Support.emsisoft.com

ib-adnx.com trojan in AOL browser (not IE/Chrome)

2014-10-09

running win 8.1 64 bit on an ASUS, problem is in aol 9.6 -- constant ib-adnx.com popups. tried hitman, hijack this, rogue killer, JRT, malwarebytes, adwcleaner, you name it -- still comes back. HELP!!!

downloaded all the files, here's the logs:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01

Ran by Sara (administrator) on ASUS2 on 09-10-2014 01:56:23

Running from D:\Downloads

Loaded Profile: Sara (Available profiles: Sara)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe

(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

() C:\flashpaste\FlashPaste.exe

(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Dropbox, Inc.) C:\Users\Sara\AppData\Roaming\Dropbox\bin\Dropbox.exe

(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1407987350\ee\aolsoftware.exe

(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSPanel.exe

() C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

(AOL Inc.) C:\aol_9.6\waol.exe

(AOL Inc.) C:\aol_9.6\shellmon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe

(AOL Inc.) C:\aol_9.6\AOLBrowser\aolbrowser.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-21] (Intel Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-29] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)

HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1407987350\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [Flashpaste] => C:\flashpaste\flashpaste.exe [352256 2006-05-10] ()

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-14] (Siber Systems)

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [SkyDrive] => C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-08] (Microsoft Corporation)

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [AOL Fast Start] => C:\aol_9.6\AOL.EXE [42320 2011-04-25] (AOL Inc.)

HKU\S-1-5-21-3234696516-3079351154-532293947-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Sara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Reminders - Check.lnk

ShortcutTarget: Reminders - Check.lnk -> C:\reminder\reminder.exe ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)

BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)

BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)

BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)

Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Hosts: 127.0.0.1 localhost

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:

========

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-10-07]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-07]

Chrome:

=======

CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Entanglement Web App) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-08-13]

CHR Extension: (Google Docs) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-13]

CHR Extension: (Google Drive) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-13]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-13]

CHR Extension: (YouTube) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-13]

CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2014-08-13]

CHR Extension: (Google Search) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-13]

CHR Extension: (Google Calendar) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-08-13]

CHR Extension: (SiteAdvisor) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-08]

CHR Extension: (AdBlock) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-13]

CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-08-13]

CHR Extension: (Slinky Classic) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjhlpgahgkpncekpdkgfoeppikldble [2014-10-07]

CHR Extension: (Coupons at Checkout) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegphgaihkjoophpabchkmpaknehfamb [2014-08-13]

CHR Extension: (HuffingtonPost NewsGlide) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjialelnkjdomiblmnpcpjongleegef [2014-08-13]

CHR Extension: (PlayOn) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-08-14]

CHR Extension: (Poppit!) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-08-13]

CHR Extension: (Ghostery) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-08-13]

CHR Extension: (Save to Pocket) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-10-08]

CHR Extension: (Google Wallet) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-13]

CHR Extension: (The Huffington Post) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflealpdpfgibekadpjikgfmiphhdkdg [2014-08-13]

CHR Extension: (Read Your AOL Mail) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\phgdojkomekmnemlclopfjlmbamhnafp [2014-08-13]

CHR Extension: (Gmail) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-13]

CHR Extension: (RoboForm) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-08-14]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-08]

CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-06-13]

CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-08-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)

R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]

R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-04-21] (Intel Corporation)

R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-21] (Intel Corporation)

R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-04-21] (Intel Corporation)

R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-04-21] (Intel Corporation)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)

R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)

S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-14] (Microsoft Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

S3 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5761328 2014-08-06] (MediaMall Technologies, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)

R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)

R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [184168 2014-05-20] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-14] (Microsoft Corporation)

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)

S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-14] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-05-28] (ASUS Corporation)

R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)

U4 BthAvrcpTg; No ImagePath

U4 BthHFEnum; No ImagePath

U4 bthhfhid; No ImagePath

R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)

R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-21] (Intel Corporation)

R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-21] (Intel Corporation)

R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-04-21] (Intel Corporation)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [32512 2014-10-09] ()

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)

R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [67808 2014-05-20] (Mozy, Inc.)

R3 msvad_simple; C:\Windows\system32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)

R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-09] ()

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 01:57 - 2014-10-09 01:57 - 00000757 _____ () C:\Users\Sara\Desktop\Start Emsisoft Emergency Kit.lnk

2014-10-09 01:56 - 2014-10-09 01:56 - 00000000 ____D () C:\FRST

2014-10-09 01:56 - 2014-10-09 01:56 - 00000000 ____D () C:\EEK

2014-10-09 01:39 - 2014-10-09 01:39 - 00034808 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys

2014-10-09 01:39 - 2014-10-09 01:39 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-10-09 01:24 - 2014-10-09 01:24 - 00000000 ____D () C:\Users\Public\CyberLink

2014-10-09 01:23 - 2014-10-09 01:23 - 00000000 ____D () C:\Users\Sara\Documents\CyberLink

2014-10-09 01:23 - 2014-10-09 01:23 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\CyberLink

2014-10-09 01:23 - 2014-10-09 01:23 - 00000000 ____D () C:\Users\Sara\AppData\Local\Cyberlink

2014-10-09 01:23 - 2014-10-09 01:23 - 00000000 ____D () C:\ProgramData\CyberLink

2014-10-09 01:14 - 2014-10-09 01:14 - 00040858 _____ () C:\WINDOWS\PFRO.log

2014-10-09 01:06 - 2014-10-09 01:06 - 00032512 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys

2014-10-08 23:56 - 2014-10-08 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-10-08 23:56 - 2014-10-08 23:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-10-08 23:56 - 2014-10-08 23:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-10-08 20:33 - 2014-10-09 01:41 - 00525211 _____ () C:\WINDOWS\WindowsUpdate.log

2014-10-08 07:23 - 2014-10-08 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-10-08 03:02 - 2014-10-08 03:04 - 00002820 _____ () C:\Users\Sara\Desktop\Rkill.txt

2014-10-08 02:50 - 2014-10-08 02:50 - 00000749 _____ () C:\Users\Sara\Desktop\JRT.txt

2014-10-08 02:36 - 2014-10-08 02:43 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-10-08 02:24 - 2014-10-09 01:29 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-10-08 02:24 - 2014-10-08 02:24 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-08 02:24 - 2014-10-08 02:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-08 02:24 - 2014-10-08 02:24 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-10-08 02:24 - 2014-10-08 02:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-08 02:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-10-08 02:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-10-08 02:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-10-08 02:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-10-08 02:01 - 2014-10-09 01:12 - 00000000 ____D () C:\AdwCleaner

2014-10-08 02:01 - 2014-10-08 02:01 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-10-08 01:58 - 2014-10-08 23:02 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6655550B-A147-4C6B-AAD0-37952F4B44E8}

2014-10-08 01:58 - 2014-10-08 01:58 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieUserList

2014-10-08 01:58 - 2014-10-08 01:58 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieSiteList

2014-10-08 01:19 - 2014-10-08 01:19 - 00000000 ____D () C:\pending

2014-10-07 23:50 - 2014-10-07 23:50 - 00001934 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk

2014-10-07 23:50 - 2014-10-07 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-10-07 23:50 - 2014-10-07 23:50 - 00000000 ____D () C:\Program Files (x86)\McAfeeMOBK

2014-10-07 23:49 - 2014-10-07 23:50 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup

2014-10-07 23:49 - 2014-10-07 23:49 - 00000000 ____D () C:\Program Files (x86)\McAfee Online Backup

2014-10-07 23:49 - 2014-05-20 08:21 - 00067808 _____ (Mozy, Inc.) C:\WINDOWS\system32\Drivers\MOBK.sys

2014-10-07 23:49 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

2014-10-07 23:48 - 2014-10-07 23:48 - 00000000 ____D () C:\Program Files (x86)\McAfee.com

2014-10-07 23:47 - 2014-10-08 02:06 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-10-07 23:47 - 2014-10-07 23:47 - 00000000 ____D () C:\Program Files\McAfee.com

2014-10-07 23:43 - 2014-10-07 23:49 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2014-10-07 23:43 - 2014-07-18 09:01 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe

2014-10-07 23:33 - 2014-09-22 02:42 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2014-10-07 20:00 - 2014-10-07 20:00 - 00000000 ____D () C:\ProgramData\WEBREG

2014-10-07 19:57 - 2014-10-07 20:01 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\HP

2014-10-07 19:56 - 2014-10-07 19:56 - 00000000 ____D () C:\Users\Sara\AppData\Local\HP

2014-10-07 19:55 - 2014-09-02 16:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-10-07 19:55 - 2014-09-02 16:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-07 19:33 - 2014-10-07 19:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-10-07 19:31 - 2014-10-07 19:31 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk

2014-10-07 19:31 - 2014-10-07 19:31 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\HpUpdate

2014-10-07 19:29 - 2014-10-07 19:29 - 00000000 ____D () C:\ProgramData\HP Product Assistant

2014-10-07 19:28 - 2014-10-07 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2014-10-07 19:28 - 2014-10-07 19:28 - 00001343 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk

2014-10-07 19:28 - 2014-10-07 19:28 - 00001337 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk

2014-10-07 19:27 - 2014-10-07 19:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool

2014-10-07 19:20 - 2008-07-24 11:55 - 00131072 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpz3l58a.dll

2014-10-07 19:16 - 2014-10-07 20:00 - 00228552 _____ () C:\WINDOWS\hpwins05.dat

2014-10-07 19:16 - 2014-10-07 20:00 - 00001268 _____ () C:\ProgramData\hpzinstall.log

2014-10-07 19:16 - 2012-10-15 12:00 - 00003349 ____N () C:\WINDOWS\hpwmdl05.dat

2014-10-07 19:15 - 2014-10-07 19:57 - 00000000 ____D () C:\ProgramData\HP

2014-10-07 19:15 - 2012-08-23 15:22 - 01424896 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwtiop2.dll

2014-10-07 19:15 - 2010-02-18 08:18 - 00861184 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpwwiax2.dll

2014-10-07 19:15 - 2010-02-18 08:18 - 00540672 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll

2014-10-07 19:15 - 2010-02-18 08:18 - 00488960 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst11.dll

2014-10-07 19:15 - 2010-02-18 08:18 - 00338944 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzids40.dll

2014-10-07 19:12 - 2014-08-15 22:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-10-07 19:12 - 2014-08-15 22:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-10-07 19:12 - 2014-08-15 22:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-10-07 19:12 - 2014-08-15 22:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-10-07 19:12 - 2014-08-15 21:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-10-07 19:12 - 2014-08-15 21:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-10-07 19:12 - 2014-08-15 21:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-10-07 19:12 - 2014-08-15 21:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-10-07 19:12 - 2014-08-15 21:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-10-07 19:12 - 2014-08-15 21:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-10-07 19:12 - 2014-08-15 21:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-10-07 19:12 - 2014-08-15 21:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-10-07 19:12 - 2014-08-15 21:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-10-07 19:12 - 2014-08-15 21:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-10-07 19:12 - 2014-08-15 21:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-10-07 19:12 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-10-07 19:12 - 2014-08-15 21:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-10-07 19:12 - 2014-08-15 21:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-10-07 19:12 - 2014-08-15 21:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-10-07 19:12 - 2014-08-15 21:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-10-07 19:12 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-10-07 19:12 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-07 19:12 - 2014-08-15 20:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-10-07 19:12 - 2014-08-15 20:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-10-07 19:12 - 2014-08-15 20:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-10-07 19:12 - 2014-08-15 20:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-10-07 19:12 - 2014-08-15 20:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-10-07 19:12 - 2014-08-15 20:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-10-07 19:12 - 2014-08-15 20:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-10-07 19:12 - 2014-08-15 20:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-10-07 19:12 - 2014-08-15 20:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-10-07 19:12 - 2014-08-15 20:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-10-07 19:12 - 2014-08-15 20:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-10-07 19:12 - 2014-08-15 20:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-10-07 19:12 - 2014-08-15 20:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-10-07 19:11 - 2014-10-09 00:54 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-10-07 19:11 - 2014-10-07 19:11 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-10-07 19:11 - 2014-10-07 19:11 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-07 19:09 - 2014-10-07 19:09 - 00000000 ____D () C:\ProgramData\Hewlett-Packard

2014-10-07 19:08 - 2014-10-07 19:31 - 00000000 ____D () C:\Program Files (x86)\Hp

2014-10-07 19:08 - 2014-10-07 19:08 - 00000000 ____D () C:\Users\Sara\AppData\Local\Hewlett-Packard

2014-10-07 19:08 - 2014-10-07 19:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard

2014-10-07 19:04 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2014-10-07 19:04 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2014-10-07 19:04 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2014-10-07 19:04 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2014-10-07 19:04 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-10-07 19:04 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-10-07 19:04 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-10-07 19:04 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-10-07 19:04 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-10-07 19:04 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2014-10-07 19:04 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll

2014-10-07 19:03 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2014-10-07 19:03 - 2014-09-04 22:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-10-07 19:03 - 2014-09-04 20:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-10-07 19:03 - 2014-08-22 20:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-10-07 19:03 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2014-10-07 19:03 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-10-07 19:02 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll

2014-10-07 19:02 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

2014-10-07 18:54 - 2014-10-07 18:54 - 00001304 _____ () C:\Users\Public\Desktop\WebStorage.lnk

2014-10-07 18:50 - 2014-10-07 18:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 01:49 - 2014-08-13 23:44 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-09 01:21 - 2014-08-13 23:51 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\WebStorage

2014-10-09 01:20 - 2014-08-13 22:57 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3234696516-3079351154-532293947-1001

2014-10-09 01:18 - 2014-08-13 22:50 - 00000062 _____ () C:\Users\Sara\AppData\Roaming\sp_data.sys

2014-10-09 01:17 - 2014-08-14 06:05 - 00000000 __RDO () C:\Users\Sara\OneDrive

2014-10-09 01:17 - 2014-08-13 23:44 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-09 01:17 - 2013-03-22 13:00 - 00000835 _____ () C:\WINDOWS\SysWOW64\bscs.ini

2014-10-09 01:16 - 2014-08-13 23:58 - 00000000 ___RD () C:\Users\Sara\Google Drive

2014-10-09 01:16 - 2014-08-13 23:57 - 00000000 ___RD () C:\Users\Sara\Dropbox

2014-10-09 01:16 - 2014-08-13 23:54 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Dropbox

2014-10-09 01:16 - 2013-08-20 23:32 - 00004268 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI

2014-10-09 01:14 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-10-09 01:14 - 2013-08-20 23:32 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI

2014-10-09 01:13 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-10-09 01:12 - 2014-08-14 05:31 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-10-09 01:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-10-09 00:57 - 2014-08-14 00:11 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\PhotoScape

2014-10-08 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-10-08 23:24 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-10-08 21:25 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-10-08 16:29 - 2013-05-01 05:37 - 00000000 ____D () C:\ProgramData\McAfee

2014-10-08 16:27 - 2014-08-14 04:10 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1

2014-10-08 16:27 - 2013-08-20 23:37 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2

2014-10-08 07:23 - 2014-08-13 23:53 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-10-08 07:23 - 2014-08-13 23:53 - 00000000 ____D () C:\Program Files\CCleaner

2014-10-08 03:59 - 2014-08-14 00:26 - 00003534 _____ () C:\WINDOWS\System32\Tasks\Open URL by RoboForm

2014-10-08 03:25 - 2014-08-13 23:31 - 00000000 ____D () C:\checkbook

2014-10-08 02:28 - 2014-08-13 22:49 - 00000000 ____D () C:\Users\Sara\AppData\Local\VirtualStore

2014-10-08 01:50 - 2014-03-18 06:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-10-08 01:31 - 2014-08-14 07:57 - 00000000 ____D () C:\Users\Sara

2014-10-08 01:22 - 2014-08-13 22:56 - 00000000 ____D () C:\Users\Sara\Documents\$$$

2014-10-08 01:01 - 2014-08-14 22:03 - 00000000 ____D () C:\Users\Sara\Documents\azzCardfile Files

2014-10-07 23:49 - 2013-05-01 05:37 - 00000000 ____D () C:\Program Files\mcafee

2014-10-07 23:48 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-10-07 23:33 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-10-07 23:31 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated

2014-10-07 19:55 - 2012-07-26 01:26 - 00000234 _____ () C:\WINDOWS\win.ini

2014-10-07 19:53 - 2013-08-22 10:44 - 00540576 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-10-07 19:51 - 2014-08-14 22:06 - 00000000 ____D () C:\ProgramData\MediaMall

2014-10-07 19:51 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-10-07 19:34 - 2014-08-14 11:48 - 00000000 ___DC () C:\WINDOWS\Panther

2014-10-07 19:30 - 2014-08-14 02:19 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-10-07 19:21 - 2014-08-14 02:19 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-10-07 19:11 - 2013-05-01 05:34 - 00000000 ____D () C:\ProgramData\Adobe

2014-10-07 19:09 - 2014-08-13 23:00 - 00000000 ____D () C:\Users\Sara\Documents\traducs

2014-10-07 19:00 - 2014-08-13 22:57 - 00000000 ___RD () C:\Users\Sara\Documents\ASG

2014-10-07 18:54 - 2013-05-01 05:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2014-10-07 18:47 - 2014-08-13 23:57 - 00001065 _____ () C:\Users\Sara\Desktop\Dropbox.lnk

2014-10-07 18:47 - 2014-08-13 23:56 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS

Some content of TEMP:

====================

C:\Users\Sara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppxbaez.dll

C:\Users\Sara\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-08 23:18

==================== End Of Log ============================

addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01

Ran by Sara at 2014-10-09 01:57:31

Running from D:\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

7500_7600_7700_Help1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

AceMoney Lite (HKLM-x32\...\AceMoney Lite_is1) (Version: - MechCAD Software)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.3 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)

ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.5 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS)

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)

ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0029 - ASUS)

Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden

azzCardfile 4.1 (HKLM-x32\...\azzCardfile_is1) (Version: - Antanas Zdramys)

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)

bpd_scan_Carrier (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)

CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )

Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)

Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden

Flashpaste Lite 3.5 (HKLM-x32\...\Flashpaste Lite) (Version: 3.5 - Softvoile)

Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)

Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP OfficeJet L7300/L7500/7600/7700 (HKLM\...\{E6A512D4-E5FB-4D42-8E83-D87F3A760802}) (Version: 14.0 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden

Jigsaw Puzzle Lite (HKLM-x32\...\Jigsaw Puzzle Lite) (Version: - )

KraiSoft Games Launcher (HKLM-x32\...\KraiSoft Games Launcher) (Version: - )

L7600 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)

McAfee Online Backup (Version: 2.26.1.386 - McAfee, Inc.) Hidden

McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden

McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft C