Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Help removing search engines from Chrome launch

This is a discussion on Help removing search engines from Chrome launch within the Resolved HJT Threads forums, part of the Tech Support Forum category. Every time I launch Chrome in Windows 8 I am greeted with two AVG search tabs and one MSN tab.


 
 
Thread Tools Search this Thread
Old 06-30-2014, 05:57 AM   #1
Registered Member
 
Join Date: Apr 2005
Location: United States
Posts: 272
OS: Windows 7 & 8


Mistake

Every time I launch Chrome in Windows 8 I am greeted with two AVG search tabs and one MSN tab. I want none of those and I can't find where they are set in Chrome. Is this some sort of trojan that installed them? How do I get rid of them so I just launch with a blank tab?
bauhsoj is offline  
Sponsored Links
Advertisement
 
Old 07-01-2014, 12:43 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Copy/paste the following into your Chrome browser address bar and press Enter:

chrome://settings/searchEngines

Remove any unwanted search engines by clicking the X next to them.

Exit chrome://settings and re-launch Chrome. Any joy?

---------------------------------------------------

If you still have problems...

We want all our members to perform the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post/attach the logs in your next reply.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 07-01-2014, 12:56 PM   #3
Registered Member
 
Join Date: Apr 2005
Location: United States
Posts: 272
OS: Windows 7 & 8



I did: chrome://settings/searchEngines

Those aren't in the list. Where else could they be hiding?
bauhsoj is offline  
Sponsored Links
Advertisement
 
Old 07-01-2014, 03:19 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Please follow the rest of the instructions. If you have trouble...

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 07-03-2014, 04:13 PM   #5
Registered Member
 
Join Date: Apr 2005
Location: United States
Posts: 272
OS: Windows 7 & 8



Files are attached. Thanks for your help!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Me (administrator) on ME-PC on 03-07-2014 18:49:26
Running from C:\Users\Me\Downloads
Platform: Windows 8 Pro (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
() C:\Ampps\mysql\bin\mysqld.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Pokki) C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Pokki) C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe
(Pokki) C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe
(Pokki) C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe
(Pokki) C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Users\Me\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(RingCentral, Inc.) C:\Program Files\RingCentral\RingCentral Softphone\RCHotKey.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Ditto\Ditto.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Mindjet\MindManager 14\MmDesignPartner.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Google Inc.) C:\Users\Me\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(RingCentral, Inc.) C:\Program Files\RingCentral\RingCentral Softphone\RCUI.exe
(Google Inc.) C:\Users\Me\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Skillbrains) C:\Users\Me\AppData\Local\Skillbrains\lightshot\5.1.4.2\Lightshot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Screenhero, Inc.) C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Awesomium Technologies) C:\Windows\Microsoft.NET\assembly\GAC_32\Awesomium.Core\v4.0_1.7.3.0__e1a0d7c8071a5214\awesomium_process
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 14\MmReminderService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Dropbox, Inc.) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Klok2\Klok2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(JetBrains s.r.o.) C:\Program Files (x86)\JetBrains\PhpStorm 7.1.3\bin\PhpStorm.exe
(JetBrains s.r.o.) C:\Program Files (x86)\JetBrains\PhpStorm 7.1.3\bin\fsnotifier.exe
() C:\Ampps\Ampps.exe
(Apache Software Foundation) C:\Ampps\apache\bin\httpd.exe
(Apache Software Foundation) C:\Ampps\apache\bin\httpd.exe
(tortoisegit - Windows Shell Interface to Git - Google Project Hosting) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(BitTorrent Inc.) C:\Users\Me\AppData\Roaming\uTorrent\uTorrent.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Workbench 6.1 CE\MySQLWorkbench.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\JetBrains\PhpStorm 7.1.3\lib\libpty\win\x86\winpty-agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Just Great Software) C:\Program Files\Just Great Software\EditPad Pro 7\EditPadPro7.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Me\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
() C:\Program Files (x86)\Quicken\qw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3774776 2014-01-16] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [42312 2013-09-06] (Mindjet)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [SkyDrive] => C:\Users\Me\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251048 2014-06-20] (Microsoft Corporation)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [Pokki] => C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [RCHotKey] => C:\Program Files\RingCentral\RingCentral Softphone\RCHotKey.exe [37680 2014-04-08] (RingCentral, Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [uTorrent] => C:\Users\Me\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-01] (BitTorrent Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [E6C4481A9B084FE1B3EB9EC91C222D33E33A27B3._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] ()
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [MmDesignPartner.exe] => C:\Program Files (x86)\Mindjet\MindManager 14\MmDesignPartner.exe [13632 2013-09-06] ()
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [Google Update] => C:\Users\Me\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-02] (Google Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [RCUI] => C:\Program Files\RingCentral\RingCentral Softphone\RCUI.exe [767792 2014-04-08] (RingCentral, Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [LightShot] => C:\Users\Me\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\Run: [Screenhero] => C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.stub.exe [131584 2014-06-17] ()
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\RunOnce: [Application Restart #2] - C:\Users\Me\AppData\Local\Pokki\Engine\pokki.exe [8252744 2013-11-01] (Pokki)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\MountPoints2: {48c5cfcf-888d-11e2-be7d-0022151b0d33} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\MountPoints2: {74ed1c40-376e-11e2-be6a-0022151b0d33} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\MountPoints2: {83960fdb-8425-11e2-be7c-0022151b0d33} - "G:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\MountPoints2: {eeeb2810-3a90-11e2-be6a-0022151b0d33} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\TL-Bootstrap.exe
HKU\S-1-5-21-2936943840-1575939931-1160276912-1000\...\MountPoints2: {f17de571-344c-11e3-be9f-0022151b0d33} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [SkyDrive] => C:\Users\Me\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251048 2014-06-20] (Microsoft Corporation)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [Pokki] => C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [RCHotKey] => C:\Program Files\RingCentral\RingCentral Softphone\RCHotKey.exe [37680 2014-04-08] (RingCentral, Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [uTorrent] => C:\Users\Me\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-01] (BitTorrent Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [E6C4481A9B084FE1B3EB9EC91C222D33E33A27B3._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] ()
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {48c5cfcf-888d-11e2-be7d-0022151b0d33} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {74ed1c40-376e-11e2-be6a-0022151b0d33} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {83960fdb-8425-11e2-be7c-0022151b0d33} - "G:\MotoCastSetup.exe" -a
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {a6a4fab6-6efb-11e2-be67-806e6f6e6963} - "I:\SETUP.EXE"
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {eeeb2810-3a90-11e2-be6a-0022151b0d33} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\TL-Bootstrap.exe
HKU\S-1-5-21-2936943840-1575939931-1160276912-1007\...\MountPoints2: {f17de571-344c-11e3-be9f-0022151b0d33} - "F:\VZW_Software_upgrade_assistant.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Klok2.lnk
ShortcutTarget: Klok2.lnk -> C:\Program Files (x86)\Klok2\Klok2.exe ()
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Paymo.lnk
ShortcutTarget: Paymo.lnk -> C:\Program Files (x86)\Paymo\Paymo.exe (Logic Design LLC)
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PaymoPlus.lnk
ShortcutTarget: PaymoPlus.lnk -> C:\Program Files (x86)\PaymoPlus\PaymoPlus.exe (Paymo LLC)
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Users\Me\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (TortoiseSVN - Home)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk /m /f \Device\HarddiskVolume10autocheck autochk *

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.com/
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM-x32 - Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - No File
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2.hp.com/CSMWeb/Cu...ataManager.CAB
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin - C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Me\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin - C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Me\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Me\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Me\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Me\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper - C:\Users\Me\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Me\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Me\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Me\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: DOM Inspector - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-04-20]
FF Extension: Pocket - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-06-27]
FF Extension: LastPass - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-11-26]
FF Extension: iMacros for Firefox - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2013-11-26]
FF Extension: Live HTTP Headers - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-02-04]
FF Extension: DownThemAll! AntiContainer - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Flash Video Downloader - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Extension List Dumper - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: feedly - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Firebug - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: CodeBurner for Firebug - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Firefinder for Firebug - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Shareaholic - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Firepicker - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Greasefire - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Research Word - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: SEO Status PageRank/Alexa Toolbar - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Illuminations for Developers - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: UnPlug - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: YSlow - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\[email protected] [2013-02-04]
FF Extension: Session Manager - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-02-04]
FF Extension: PictuTools - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{41e00859-3a98-4c4c-8292-2de820be3ffa}.xpi [2013-02-04]
FF Extension: HTTPS Finder - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi [2013-02-04]
FF Extension: FireFTP - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-02-04]
FF Extension: Web Developer - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-02-04]
FF Extension: JSView - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{cf15270e-cf08-4def-b4ea-6a5ac23f3bca}.xpi [2013-02-04]
FF Extension: DownThemAll! - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-02-04]
FF Extension: Greasemonkey - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\iqcs2mse.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-02-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-30]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://mysearch.avg.com?cid={E1AC6211-5200-4C23-8A04-7AC74939142C}&mid=820a224b5c9147d3aa12d967196f1f05-33883b41e834b55b05c9d4d40248dd57989997f4&lang=en&ds=gf011&coid=avgtbdisgf&cmpid=&pr=sa&d=2014-02-07 20:16:34&v=17.3.1.204&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={E1AC6211-5200-4C23-8A04-7AC74939142C}&mid=820a224b5c9147d3aa12d967196f1f05-33883b41e834b55b05c9d4d40248dd57989997f4&lang=en&ds=gf011&coid=avgtbdisgf&cmpid=&pr=sa&d=2014-02-07 20:16:34&v=18.1.5.512&pid=safeguard&sg=&sap=hp", "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (SumatraPDF Browser Plugin) - C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon Bünzli)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Pokki Download Helper) - C:\Users\Me\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\SysWOW64\npDeployJava1.dll No File
CHR Extension: (DHC - REST HTTP API Client) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2013-08-22]
CHR Extension: (Duolingo) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-08-27]
CHR Extension: (Regex Scraper) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjalgjglcdpomokfhgcmononebebioc [2014-05-13]
CHR Extension: (Google Docs) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-22]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2014-01-24]
CHR Extension: (Google Drive) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-22]
CHR Extension: (Sexy Undo Close Tab) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg [2013-09-16]
CHR Extension: (MindMeister) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2013-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Web Developer) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2013-08-22]
CHR Extension: (Redbooth (formerly Teambox)) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgecckpiojpahjlndlofcljgacdfkifk [2013-11-06]
CHR Extension: (Vuru) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjkomipldgcookljbkgffaegdaaohllb [2013-09-12]
CHR Extension: (YouTube) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-22]
CHR Extension: (Google+ Notifications) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2013-09-12]
CHR Extension: (Post Editor for Google+™) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbakmdapinjpiabkbdgmpenllifmij [2014-03-15]
CHR Extension: (Adblock Plus) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-12]
CHR Extension: (Todoist for Gmail) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2013-11-12]
CHR Extension: (RegExp Tester App) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmmblmkfaijaadfjapjddbeaoffeccib [2013-11-06]
CHR Extension: (REST Console) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokgbflfommojglbmbpenpphppikmonn [2013-08-22]
CHR Extension: (Google Search) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-22]
CHR Extension: (Search by Image (by Google)) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-03-27]
CHR Extension: (Tampermonkey) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-08-22]
CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\djejicklhojeokkfmdelnempiecmdomj [2013-09-12]
CHR Extension: (Google+) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-01-09]
CHR Extension: (Clockwork) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmggabnehkmmfmdffgajcflpdjlnoemp [2014-05-02]
CHR Extension: (Xdebug helper) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2014-04-21]
CHR Extension: (Session Buddy) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2013-08-27]
CHR Extension: (Mahjongg) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegpopcingfghbompjfejakfeaolmbop [2013-08-27]
CHR Extension: (XV — XML Viewer) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocglpgjdpaefaedpblffpeebgmgddk [2014-05-12]
CHR Extension: (SEO SERP Workbench) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2013-08-27]
CHR Extension: (Google Calendar) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-08-22]
CHR Extension: (WealthLift Stock Discussions) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\enfpiijokglpdmcjcfkcdgbboebhkplb [2014-01-24]
CHR Extension: (JavaScript Editor) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhkeonpomkliaedmafeniofidolfmdd [2013-11-06]
CHR Extension: (TradingView) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgoekfocmllmbfgndimmfpdcbklddgd [2013-11-14]
CHR Extension: (Postman - REST Client) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2013-08-22]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-11-06]
CHR Extension: (Subtask) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpejfcoifhbhgfcdokdmgejmakhcbggi [2013-11-06]
CHR Extension: (XML Tree) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb [2014-05-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-12-30]
CHR Extension: (Select and Speak) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2013-12-19]
CHR Extension: (Dark atmosphere) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpikgkkfdoabncoileilaglepbpdhek [2013-08-22]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2013-09-12]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-03-27]
CHR Extension: (PageRank Status) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2013-09-12]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-08-22]
CHR Extension: (Dimensions Legacy) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmihohhdcbejdkidbfijmfehjbnmifk [2013-11-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-09-12]
CHR Extension: (XPath Helper) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgimnogjllphhhkhlmebbmlgjoejdpjl [2014-05-13]
CHR Extension: (Advanced REST client) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2013-08-22]
CHR Extension: (Online project management software: Wedoist) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfemlcofmppfkjnndnoakpgekdmkpbn [2014-01-24]
CHR Extension: (Rapportive) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2014-04-09]
CHR Extension: (jsFiddle) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiigmadmngbpbmacbkfngpkjfmmpagfk [2014-06-26]
CHR Extension: (HTTP Headers) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg [2013-11-13]
CHR Extension: (Pixlr Editor) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-08-27]
CHR Extension: (Resolution Test) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhfcdbheobinplaamokffboaccidbal [2014-02-27]
CHR Extension: (WealthLift Stock Market Simulator) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\jceoglodghflmpllikplklhgnnlldnkn [2014-01-24]
CHR Extension: (World Time Buddy) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj [2013-08-22]
CHR Extension: (Free SEO Deal of the Week) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgnekndlomccgljphjjcmhgmbbbeeklm [2013-08-27]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2013-11-12]
CHR Extension: (Request Maker) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajfghlhfkcocafkcjlajldicbikpgnp [2014-02-27]
CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2014-01-09]
CHR Extension: (JSON Prettifier) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\kccpfgilgmgbipamhohknpokhibinhhj [2014-02-27]
CHR Extension: (Image Properties Context Menu) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon [2013-09-24]
CHR Extension: (Form Editor) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\klaecimjlbpfompicealiiifcdjnkbpn [2014-02-27]
CHR Extension: (Utime) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2014-02-27]
CHR Extension: (Divshot) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajkckfbiimjdfdfbjgfbdfecnbipdcm [2013-11-06]
CHR Extension: (WealthLift Stock Research) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldadbkhmihakeinphpkmaeoaiglkgcag [2013-08-27]
CHR Extension: (Codenvy IDE) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefigjbiimiemfhjmibbgemkpenelmag [2013-08-27]
CHR Extension: (Delicious Bookmarks) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnapbapmncaacbfijemonkinanfaebhm [2013-09-17]
CHR Extension: (Window Close Protector) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnpifgapnmpninomacbhdlconlpikdai [2014-02-11]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2014-04-06]
CHR Extension: (SelectorGadget) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb [2013-11-27]
CHR Extension: (DevTools Autosave) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlejngncgiocofkcbnnpaieapabmanfl [2014-02-27]
CHR Extension: (RingCentral CloudFax) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnopcjofghmnhegmbjhmgbfclcgnpne [2013-08-27]
CHR Extension: (Asana) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2013-11-06]
CHR Extension: (Cloud9) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2013-11-06]
CHR Extension: (Hangouts) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-03]
CHR Extension: (LastPass Vault) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2013-09-12]
CHR Extension: (AVG Secure Search) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-06-01]
CHR Extension: (PHP Console) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfhmhhlpfleoednkpnnnkolmclajemef [2014-02-27]
CHR Extension: (Save to Pocket) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-10-01]
CHR Extension: (Google Wallet) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DataMiner) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2014-05-13]
CHR Extension: (CSS3 Generator) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\objoeachdkkeopnmlgablcjhifbahmbg [2013-11-06]
CHR Extension: (App Launcher) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\odmpalfplhaahlgnkkonchfhpegdcgjm [2013-11-06]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-03-13]
CHR Extension: (MonitorTab) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognampngfcbddbfemdapefohjiobgbdl [2013-11-27]
CHR Extension: (WealthLift Learn) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhcopaaicojnaejmcoanddoeekodemk [2013-08-27]
CHR Extension: (Wikinvest Portfolio Manager) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej [2013-08-27]
CHR Extension: (SpeakIt!) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-03-15]
CHR Extension: (Gmail) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-22]
CHR Extension: (Secure Shell) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhechapfaindjhompbnflcldabbghjo [2013-08-22]

==================== Services (Whitelisted) =================

R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-08] (CrashPlan) [File not signed]
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 MailbirdUpdater.exe; C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe [326496 2014-03-07] (Mailbird)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-01-16] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-12-23] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-12-23] (Intuit Inc.) [File not signed]
R3 QuickBooksDB23; C:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe [679936 2012-12-23] (Intuit, Inc.) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 MySQL; C:\Ampps\mysql\bin\mysqld MySQL [X]

==================== Drivers (Whitelisted) ====================

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [248632 2013-07-18] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7323720 2013-12-23] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-26] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-04] (Duplex Secure Ltd.)
U3 ab0p5ydo; C:\Windows\System32\Drivers\ab0p5ydo.sys [0 ] (Intel Corporation)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 18:49 - 2014-07-03 18:49 - 00063629 _____ () C:\Users\Me\Downloads\FRST.txt
2014-07-03 18:49 - 2014-07-03 18:49 - 00000000 ____D () C:\FRST
2014-07-03 18:48 - 2014-07-03 18:48 - 02083840 _____ (Farbar) C:\Users\Me\Downloads\FRST64.exe
2014-07-03 18:30 - 2014-07-03 18:30 - 00000448 _____ () C:\Users\Me\Downloads\AF396327.csv
2014-07-03 10:16 - 2014-07-03 14:35 - 00013507 _____ () C:\Users\Me\Documents\Working Copy of Untitled 1.txt
2014-07-02 13:31 - 2014-07-02 13:31 - 00017175 _____ () C:\Users\Me\Desktop\remove from database.txt
2014-07-01 05:44 - 2014-07-01 05:44 - 1458471950 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-01 05:44 - 2014-07-01 05:44 - 00262144 _____ () C:\WINDOWS\Minidump\070114-20203-01.dmp
2014-06-30 08:49 - 2014-06-30 08:49 - 00000000 ____D () C:\Users\Me\AppData\Local\Logishrd
2014-06-30 08:46 - 2014-06-30 08:46 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-30 08:46 - 2014-05-31 01:16 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-30 08:46 - 2014-05-31 01:16 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-30 08:23 - 2014-05-03 02:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-30 08:23 - 2014-05-03 02:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-06-30 08:23 - 2014-05-03 00:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-06-30 08:23 - 2014-05-01 18:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-30 08:23 - 2014-04-29 18:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-06-30 08:23 - 2014-04-29 18:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-06-30 08:23 - 2014-04-23 19:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-30 08:23 - 2014-04-23 19:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-30 08:23 - 2014-04-23 19:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-30 08:23 - 2014-04-23 19:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-30 08:23 - 2014-02-08 00:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-29 14:13 - 2014-06-29 14:14 - 92194911 _____ (Jens-André Koch ) C:\Users\Me\Downloads\WPNXM-0.7.0-AllInOne-Setup-w32.exe
2014-06-29 12:29 - 2014-07-03 04:52 - 00004982 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Me-PC-Me Me-PC
2014-06-28 17:49 - 2014-06-28 17:49 - 00000832 _____ () C:\Users\Me\Desktop\httpd-vhosts.conf.lnk
2014-06-28 17:48 - 2014-06-28 17:48 - 00000675 _____ () C:\Users\Me\Desktop\devbox.lnk
2014-06-28 12:12 - 2014-06-28 12:12 - 33366016 _____ () C:\Users\Me\Downloads\mysql-workbench-community-6.1.7-win32.msi
2014-06-28 12:12 - 2014-06-28 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2014-06-27 23:47 - 2014-06-27 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-27 23:46 - 2014-06-27 23:46 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-27 23:46 - 2014-06-27 23:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-27 23:46 - 2014-06-27 23:46 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 11:22 - 2014-06-27 11:22 - 00000927 _____ () C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\import.io.lnk
2014-06-27 11:22 - 2014-06-27 11:22 - 00000000 ____D () C:\Users\Me\AppData\Roaming\import.io
2014-06-27 11:22 - 2014-06-27 11:22 - 00000000 ____D () C:\Users\Me\AppData\Local\eclipse
2014-06-27 11:11 - 2014-06-27 11:12 - 59009592 _____ (import.io ) C:\Users\Me\Downloads\setup.exe
2014-06-25 16:17 - 2014-06-25 16:17 - 00008129 _____ () C:\Users\Me\Downloads\arrupl.txt
2014-06-25 12:05 - 2014-06-25 12:05 - 00000802 _____ () C:\Users\Me\_viminfo
2014-06-25 05:35 - 2014-06-25 05:35 - 19177472 ____T () C:\Users\Me\Downloads\TortoiseGit-1.8.9.0-64bit.msi
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Screenhero,_Inc
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Local\Screenhero,_Inc
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Local\Screenhero
2014-06-24 18:55 - 2014-06-29 21:48 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Screenhero, Inc
2014-06-24 18:55 - 2014-06-24 18:55 - 00003866 _____ () C:\WINDOWS\System32\Tasks\Screenhero Daemon
2014-06-24 18:55 - 2014-06-24 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screenhero
2014-06-24 18:55 - 2014-06-24 18:55 - 00000000 ____D () C:\Program Files (x86)\Screenhero, Inc
2014-06-24 18:54 - 2014-06-24 18:54 - 27611600 _____ (Igor Pavlov) C:\Users\Me\Downloads\Screenhero-setup.exe
2014-06-20 22:37 - 2014-06-20 22:37 - 00000000 ____D () C:\Users\Me\AppData\Roaming\dvdcss
2014-06-19 20:03 - 2014-07-03 17:11 - 00000402 _____ () C:\WINDOWS\Tasks\update-sys.job
2014-06-19 20:03 - 2014-07-03 16:14 - 00000402 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-2936943840-1575939931-1160276912-1000.job
2014-06-19 20:03 - 2014-06-19 20:03 - 00003272 _____ () C:\WINDOWS\System32\Tasks\update-sys
2014-06-19 20:03 - 2014-06-19 20:03 - 00003248 _____ () C:\WINDOWS\System32\Tasks\update-S-1-5-21-2936943840-1575939931-1160276912-1000
2014-06-19 20:03 - 2014-06-19 20:03 - 00000434 _____ () C:\Users\Me\AppData\Local\UserProducts.xml
2014-06-19 20:03 - 2014-06-19 20:03 - 00000003 _____ () C:\Users\Me\AppData\Local\updater.log
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Users\Me\AppData\Local\Skillbrains
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-19 14:44 - 2014-06-19 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-06-17 17:11 - 2014-06-17 17:11 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-17 09:58 - 2014-06-17 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-16 15:10 - 2014-06-16 15:10 - 00012881 _____ () C:\Users\Me\Downloads\stmt-415955A-June16.xlsx
2014-06-16 12:30 - 2014-06-16 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-06-12 00:37 - 2014-05-23 22:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 00:37 - 2014-05-23 22:47 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 00:37 - 2014-05-23 22:47 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 00:37 - 2014-05-23 22:47 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-12 00:37 - 2014-05-23 22:47 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 19290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 15368704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 00:37 - 2014-05-23 22:46 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 00:37 - 2014-05-23 22:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 00:37 - 2014-05-23 22:45 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 00:37 - 2014-05-23 22:45 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-12 00:37 - 2014-05-23 21:26 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 13731328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-12 00:37 - 2014-05-23 21:25 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 00:37 - 2014-05-23 21:25 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 00:37 - 2014-05-23 21:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-12 00:37 - 2014-05-23 21:03 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-12 00:37 - 2014-05-23 18:37 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-12 00:37 - 2014-05-03 01:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 00:37 - 2014-05-02 23:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-12 00:37 - 2014-04-29 18:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 00:37 - 2014-04-29 18:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-12 00:37 - 2014-04-03 07:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 00:37 - 2014-04-03 07:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 00:37 - 2014-04-02 23:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 00:37 - 2014-03-31 18:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-12 00:37 - 2014-03-24 19:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-12 00:37 - 2014-03-24 18:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-12 00:37 - 2014-03-06 20:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-12 00:37 - 2014-03-06 20:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 00:36 - 2014-05-23 21:26 - 14365696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-12 00:36 - 2014-05-23 21:25 - 02862080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-10 19:23 - 2014-06-10 19:23 - 00000105 _____ () C:\Users\Me\Desktop\Altered States to Altered Traits- Hacking Flow - YouTube.url
2014-06-10 19:23 - 2014-06-10 19:23 - 00000067 _____ () C:\Users\Me\Desktop\7 Day Ab Targeted Solution.url
2014-06-10 13:29 - 2014-06-30 22:21 - 00012097 _____ () C:\Users\Me\Documents\Personal Finances.xlsx
2014-06-09 01:09 - 2014-06-30 22:21 - 00149588 _____ () C:\Users\Me\Documents\Personally Guaranteed Business Debt.xlsx
2014-06-06 22:33 - 2014-06-06 22:33 - 00000080 _____ () C:\Users\Me\Desktop\List of cognitive biases - Wikipedia, the free encyclopedia.url

==================== One Month Modified Files and Folders =======

2014-07-03 18:49 - 2014-07-03 18:49 - 00063629 _____ () C:\Users\Me\Downloads\FRST.txt
2014-07-03 18:49 - 2014-07-03 18:49 - 00000000 ____D () C:\FRST
2014-07-03 18:49 - 2013-08-10 13:06 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Skype
2014-07-03 18:48 - 2014-07-03 18:48 - 02083840 _____ (Farbar) C:\Users\Me\Downloads\FRST64.exe
2014-07-03 18:47 - 2014-04-02 16:36 - 00000588 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2936943840-1575939931-1160276912-1000.job
2014-07-03 18:47 - 2013-02-05 00:16 - 00000000 ____D () C:\Users\Me\AppData\Roaming\uTorrent
2014-07-03 18:45 - 2014-04-02 16:29 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2936943840-1575939931-1160276912-1000UA.job
2014-07-03 18:45 - 2012-07-26 03:28 - 00854114 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-03 18:38 - 2013-11-26 18:52 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Ditto
2014-07-03 18:30 - 2014-07-03 18:30 - 00000448 _____ () C:\Users\Me\Downloads\AF396327.csv
2014-07-03 18:23 - 2013-02-04 21:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-03 18:21 - 2013-02-04 22:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-03 18:08 - 2013-02-04 11:43 - 02071904 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 18:00 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-03 17:57 - 2013-02-14 00:51 - 00000000 ____D () C:\Users\Me\AppData\Local\Paint.NET
2014-07-03 17:56 - 2013-08-22 09:10 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 17:54 - 2013-02-14 00:51 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-07-03 17:54 - 2013-02-14 00:51 - 00000000 ____D () C:\Program Files\Paint.NET
2014-07-03 17:54 - 2012-11-16 15:20 - 04940288 ___SH () C:\Users\Me\Desktop\Thumbs.db
2014-07-03 17:47 - 2013-04-11 23:55 - 00000000 ____D () C:\Users\Me\AppData\Local\Pokki
2014-07-03 17:11 - 2014-06-19 20:03 - 00000402 _____ () C:\WINDOWS\Tasks\update-sys.job
2014-07-03 16:14 - 2014-06-19 20:03 - 00000402 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-2936943840-1575939931-1160276912-1000.job
2014-07-03 15:56 - 2013-08-22 09:10 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 14:40 - 2013-02-04 14:16 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Dropbox
2014-07-03 14:35 - 2014-07-03 10:16 - 00013507 _____ () C:\Users\Me\Documents\Working Copy of Untitled 1.txt
2014-07-03 04:52 - 2014-06-29 12:29 - 00004982 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Me-PC-Me Me-PC
2014-07-03 03:45 - 2014-04-02 16:29 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2936943840-1575939931-1160276912-1000Core.job
2014-07-03 00:33 - 2013-02-05 15:06 - 00000000 ____D () C:\Users\Me\AppData\Roaming\KeePass
2014-07-02 17:04 - 2012-07-06 15:43 - 00000000 ____D () C:\Ampps
2014-07-02 13:31 - 2014-07-02 13:31 - 00017175 _____ () C:\Users\Me\Desktop\remove from database.txt
2014-07-02 10:55 - 2013-02-07 12:57 - 00000000 ____D () C:\Users\Me\AppData\Roaming\vlc
2014-07-02 10:18 - 2012-07-06 16:54 - 00000000 ___RD () C:\Users\Me\Documents\My Dropbox
2014-07-02 09:37 - 2014-04-02 16:36 - 00003600 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2936943840-1575939931-1160276912-1000
2014-07-01 16:52 - 2013-04-18 16:30 - 00425984 ___SH () C:\Users\Me\Downloads\Thumbs.db
2014-07-01 15:34 - 2013-08-23 22:19 - 00000000 ____D () C:\Users\Me\AppData\Roaming\eM Client
2014-07-01 07:29 - 2013-02-04 14:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2936943840-1575939931-1160276912-1000
2014-07-01 06:01 - 2014-05-18 22:42 - 00000000 ____D () C:\Users\Me\AppData\Local\PaymoPlus
2014-07-01 05:47 - 2014-04-30 15:12 - 00000000 ____D () C:\Users\Me\AppData\Roaming\DropboxMaster
2014-07-01 05:47 - 2013-01-15 14:34 - 00000000 ___RD () C:\Users\Me\SkyDrive
2014-07-01 05:46 - 2012-07-26 03:21 - 00050778 _____ () C:\WINDOWS\setupact.log
2014-07-01 05:45 - 2012-07-26 03:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-01 05:44 - 2014-07-01 05:44 - 1458471950 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-01 05:44 - 2014-07-01 05:44 - 00262144 _____ () C:\WINDOWS\Minidump\070114-20203-01.dmp
2014-07-01 03:53 - 2013-05-21 15:18 - 00000000 ____D () C:\Users\Me\AppData\Local\CrashDumps
2014-06-30 22:21 - 2014-06-10 13:29 - 00012097 _____ () C:\Users\Me\Documents\Personal Finances.xlsx
2014-06-30 22:21 - 2014-06-09 01:09 - 00149588 _____ () C:\Users\Me\Documents\Personally Guaranteed Business Debt.xlsx
2014-06-30 21:53 - 2014-03-25 13:45 - 00000000 ____D () C:\Users\Me\AppData\Local\TGitCache
2014-06-30 10:45 - 2014-01-22 10:58 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2014-06-30 10:45 - 2014-01-22 10:58 - 00000000 ____D () C:\Program Files (x86)\eM Client
2014-06-30 10:21 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-30 08:49 - 2014-06-30 08:49 - 00000000 ____D () C:\Users\Me\AppData\Local\Logishrd
2014-06-30 08:49 - 2013-12-23 18:47 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2014-06-30 08:49 - 2013-12-23 18:47 - 00001523 _____ () C:\WINDOWS\LkmdfCoInst.log
2014-06-30 08:49 - 2013-12-23 18:45 - 00019270 _____ () C:\WINDOWS\LDPINST.LOG
2014-06-30 08:49 - 2013-12-23 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-06-30 08:49 - 2013-12-23 18:45 - 00000000 ____D () C:\ProgramData\Logishrd
2014-06-30 08:49 - 2013-12-23 18:41 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-06-30 08:46 - 2014-06-30 08:46 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-30 08:46 - 2013-02-04 11:43 - 00000000 ____D () C:\Users\Me
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-30 08:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-30 08:38 - 2012-07-26 01:26 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-30 08:32 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-30 08:31 - 2013-02-04 14:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-30 08:31 - 2013-02-04 14:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 08:27 - 2013-09-06 19:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-30 08:26 - 2012-07-26 01:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-30 08:24 - 2012-07-26 01:26 - 00000745 _____ () C:\WINDOWS\win.ini
2014-06-30 08:07 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-30 08:04 - 2014-03-12 18:37 - 00000000 ____D () C:\Users\Me\Documents\PhraseExpress
2014-06-30 07:16 - 2013-02-20 09:38 - 00000000 ____D () C:\Users\Me\Downloads\Development
2014-06-30 07:15 - 2012-07-06 16:37 - 00000000 ____D () C:\Users\Me\Documents\Business
2014-06-29 21:48 - 2014-06-24 18:55 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Screenhero, Inc
2014-06-29 14:14 - 2014-06-29 14:13 - 92194911 _____ (Jens-André Koch ) C:\Users\Me\Downloads\WPNXM-0.7.0-AllInOne-Setup-w32.exe
2014-06-29 12:35 - 2014-04-24 21:06 - 00001754 _____ () C:\WINDOWS\Sandboxie.ini
2014-06-29 12:34 - 2013-05-31 15:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-29 12:27 - 2014-04-26 10:10 - 04985416 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-29 12:27 - 2013-02-04 11:41 - 00050810 _____ () C:\WINDOWS\PFRO.log
2014-06-29 04:08 - 2014-01-03 14:19 - 00004950 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Me-PC-Me Me-PC
2014-06-28 18:37 - 2014-04-09 17:10 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Composer
2014-06-28 17:49 - 2014-06-28 17:49 - 00000832 _____ () C:\Users\Me\Desktop\httpd-vhosts.conf.lnk
2014-06-28 17:48 - 2014-06-28 17:48 - 00000675 _____ () C:\Users\Me\Desktop\devbox.lnk
2014-06-28 12:12 - 2014-06-28 12:12 - 33366016 _____ () C:\Users\Me\Downloads\mysql-workbench-community-6.1.7-win32.msi
2014-06-28 12:12 - 2014-06-28 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2014-06-28 12:12 - 2013-02-05 16:11 - 00000000 ____D () C:\Program Files (x86)\MySQL
2014-06-27 23:47 - 2014-06-27 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-27 23:47 - 2014-04-13 15:50 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-27 23:46 - 2014-06-27 23:46 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-27 23:46 - 2014-06-27 23:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-27 23:46 - 2014-06-27 23:46 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 11:22 - 2014-06-27 11:22 - 00000927 _____ () C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\import.io.lnk
2014-06-27 11:22 - 2014-06-27 11:22 - 00000000 ____D () C:\Users\Me\AppData\Roaming\import.io
2014-06-27 11:22 - 2014-06-27 11:22 - 00000000 ____D () C:\Users\Me\AppData\Local\eclipse
2014-06-27 11:22 - 2013-02-04 12:05 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Mozilla
2014-06-27 11:12 - 2014-06-27 11:11 - 59009592 _____ (import.io ) C:\Users\Me\Downloads\setup.exe
2014-06-25 16:17 - 2014-06-25 16:17 - 00008129 _____ () C:\Users\Me\Downloads\arrupl.txt
2014-06-25 13:21 - 2014-03-31 22:06 - 00000000 ____D () C:\Users\Me\.VirtualBox
2014-06-25 13:21 - 2014-03-31 20:32 - 00000000 ____D () C:\Users\Me\.vagrant.d
2014-06-25 12:05 - 2014-06-25 12:05 - 00000802 _____ () C:\Users\Me\_viminfo
2014-06-25 05:35 - 2014-06-25 05:35 - 19177472 ____T () C:\Users\Me\Downloads\TortoiseGit-1.8.9.0-64bit.msi
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Screenhero,_Inc
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Local\Screenhero,_Inc
2014-06-24 18:56 - 2014-06-24 18:56 - 00000000 ____D () C:\Users\Me\AppData\Local\Screenhero
2014-06-24 18:55 - 2014-06-24 18:55 - 00003866 _____ () C:\WINDOWS\System32\Tasks\Screenhero Daemon
2014-06-24 18:55 - 2014-06-24 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screenhero
2014-06-24 18:55 - 2014-06-24 18:55 - 00000000 ____D () C:\Program Files (x86)\Screenhero, Inc
2014-06-24 18:54 - 2014-06-24 18:54 - 27611600 _____ (Igor Pavlov) C:\Users\Me\Downloads\Screenhero-setup.exe
2014-06-24 10:55 - 2012-11-14 12:54 - 00000000 ____D () C:\Users\Me\AppData\Local\Packages
2014-06-23 14:28 - 2012-07-06 16:54 - 00000000 ____D () C:\Users\Me\Documents\Outlook Files
2014-06-22 03:40 - 2014-04-02 16:29 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2936943840-1575939931-1160276912-1000UA
2014-06-22 03:40 - 2014-04-02 16:29 - 00003484 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2936943840-1575939931-1160276912-1000Core
2014-06-20 22:37 - 2014-06-20 22:37 - 00000000 ____D () C:\Users\Me\AppData\Roaming\dvdcss
2014-06-20 22:29 - 2014-02-19 22:13 - 00002283 _____ () C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-06-19 20:03 - 2014-06-19 20:03 - 00003272 _____ () C:\WINDOWS\System32\Tasks\update-sys
2014-06-19 20:03 - 2014-06-19 20:03 - 00003248 _____ () C:\WINDOWS\System32\Tasks\update-S-1-5-21-2936943840-1575939931-1160276912-1000
2014-06-19 20:03 - 2014-06-19 20:03 - 00000434 _____ () C:\Users\Me\AppData\Local\UserProducts.xml
2014-06-19 20:03 - 2014-06-19 20:03 - 00000003 _____ () C:\Users\Me\AppData\Local\updater.log
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Users\Me\AppData\Local\Skillbrains
2014-06-19 20:03 - 2014-06-19 20:03 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-19 18:56 - 2012-07-06 16:36 - 00000000 ____D () C:\Users\Me\Documents\Billing Statements
2014-06-19 15:51 - 2013-08-22 09:10 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 15:51 - 2013-08-22 09:10 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 14:44 - 2014-06-19 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-06-19 11:51 - 2013-08-29 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-17 17:12 - 2013-12-22 00:50 - 00010382 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log
2014-06-17 17:11 - 2014-06-17 17:11 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-17 16:19 - 2013-04-10 10:49 - 00246272 ___SH () C:\Users\Me\Documents\Thumbs.db
2014-06-17 09:58 - 2014-06-17 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-16 15:10 - 2014-06-16 15:10 - 00012881 _____ () C:\Users\Me\Downloads\stmt-415955A-June16.xlsx
2014-06-16 12:30 - 2014-06-16 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-06-16 12:29 - 2013-08-27 11:52 - 00000000 ____D () C:\Users\Me\Documents\Health & Medical
2014-06-11 23:10 - 2012-07-06 16:55 - 00000000 ____D () C:\Users\Me\Documents\Quicken
2014-06-10 19:29 - 2013-08-10 13:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-10 19:29 - 2013-08-10 13:06 - 00000000 ____D () C:\ProgramData\Skype
2014-06-10 19:28 - 2013-07-01 21:07 - 00000000 ____D () C:\Program Files (x86)\PowerArchiver
2014-06-10 19:23 - 2014-06-10 19:23 - 00000105 _____ () C:\Users\Me\Desktop\Altered States to Altered Traits- Hacking Flow - YouTube.url
2014-06-10 19:23 - 2014-06-10 19:23 - 00000067 _____ () C:\Users\Me\Desktop\7 Day Ab Targeted Solution.url
2014-06-06 22:33 - 2014-06-06 22:33 - 00000080 _____ () C:\Users\Me\Desktop\List of cognitive biases - Wikipedia, the free encyclopedia.url

Some content of TEMP:
====================
C:\Users\Me\AppData\Local\Temp\CountInstallation.exe
C:\Users\Me\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx777hs.dll
C:\Users\Me\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Me\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Me\AppData\Local\Temp\paint.net.4.0.install.exe
C:\Users\Me\AppData\Local\Temp\restarter210511890089522943.exe
C:\Users\Me\AppData\Local\Temp\restarter8630762064420030444.exe
C:\Users\Me\AppData\Local\Temp\restarter8837865654800228443.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-27 03:00

==================== End Of Log ============================
Attached Files
File Type: txt Addition.txt (66.5 KB, 101 views)
File Type: txt FRST.txt (90.7 KB, 62 views)
bauhsoj is offline  
Old 07-04-2014, 06:53 PM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello bauhsoj.

It appears that you have two antivirus programs installed and running, AVG and Windows Defender.

While this may seem like better protection, they can actually conflict with one another and cause system instability or even system hangs.

Windows Defender has been upgraded to an antivirus for Windows 8. You do not need to install another antivirus.

Windows Defender in Windows 8 resembles Microsoft Security Essentials and uses the same virus definitions:

Windows Defender - Wikipedia, the free encyclopedia

Please uninstall AVG via Programs and Features in your Control Panel.

------------------------------------------------------

I see you have P2P software ( uTorrent and eMule ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

A reference for the risk of these programs is here

I would strongly recommend that you uninstall them. You can do so via Control Panel >> Programs and Features.

------------------------------------------------------

Copy/paste the following into your Chrome browser address bar and press Enter:

chrome://settings/startup

Remove any unwanted start pages by clicking the X next to them.

Exit chrome://settings and re-launch Chrome. Any joy?

---------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 07-07-2014, 10:29 AM   #7
Registered Member
 
Join Date: Apr 2005
Location: United States
Posts: 272
OS: Windows 7 & 8



OK, so how does Windows Defender stack up against the protection offered by AVG?

How do I get MSN and the two AVG search pages to stop showing everytime I launch Chrome?
bauhsoj is offline  
Old 07-07-2014, 02:07 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Quote:
OK, so how does Windows Defender stack up against the protection offered by AVG?
I'd say it is at least as good as AVG, and a lot less resource heavy. The real problem is you can't uninstall WinDef from the machine.

Quote:
How do I get MSN and the two AVG search pages to stop showing everytime I launch Chrome?
Did you follow the last instruction in my last reply?

Quote:
Copy/paste the following into your Chrome browser address bar and press Enter:

chrome://settings/startup

Remove any unwanted start pages by clicking the X next to them.

Exit chrome://settings and re-launch Chrome. Any joy?
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 07-14-2014, 05:04 PM   #9
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Still with us, bauhsoj? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 07-14-2014, 07:39 PM   #10
Registered Member
 
Join Date: Apr 2005
Location: United States
Posts: 272
OS: Windows 7 & 8



Quote:
Originally Posted by chemist View Post
Still with us, bauhsoj? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.
Sorry, been slammed!

I missed it the first time around, but your solution worked! Thanks!
bauhsoj is offline  
Old 07-14-2014, 08:31 PM   #11
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're welcome, bauhsoj! Glad to have helped.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
BSODs on new install
· OS - Windows 7 · x64 · What was original installed OS on system? OEM came with Vista, later upgraded to Windows 7 x86, recently to Windows 7 x64 · full retail version · Age of system (hardware) Main system was purchased 2007, DVD drives, motherboard original equipment. Two new HDD, Seagate...
KelvinF BSOD, App Crashes And Hangs 3 03-21-2013 07:42 PM
Windows XP Freezes Without Error Message or BSOD
My desktop randomly freezes and will not respond to keyboard or mouse inputs. No blue screen or error code is generated when this happens. Originally this occasionally happened shortly after resuming from standby. However, it has progressed to happen randomly anytime the computer is turned...
mattpete BSOD, App Crashes And Hangs 14 11-20-2012 03:38 PM
BSOD after few minutes of gaming
Hello, and thanks in advance for taking the time to help. First off, I couldn't find a thread with specific instructions on who to acquire all the specific log files for Windows XP - it seems the stickies only pertain to Windows 7 / Vista. If someone could point me in the right direction, I'll...
Deamon615 BSOD, App Crashes And Hangs 37 11-04-2012 02:18 PM
Search Engines not Working in IE or Firefox
A few days ago, all search engines stopped working on my computer on both IE and Firefox. Everything else works fine and I can surf the net using specific URLs but I can search for anything. I have tried a number of options and various anti-virus, spyware and malware scans but no infections are...
evanmaclean Networking Support 16 02-21-2012 04:13 PM
Search Engines Prop
Hi, how are you? I can't use any search engines at all and I tried looking in my host file but the only host file was named lmhosts with a bunch of notes to help me understand how things are written. Also, when I ran DDS I did not get a ARK.txt file. Thank you for your help! . DDS...
freeslave92 Resolved HJT Threads 12 03-22-2011 06:42 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 03:27 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts