18 14:41:40 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 8:53:40.16 ===============
  8. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 6/2/2012 1:20:51 PM System Uptime: 8/8/2015 8:32:58 AM (0 hours ago) . Motherboard: Dell Inc. | | 00CKNG Processor: Intel® Core i5 CPU M 460 @ 2.53GHz | U2E1 | 2534/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 368.287 GiB free. D: is CDROM () E: is FIXED (NTFS) - 15 GiB total, 7.767 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\SMO8800\1 Manufacturer: Name: PNP Device ID: ACPI\SMO8800\1 Service: . ==== System Restore Points =================== . RP114: 6/14/2015 7:04:10 PM - Scheduled Checkpoint RP115: 7/28/2015 7:41:07 PM - Scheduled Checkpoint RP116: 8/7/2015 8:09:25 PM - JRT Pre-Junkware Removal . ==== Installed Programs ====================== . ABBYY FineReader 9.0 Sprint Adobe Acrobat Reader DC Adobe Flash Player 18 ActiveX Adobe Flash Player 18 NPAPI Adobe Refresh Manager Advanced Audio FX Engine Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft MediaImpression 2 ArcSoft Scan-n-Stitch Deluxe Blue's 123 Time Activities Bonjour Canon Utilities Digital Photo Professional Canon Utilities EOS Sample Music Canon Utilities EOS Utility Canon Utilities ImageBrowser EX Canon Utilities PhotoStitch Canon Utilities Picture Style Editor CardRecovery 6.00 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Webcam Central Epson Copy Utility 3.5 Epson Event Manager EPSON Perfection V33/V330 Photo Scanner Driver Update EPSON Scan Google Chrome Google Earth Google Update Helper Image Editor Packages Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software iTunes JMicron Flash Media Controller Driver Learning Lodge Navigator Malwarebytes Anti-Malware version 2.1.8.1057 McAfee Total Protection McAfee Virtual Technician McAfee WebAdvisor Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 MSVC80_x64 MSVC80_x86 MSXML 4.0 SP2 Parser and SDK NVIDIA 3D Vision Driver 340.52 NVIDIA Control Panel 340.52 NVIDIA Graphics Driver 340.52 NVIDIA HD Audio Driver 1.3.26.4 NVIDIA Install Application NVIDIA Network Service NVIDIA Optimus Update 15.3.33 NVIDIA PhysX NVIDIA PhysX System Software 9.13.1220 NVIDIA ShadowPlay 15.3.33 NVIDIA Stereoscopic 3D Driver NVIDIA Update 15.3.33 NVIDIA Update Core NVIDIA Virtual Audio 1.2.23 Pantech Android USB Driver Ver1 Pantech PC Suite PC Connectivity Solution Quickset64 Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver Roxio Burn Samsung PC Studio 7 SamsungConnectivityCableDriver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition Shared C Run-time for x64 SHIELD Streaming Skype Click to Call Skypeâ„¢ 7.4 Spelling Dictionaries Support For Adobe Reader 9 Spotify SUPERAntiSpyware Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VTech Download Agent Library Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) . ==== Event Viewer Messages From Past Week ======== . 8/7/2015 9:26:36 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll 8/7/2015 9:09:30 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 8/7/2015 9:09:21 PM, Error: Service Control Manager [7001] - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service. 8/7/2015 9:09:21 PM, Error: Service Control Manager [7000] - The Base Filtering Engine service failed to start due to the following error: The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service. 8/7/2015 9:09:11 PM, Error: Service Control Manager [7000] - The Security Center service failed to start due to the following error: A required privilege is not held by the client. 8/7/2015 9:09:09 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service. 8/7/2015 9:09:06 PM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service. 8/7/2015 8:10:46 PM, Error: Service Control Manager [7034] - The Intel® Management & Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:46 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/7/2015 8:10:44 PM, Error: Service Control Manager [7034] - The ServiceLayer service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:44 PM, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:44 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/7/2015 8:10:40 PM, Error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:39 PM, Error: Service Control Manager [7034] - The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:39 PM, Error: Service Control Manager [7034] - The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:39 PM, Error: Service Control Manager [7034] - The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:39 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/7/2015 8:10:38 PM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:38 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:38 PM, Error: Service Control Manager [7034] - The ArcSoft Connect Daemon service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:38 PM, Error: Service Control Manager [7034] - The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:38 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:38 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/7/2015 8:10:37 PM, Error: Service Control Manager [7034] - The ABBYY FineReader 9.0 Sprint Licensing Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:37 PM, Error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 8/7/2015 8:10:36 PM, Error: Service Control Manager [7034] - The Realtek Audio Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:36 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:10:36 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 8:09:23 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed. 8/7/2015 8:06:03 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 8/7/2015 8:06:03 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 8/7/2015 8:05:20 PM, Error: Service Control Manager [7000] - The Update Deal Keeper service failed to start due to the following error: The system cannot find the file specified. 8/7/2015 8:05:19 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 8/7/2015 8:05:18 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 8/7/2015 8:05:17 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 8/7/2015 8:02:33 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/7/2015 8:02:33 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/7/2015 8:02:33 PM, Error: Service Control Manager [7031] - The Update Deal Keeper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 8/7/2015 8:02:33 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/7/2015 8:02:33 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/7/2015 7:57:06 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 8/7/2015 7:57:06 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: An instance of the service is already running. 8/7/2015 7:56:36 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/7/2015 7:56:23 PM, Error: Service Control Manager [7034] - The vToolbarUpdater18.1.7 service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 7:56:23 PM, Error: Service Control Manager [7034] - The vToolbarUpdater14.2.0 service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 7:56:20 PM, Error: Service Control Manager [7034] - The Skype Click to Call Updater service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 7:56:20 PM, Error: Service Control Manager [7034] - The Skype Click to Call PNR Service service terminated unexpectedly. It has done this 1 time(s). 8/7/2015 7:56:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. . ==== End Of File ===========================
  9. Junkware Removal Tool (JRT) by Malwarebytes Version: 7.5.5 (08.05.2015:1) OS: Windows 7 Home Premium x64 Ran by Kellee on Fri 08/07/2015 at 20:09:21.42 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully deleted: [service] Update Deal Keeper [Reboot required] ~~~ Tasks Successfully deleted: [Task] C:\Windows\system32\tasks\0 ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E9A3A2BA-F88D-4D82-A5CA-B1A1C2C4527A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Deal Keeper ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Kellee\Appdata\Local\{0e9b327c-7be3-b5e1-9094-7cb8f3b2c40b} Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers ~~~ Chrome [C:\Users\Kellee\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Kellee\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Kellee\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Kellee\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 08/07/2015 at 20:14:56.05 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. # AdwCleaner v4.208 - Logfile created 07/08/2015 at 19:56:30 # Updated 09/07/2015 by Xplode # Database : 2015-08-01.1 [server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Kellee - KELLEE-PC # Running from : C:\Users\Kellee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTWFYOR6\adwcleaner_4.208.exe # Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : swdumon [#] Service Deleted : vToolbarUpdater14.2.0 [#] Service Deleted : vToolbarUpdater18.1.7 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Program Files (x86)\Astromenda Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\Deal Keeper Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Users\Jonathan\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Jonathan\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Kellee\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Kellee\AppData\Local\Conduit Folder Deleted : C:\Users\Kellee\AppData\Local\DownloadManager Folder Deleted : C:\Users\Kellee\AppData\Local\slimware utilities inc Folder Deleted : C:\Users\Kellee\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Kellee\AppData\LocalLow\Delta Folder Deleted : C:\Users\Kellee\AppData\Roaming\Astromenda Folder Deleted : C:\Users\Kellee\AppData\Roaming\BabSolution Folder Deleted : C:\Users\Kellee\AppData\Roaming\DigitalSites Folder Deleted : C:\Users\Kellee\AppData\Roaming\DSite Folder Deleted : C:\Users\Kellee\AppData\Roaming\Systweak Folder Deleted : C:\Users\Kellee\AppData\Roaming\ValueApps Folder Deleted : C:\Users\Kellee\AppData\Roaming\catalina – print savings Folder Deleted : C:\Users\Kellee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings Folder Deleted : C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd Folder Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj Folder Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmfnfnpmhcllokmkepffndflpnadjmma_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khongjfjjmklggionajlpjcpmnppdace_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khongjfjjmklggionajlpjcpmnppdace_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oldchfemoapgakfjnmbngnljnkoapbhd_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oldchfemoapgakfjnmbngnljnkoapbhd_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lladpgmmlijbmhfknhgkenkhikoaapmj_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lladpgmmlijbmhfknhgkenkhikoaapmj_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hpljfflibaokjcndmchkfjalpjjblioc_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hpljfflibaokjcndmchkfjalpjjblioc_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_efbkdhmfnmnmfimllbjamfodcoanhmdd_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_efbkdhmfnmnmfimllbjamfodcoanhmdd_0.localstorage-journal File Deleted : C:\END File Deleted : C:\Windows\System32\sasnative64.exe File Deleted : C:\Windows\System32\drivers\swdumon.sys File Deleted : C:\Users\Kellee\AppData\Local\FastDiscountz.crx File Deleted : C:\Users\Kellee\AppData\Local\RealSummerSale.crx File Deleted : C:\Users\Kellee\AppData\Roaming\WBPU-TTL.DAT File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.babylon.com_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.babylon.com_0.localstorage-journal File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage File Deleted : C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal ***** [ Scheduled tasks ] ***** Task Deleted : Advanced System Protector Task Deleted : Advanced System Protector_startup Task Deleted : Astromenda Task Deleted : Dealply Task Deleted : Digital Sites Task Deleted : DSite Task Deleted : LaunchSignup Task Deleted : Optimizer Pro Schedule Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKCU\Software\Google\Chrome\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd Key Deleted : HKCU\Software\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj Key Deleted : HKCU\Software\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\5955dd8cbd3abf49 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1EC8187A-6435-44E3-BBE4-6CE6D3C69254} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\02D55B4908134F10827803A2B521B3D3 Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01D5553F-6A9B-48EE-B1FE-41470995CB26} Key Deleted : HKCU\Software\Astromenda Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BABSOLUTION Key Deleted : HKCU\Software\Deal Keeper Key Deleted : HKCU\Software\dsiteproducts Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\SlimWare Utilities Inc Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\AVG Secure Search Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Deal Keeper Key Deleted : HKLM\SOFTWARE\InstallCore Key Deleted : HKLM\SOFTWARE\systweak Key Deleted : HKLM\SOFTWARE\Wajam Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Astromenda Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB} Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deal Keeper Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\playsushi.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49713;hxxps=127.0.0.1:49713 Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1 Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback> Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v44.0.2403.130 [C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms} [C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={22A018A5-01DF-44CB-A93E-503C8B5D994E}&mid=2e2364bee32147d09422f135c9d5edeb-c356511aacac4524d786478c0fa0d1e38bad60eb〈=en&ds=ts024&pr=sa&d=2012-06-02 20:23:35&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms} [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss&mntrId=2C3EF04DA25EDEA7 [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss_din2g&mntrId=2C3EF04DA25EDEA7 [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_app_14_49_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtByD0E0D0E0AyBzyyC0CzztN0D0Tzu0SzyyEzztN1L2XzutBtFtBtCtFtCzztFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEyB0EyByE0EyDtG0EtA0D0CtG0B0A0B0EtGzyyC0AzztGtDtBzz0AyBtC0DtAtA0CtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzy0Ezz0C0DzztDtGtC0FtCyEtGyEyBzztBtGyCyC0CyBtGtAtC0CyD0ByEtA0EtDyBzzzy2Q&cr=1143838505&ir= [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : oldchfemoapgakfjnmbngnljnkoapbhd [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : lladpgmmlijbmhfknhgkenkhikoaapmj [C:\Users\Kellee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : efbkdhmfnmnmfimllbjamfodcoanhmdd ************************* AdwCleaner[R0].txt - [18634 bytes] - [07/08/2015 19:43:38] AdwCleaner[s0].txt - [17980 bytes] - [07/08/2015 19:56:30] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [18040 bytes] ##########