Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015 Ran by Curt at 2015-05-21 17:07:54 Running from C:\Users\Curt\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1038181654-2723990138-2818527679-500 - Administrator - Disabled) Curt (S-1-5-21-1038181654-2723990138-2818527679-1000 - Administrator - Enabled) => C:\Users\Curt Guest (S-1-5-21-1038181654-2723990138-2818527679-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1038181654-2723990138-2818527679-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden ccc-core-static (x32 Version: 2009.0714.2132.36830 - ATI) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CryptoPrevent v4.3.2 (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) CWA Reminder by We-Care.com v4.1.22.3 (HKLM-x32\...\{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}) (Version: 4.1.22.3 - We-Care.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Marketplace Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc) Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps) Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.130 - ArcSoft) Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.) Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - ) EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation) EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Escape Whisper Valley (TM) (x32 Version: 2.2.0.95 - WildTangent) Hidden Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Free Video to MP3 Converter version 5.0.45.716 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.11.29.825 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.29.825 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc) Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.35 - Motorola Mobility) Motorola Device Software Update (x32 Version: 1.0.41 - Motorola Mobility) Hidden MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR) NETGEAR WNDA4100 (x32 Version: 1.2.0.10 - NETGEAR) Hidden Palm Desktop (HKLM-x32\...\{E89D78B8-28F7-412F-8B26-C684739CBBDC}) (Version: 4.1.0410 - Palm, Inc.) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.) Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio File Backup (Version: 1.3.2 - Roxio) Hidden Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (x32 Version: 2009.0714.2132.36830 - ATI) Hidden SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM) Software Updater (HKLM-x32\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Stellar Phoenix JPEG Repair (HKLM-x32\...\Stellar Phoenix JPEG Repair_is1) (Version: 2.0.0.0 - Stellar Information Systems Ltd) System Optimizer (HKLM-x32\...\System Optimizer_is1) (Version: 3.2.0.1 - Get Live Support Limited) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID) Unchecky v0.3.7.5 (HKLM-x32\...\Unchecky) (Version: 0.3.7.5 - RaMMicHaeL) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: - Verizon Wireless) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent) WildTangent Games App (Dell Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 17-05-2015 20:10:23 Windows Update 19-05-2015 17:05:22 Restore Point Created by FRST 20-05-2015 20:50:36 Windows Update 21-05-2015 16:31:36 Restore Point Created by FRST ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2015-05-21 16:35 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com There are 4 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0545C6C0-BE72-44E2-8098-5705C6EA726D} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-09-28] () Task: {1D5508BE-3779-4727-A58C-0987B026AED9} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {26098C36-78C4-478A-8D63-5CAFF094DB93} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {3AFC87FC-2C9C-4294-97D2-64F36CA0FBF3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {3C5EAB58-78E3-4A21-A2FD-72C02E0EEDC6} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] () Task: {3E803DC0-4A17-418C-A194-4E87CDAE3945} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.) Task: {4397E581-0DDD-46F3-BEFD-4F2E88EC6615} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-09-28] () Task: {60328A4C-BCDB-4855-8781-C8CCBA9A9560} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) Task: {696902CB-293F-4E39-9029-9843E53BD4DB} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns Task: {6DB0E2DE-DFD1-4088-A992-22A6E979C62F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {A629036B-3787-449A-9D7F-080BA288FDE1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {BC566E78-8F1D-4AF6-A5EB-7B6E43220764} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {BE4C8BE7-49E7-453A-9F8E-04FD30FE7DE7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {C8D40082-AD40-438B-9AA1-3AFE9DC3DFF2} - System32\Tasks\System Optimizer Schedule => C:\Program Files (x86)\System Optimizer\SysOptLauncher.exe [2015-05-20] () Task: {DDEEBFE5-7B05-4F85-8D22-10441CBF0152} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION Task: {E4B36F96-0C40-4066-A94C-56B5E91C4D5B} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-09-28] () Task: {E8E9C3E5-2AD6-4AB0-B669-99CE84FC9B9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {FB5A6097-2B06-453D-8136-28B14FCA1364} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) Task: {FB9946B8-5F96-4A7E-A893-8BEF1E718235} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {FC760074-1533-4654-92BC-668C10C491D8} - System32\Tasks\{62E27CA0-2DCC-4DAA-B0B9-4931347BA3B2} => pcalua.exe -a C:\Users\Curt\AppData\Local\Temp\InstallFlashPlayer.exe -d C:\Windows\system32 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Windows\system32\rundll32.exeFC:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll ==================== Loaded Modules (Whitelisted) ============== 2012-10-02 14:45 - 2012-10-02 14:45 - 00120728 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 2012-10-02 14:41 - 2012-10-02 14:41 - 00694168 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe 2011-11-17 15:52 - 2011-09-22 12:14 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-08-25 13:26 - 2013-11-11 15:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe 2014-08-25 13:26 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe 2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll 2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll 2012-09-26 17:57 - 2012-09-26 17:57 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2014-08-25 13:26 - 2013-10-30 19:06 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-08-25 13:26 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Curt\Downloads\noname.eml:OECustomProperty ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1038181654-2723990138-2818527679-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Curt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 75.75.75.75 - 75.75.76.76 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: Epson Stylus NX330(Network) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\Curt\AppData\Local\Temp\E_S79D9.tmp" /EF "HKCU" MSCONFIG\startupreg: HLBackupScheduler => "C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe" MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: LTCM Client => C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup MSCONFIG\startupreg: MotoCast => "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk" MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2E57C8C1-42BE-4A8E-B259-120F88060A4C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{D7015D62-99C9-4DA3-91BC-C20376FCB37E}] => (Allow) LPort=2869 FirewallRules: [{C7B08D5F-341B-4B21-9C7F-CA2A3B4E235B}] => (Allow) LPort=1900 FirewallRules: [{A5D6CD4D-8884-40ED-9ABA-6881AA582B43}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{3BF46F24-F3B6-4E10-8336-69651209EFC0}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{E40B3F0D-DF60-4588-944F-CCFA8A9FB198}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{BA791754-2D2E-4CA8-8CD2-2AA602DBDBBA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{23880760-A4E3-484A-88BD-C1A5D9D23072}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{F3956364-822F-4CD1-B8FD-4565D2CD7493}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{E4F6ECCF-AB4F-4754-8814-3C2AE6337A8F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe FirewallRules: [{37EAD60E-6FD8-4B08-8E24-B417AC8CE95A}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe FirewallRules: [{95863EDC-FEA9-4A58-AC43-C5197E557EDE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe FirewallRules: [{5E55E237-07CF-44F9-A4C9-09783054CAFD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe FirewallRules: [{311142A9-9F5F-4255-9510-F9A793D72367}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe FirewallRules: [{B72EF22E-0AA8-42F2-9C96-2656FA6988B6}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe FirewallRules: [{A4A6216A-D3E4-47DD-BB6B-F93065A407A8}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe FirewallRules: [{F1CD3301-D5A3-4B52-B959-C5DE3781D477}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe FirewallRules: [{FB6721EB-7E31-49F7-A15E-9E65CE9A4037}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe FirewallRules: [{540CCF01-ED0F-4D06-8E21-D7D30426669D}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe FirewallRules: [{02375E4E-BBD2-4BF3-A6CD-4787E31A837E}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe FirewallRules: [{08B44564-310D-494B-9B23-8955708F4E6C}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe FirewallRules: [{F0032362-E8C5-4CFF-AADB-A3BB59C053D7}] => (Allow) C:\Users\Curt\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{C13E80BE-6BD2-4666-81AC-CA1FE1F9EBA4}] => (Allow) C:\Users\Curt\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{4BADD2FF-3E49-40BA-BD1D-28300C45D7FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{85B12BE7-4B24-4639-9DD3-CF7A30368BD4}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{8BD44E52-62AA-4ACB-9C46-24165C375553}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{42103AD4-D230-46C3-BB45-7BDF8BD8EB58}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [TCP Query User{9FCDF937-B95F-47E8-B90C-62D9112AF6BD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{4111BDFD-AB64-4799-AF92-9FCB4581C59B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{FA1A96A2-00AE-4D02-92CE-6364E1C53F05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/21/2015 04:35:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (05/21/2015 04:44:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for FailureCommand with the following error: %%5 Error: (05/21/2015 04:44:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Error: (05/21/2015 04:33:31 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Microsoft Office: ========================= Error: (05/21/2015 04:35:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-04-26 13:24:45.959 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-26 13:24:45.850 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-26 13:24:45.741 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-26 13:24:45.616 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-26 11:31:01.634 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-26 11:31:01.525 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X2 250 Processor Percentage of memory in use: 80% Total physical RAM: 3838.98 MB Available physical RAM: 748.79 MB Total Pagefile: 7676.16 MB Available Pagefile: 3845.94 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:355.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B807E85B) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=14.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450.9 GB) - (Type=07 NTFS) ==================== End of log ============================