otl fix
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\"DisableSR" | DWORD:0 /E : value set successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Storage\Desktop\cmd.bat deleted successfully.
C:\Users\Storage\Desktop\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
C:\Users\Storage\Desktop\cmd.bat deleted successfully.
C:\Users\Storage\Desktop\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state ON /c >
Ok.
C:\Users\Storage\Desktop\cmd.bat deleted successfully.
C:\Users\Storage\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Alex
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Dad
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Mom
User: Natalie
User: Public
User: Storage
->Temp folder emptied: 35299781 bytes
->Temporary Internet Files folder emptied: 5752 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 535209273 bytes
->Flash cache emptied: 1549 bytes
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30870714 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 5356091 bytes
Total Files Cleaned = 579.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04162014_205112
Files\Folders moved on Reboot...
C:\Users\Storage\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Storage\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
There was no pando media booster plug-in.
adw clean:
# AdwCleaner v3.023 - Report created 16/04/2014 at 21:12:25
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Storage - ALEX-HP
# Running from : C:\Users\Storage\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Users\Storage\AppData\Local\FileTypeAssistant
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [18905 octets] - [17/02/2014 00:28:34]
AdwCleaner[R1].txt - [19320 octets] - [23/02/2014 22:24:37]
AdwCleaner[R2].txt - [1158 octets] - [16/04/2014 10:31:07]
AdwCleaner[R3].txt - [1219 octets] - [16/04/2014 21:11:01]
AdwCleaner[S0].txt - [19252 octets] - [23/02/2014 22:31:05]
AdwCleaner[S1].txt - [1148 octets] - [16/04/2014 21:12:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1208 octets] ##########
This was saved to my desktop after my JRT scan, nothing automatically opened
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Storage on Wed 04/16/2014 at 21:18:33.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/16/2014 at 21:26:22.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by Storage (administrator) on ALEX-HP on 17-04-2014 13:10:36
Running from C:\Users\Storage\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\...\Winlogon: [Shell] expstart.exe [925184 2013-06-04] () <==== ATTENTION
InternetURL: C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url -> C:\ProgramData\668418588.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "
https://www.google.c...urce=search_app", "hxxp://daccord1.vhlcentral.com/home/?SS=on", "hxxp://www.tumblr.com/dashboard", "hxxp://www.deviantart.com/", "hxxp://www.fimfiction.net/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_95.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-29]
CHR Extension: (Adblock Plus) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-08]
CHR Extension: (Custom Googleâ„¢ Background) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg [2013-07-14]
CHR Extension: (Ponify) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaelfbndbnpddlehfmbhjnphpjljegae [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (HoofSounds) - C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk [2013-12-11]
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Storage\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-12-11]
CHR HKLM-x32\...\Chrome\Extension: [cfgmipjabpfjdgflgbjjpgekdejokfci] - C:\Users\Alex\AppData\Local\CRE\cfgmipjabpfjdgflgbjjpgekdejokfci.crx [2013-12-11]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Alex\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Alex\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Storage\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Alex\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-05-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-17] ()
S2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll" /prefetch:1
S2 Sendoriv1; C:\Program Files (x86)\Sendori\SendoriSvc.exe [X]
==================== Drivers (Whitelisted) ====================
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-09] ()
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2013-07-14] ()
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-12-10] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-22] (Duplex Secure Ltd.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [123664 2012-10-16] (High Criteria inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-17 13:10 - 2014-04-17 13:10 - 00017141 _____ () C:\Users\Storage\Desktop\FRST.txt
2014-04-17 13:10 - 2014-04-17 13:10 - 00000000 ____D () C:\FRST
2014-04-17 12:52 - 2014-04-17 12:53 - 02158592 _____ (Farbar) C:\Users\Storage\Desktop\FRST64.exe
2014-04-17 03:01 - 2014-03-06 03:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 03:01 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 03:01 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 03:01 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 03:01 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 03:01 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 03:01 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 03:01 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 03:01 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 03:01 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 03:01 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 03:01 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 03:01 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 03:01 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 03:01 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 03:01 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 03:01 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 03:01 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 03:01 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 03:01 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 03:01 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 03:01 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 03:01 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 03:01 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 03:01 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 03:01 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 03:01 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 03:01 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 03:01 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 03:01 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 03:01 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 03:01 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 03:01 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 03:01 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 03:01 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 03:01 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 03:01 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 03:01 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 03:00 - 2014-03-06 02:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 03:00 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 03:00 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 03:00 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 03:00 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 03:00 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 03:00 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 03:00 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 03:00 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-17 03:00 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 21:26 - 2014-04-16 21:26 - 00000635 _____ () C:\Users\Storage\Desktop\JRT.txt
2014-04-16 21:17 - 2014-04-16 21:17 - 01016261 _____ (Thisisu) C:\Users\Storage\Desktop\JRT.exe
2014-04-16 10:28 - 2014-04-16 10:28 - 01426178 _____ () C:\Users\Storage\Desktop\AdwCleaner.exe
2014-04-16 10:20 - 2014-04-16 10:20 - 00008802 _____ () C:\Users\Storage\Desktop\RKreport[0]_S_04162014_102012.txt
2014-04-16 10:16 - 2014-04-16 10:28 - 00000000 ____D () C:\Users\Storage\Desktop\RK_Quarantine
2014-04-16 10:15 - 2014-04-16 10:15 - 04527616 _____ () C:\Users\Storage\Desktop\RogueKillerX64.exe
2014-04-13 15:45 - 2014-04-13 15:45 - 00068698 _____ () C:\Users\Storage\Desktop\Extras.Txt
2014-04-13 13:48 - 2014-04-13 13:48 - 00002211 _____ () C:\Users\Public\Desktop\Flvto Youtube Downloader.lnk
2014-04-13 00:59 - 2014-04-13 00:59 - 00002232 _____ () C:\Users\Storage\Desktop\aswMBR.txt
2014-04-13 00:59 - 2014-04-13 00:59 - 00000512 _____ () C:\Users\Storage\Desktop\MBR.dat
2014-04-12 23:53 - 2014-04-12 23:54 - 04745728 _____ (AVAST Software) C:\Users\Storage\Desktop\aswmbr.exe
2014-04-12 23:52 - 2014-04-13 15:44 - 00002238 _____ () C:\Users\Storage\Desktop\OTL.Txt
2014-04-12 23:33 - 2014-04-12 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Storage\Desktop\OTL.exe
2014-04-10 18:24 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 18:24 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 18:24 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 18:24 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 18:24 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 18:24 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 18:24 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 18:24 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 18:24 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 18:24 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 18:24 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 18:24 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 18:24 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 18:24 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 18:24 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 18:24 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 18:24 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-06 17:23 - 2014-04-06 17:23 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-06 17:22 - 2014-04-06 17:19 - 50837888 _____ (Adobe Systems Incorporated) C:\Users\Storage\Downloads\AdobeReaderSetup.exe
2014-04-05 17:34 - 2014-04-05 17:34 - 00000000 ____D () C:\Users\Storage\AppData\Local\Skype
2014-04-05 17:33 - 2014-04-05 17:33 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 17:33 - 2014-04-05 17:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-04 19:07 - 2014-04-06 18:35 - 00000000 ____D () C:\Users\Storage\Documents\TurboTax
2014-04-04 19:07 - 2014-04-06 16:00 - 00000298 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-04-04 19:07 - 2014-04-04 19:07 - 00000000 ____D () C:\Users\Storage\AppData\Local\IsolatedStorage
2014-04-04 19:06 - 2014-04-04 19:06 - 00000000 ____D () C:\Users\Storage\AppData\Roaming\Intuit
2014-04-04 19:05 - 2014-04-04 19:05 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-04-04 19:04 - 2014-04-04 19:04 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2014-04-04 19:03 - 2014-04-04 19:05 - 00000000 ____D () C:\ProgramData\Intuit
2014-04-02 17:15 - 2014-04-02 17:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4ed1d411201c.job
==================== One Month Modified Files and Folders =======
2014-04-17 13:10 - 2014-04-17 13:10 - 00017141 _____ () C:\Users\Storage\Desktop\FRST.txt
2014-04-17 13:10 - 2014-04-17 13:10 - 00000000 ____D () C:\FRST
2014-04-17 12:59 - 2012-07-17 14:46 - 01914487 _____ () C:\Windows\WindowsUpdate.log
2014-04-17 12:53 - 2014-04-17 12:52 - 02158592 _____ (Farbar) C:\Users\Storage\Desktop\FRST64.exe
2014-04-17 12:49 - 2009-07-13 21:51 - 00181601 _____ () C:\Windows\setupact.log
2014-04-17 03:24 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 03:24 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 03:23 - 2009-07-13 22:13 - 00783468 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 03:19 - 2013-09-21 00:11 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-17 03:19 - 2012-08-05 19:15 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-17 03:17 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 21:26 - 2014-04-16 21:26 - 00000635 _____ () C:\Users\Storage\Desktop\JRT.txt
2014-04-16 21:17 - 2014-04-16 21:17 - 01016261 _____ (Thisisu) C:\Users\Storage\Desktop\JRT.exe
2014-04-16 21:12 - 2014-02-17 00:27 - 00000000 ____D () C:\AdwCleaner
2014-04-16 17:17 - 2012-08-28 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-16 10:28 - 2014-04-16 10:28 - 01426178 _____ () C:\Users\Storage\Desktop\AdwCleaner.exe
2014-04-16 10:28 - 2014-04-16 10:16 - 00000000 ____D () C:\Users\Storage\Desktop\RK_Quarantine
2014-04-16 10:20 - 2014-04-16 10:20 - 00008802 _____ () C:\Users\Storage\Desktop\RKreport[0]_S_04162014_102012.txt
2014-04-16 10:15 - 2014-04-16 10:15 - 04527616 _____ () C:\Users\Storage\Desktop\RogueKillerX64.exe
2014-04-14 02:46 - 2013-06-04 19:39 - 00000000 ____D () C:\Users\Storage\AppData\Roaming\Skype
2014-04-13 15:45 - 2014-04-13 15:45 - 00068698 _____ () C:\Users\Storage\Desktop\Extras.Txt
2014-04-13 15:44 - 2014-04-12 23:52 - 00002238 _____ () C:\Users\Storage\Desktop\OTL.Txt
2014-04-13 13:48 - 2014-04-13 13:48 - 00002211 _____ () C:\Users\Public\Desktop\Flvto Youtube Downloader.lnk
2014-04-13 13:48 - 2013-06-02 19:51 - 00000000 ____D () C:\Users\Storage\AppData\Local\Flvto Youtube Downloader
2014-04-13 00:59 - 2014-04-13 00:59 - 00002232 _____ () C:\Users\Storage\Desktop\aswMBR.txt
2014-04-13 00:59 - 2014-04-13 00:59 - 00000512 _____ () C:\Users\Storage\Desktop\MBR.dat
2014-04-12 23:54 - 2014-04-12 23:53 - 04745728 _____ (AVAST Software) C:\Users\Storage\Desktop\aswmbr.exe
2014-04-12 23:33 - 2014-04-12 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Storage\Desktop\OTL.exe
2014-04-10 18:34 - 2013-08-15 00:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:31 - 2012-07-20 15:31 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 18:35 - 2014-04-04 19:07 - 00000000 ____D () C:\Users\Storage\Documents\TurboTax
2014-04-06 17:37 - 2009-07-13 21:45 - 04903264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-06 17:36 - 2010-11-20 20:47 - 01877800 _____ () C:\Windows\PFRO.log
2014-04-06 17:24 - 2013-07-09 13:43 - 00000000 ____D () C:\Users\Storage\AppData\Local\Adobe
2014-04-06 17:24 - 2013-06-02 19:22 - 00000000 ____D () C:\Users\Storage\AppData\Roaming\Adobe
2014-04-06 17:23 - 2014-04-06 17:23 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-06 17:23 - 2013-07-09 13:47 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-06 17:23 - 2012-08-25 19:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-06 17:19 - 2014-04-06 17:22 - 50837888 _____ (Adobe Systems Incorporated) C:\Users\Storage\Downloads\AdobeReaderSetup.exe
2014-04-06 16:00 - 2014-04-04 19:07 - 00000298 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-04-05 17:34 - 2014-04-05 17:34 - 00000000 ____D () C:\Users\Storage\AppData\Local\Skype
2014-04-05 17:33 - 2014-04-05 17:33 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 17:33 - 2014-04-05 17:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-05 17:33 - 2012-07-17 22:00 - 00000000 ____D () C:\ProgramData\Skype
2014-04-04 19:07 - 2014-04-04 19:07 - 00000000 ____D () C:\Users\Storage\AppData\Local\IsolatedStorage
2014-04-04 19:06 - 2014-04-04 19:06 - 00000000 ____D () C:\Users\Storage\AppData\Roaming\Intuit
2014-04-04 19:06 - 2013-06-02 19:23 - 00062896 _____ () C:\Users\Storage\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 19:05 - 2014-04-04 19:05 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-04-04 19:05 - 2014-04-04 19:03 - 00000000 ____D () C:\ProgramData\Intuit
2014-04-04 19:04 - 2014-04-04 19:04 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2014-04-02 20:26 - 2013-01-03 22:50 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-04-02 17:15 - 2014-04-02 17:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4ed1d411201c.job
2014-03-29 16:02 - 2013-08-20 19:03 - 00000000 ____D () C:\Users\Storage\Desktop\folders
2014-03-29 16:02 - 2013-06-10 08:14 - 00000000 ____D () C:\Users\Storage\Desktop\MY LITTLE PONY
Files to move or delete:
====================
C:\Users\Alex\jagex_cl_runescape_LIVE.dat
C:\Users\Alex\jagex_cl_runescape_LIVE1.dat
C:\Users\Alex\random.dat
Some content of TEMP:
====================
C:\Users\Storage\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 10:10
==================== End Of Log ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by Storage at 2014-04-17 13:11:11
Running from C:\Users\Storage\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.80 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 1.00.0000 - AMD) Hidden
AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.5.3.598547 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BitZipper 2013 (HKLM-x32\...\BitZipper_is1) (Version: 2013.13.4.16 - Bitberry Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Combat Arms (HKLM-x32\...\Steam App 212180) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.1.24.0 - ) <==== ATTENTION
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.5.0 - Hotger)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free PDF Tablet (HKLM-x32\...\Free PDF Tablet) (Version: 0.1 - )
Friendship is Memories (HKLM-x32\...\Friendship is Memories_is1) (Version: - Fghik)
FYZip 1.00 (HKLM-x32\...\FYZip) (Version: 1.00 - TightRope Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo and Imaging 2.0 - All-in-One (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One Drivers (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - hp psc 2170 series (HKLM-x32\...\HP PSC 2170 Series) (Version: - )
hp psc 2170 series (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
Luxe USB Interface (HKLM-x32\...\{B5E09A5F-4934-4427-A243-6DD77303FE9C}) (Version: 2.0.0 - DLX Technology Group)
Luxe Voice Pack Editor (HKLM-x32\...\{AF1604B3-183A-4400-B950-6B0BDD61ADC8}) (Version: 1.0.1 - DLX Technology Group)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MapleStory (HKLM-x32\...\MapleStory) (Version: - )
MapleStory (HKLM-x32\...\Steam App 216150) (Version: - Nexon)
MapleStory Dual Blade Clock Screen Saver (HKLM-x32\...\MapleStory Dual Blade Clock) (Version: - )
MapleStory Dual Blade Screen Saver (HKLM-x32\...\MapleStory Dual Blade) (Version: - )
Max 6.1.3 (HKLM\...\{34724174-5E63-4FD6-8319-7BCE70966441}) (Version: 136.1.3 - Cycling '74)
Max 6.1.3 (x64) (HKLM\...\{4864A628-EB43-4DB5-8DA3-B12F2C549E9E}) (Version: 136.1.3 - Cycling '74)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Motocross Madness Trial (HKLM-x32\...\Motocross Madness Trial 1.0) (Version: - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MicroVolts (HKLM-x32\...\Steam App 109400) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.0.2.2476 - Native Instruments) Hidden
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Komplete 8 Players (HKLM-x32\...\Native Instruments Komplete 8 Players) (Version: - Native Instruments)
Native Instruments Komplete 8 Players (Version: 8.0.0.003 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.0.2.5641 - Native Instruments) Hidden
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: - Native Instruments)
Native Instruments Kontakt Factory Selection (Version: 1.2.0.004 - Native Instruments) Hidden
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: - Native Instruments)
Native Instruments Reaktor 5 (Version: 5.6.1.11150 - Native Instruments) Hidden
Native Instruments Reaktor Factory Selection (HKLM-x32\...\Native Instruments Reaktor Factory Selection) (Version: - Native Instruments)
Native Instruments Reaktor Factory Selection (Version: 1.1.0.002 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.1008 - ooVoo LLC.)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5705 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Recorder 8.4 Professional Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 wcaiper (x32 Version: 013.000.1280 - Intuit Inc.) Hidden
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1986 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0492 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0168 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VirtualDJ LE (Numark) (HKLM-x32\...\{1A4F5611-13A0-4EBD-BFAF-156D5B5AC0ED}) (Version: 7.0.5 - Atomix Productions)
Voxengo SPAN version 2.6 (HKLM-x32\...\Voxengo SPAN_is1) (Version: 2.6 - Voxengo)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
zk_sc Screen Saver (HKLM-x32\...\zk_sc) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
29-03-2014 10:00:25 Windows Update
03-04-2014 00:15:52 Windows Update
05-04-2014 02:05:00 Installed TurboTax 2013 wrapper
06-04-2014 23:04:15 Installed TurboTax 2013 wcaiper
07-04-2014 00:22:53 Installed Adobe Reader XI.
11-04-2014 01:24:32 Windows Update
11-04-2014 01:31:20 Windows Update
13-04-2014 06:37:21 OTL Restore Point - 4/12/2014 11:37:16 PM
15-04-2014 17:49:23 Windows Update
17-04-2014 03:51:28 OTL Restore Point - 4/16/2014 8:51:24 PM
17-04-2014 10:00:26 Windows Update
==================== Hosts content: ==========================
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {177A495A-24C5-4C73-B7C4-B7637BA8F066} - System32\Tasks\HPCeeScheduleForStorage => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1E8C06E0-3989-4C16-8DCC-969888DDC946} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe
Task: {3B590EEC-4683-41A5-B0EC-C602F55D28BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {40F732DE-9F2E-4295-9C90-2FE92AE91312} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {5220F63E-5D95-4ABB-B618-96C8734BB737} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {6FA3E7CE-2EAF-4FC6-B6CC-F91D0F969DDC} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {70F4FEFA-3903-43ED-8DB2-79050070684D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {83A7504A-F33D-4E6E-9FD0-700DD584FE82} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
Task: {83E01440-33FC-4270-B459-9701EB9F7AA0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {95DC25A0-2599-42DD-B957-DE356CD2AB79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {9AFB4F91-7FC7-4A79-81E8-0265A3CF666A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9F327333-A1FC-4D2C-8A2F-E4889C9DF878} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core => C:\Users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BDAF858A-EB00-48D7-A9C7-19DEF7DAF134} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-28] (Adobe Systems Incorporated)
Task: {C772F9C2-D2E7-4C02-8B30-9D5E4444330A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CAC1C179-792B-4D52-9A32-6C7C3A8DC053} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {CAC25D6F-0382-4B0A-965D-E2F9250B15F0} - System32\Tasks\AdobeAAMUpdater-1.0-Alex-HP-Storage => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {CC66C2EA-14C2-429E-B5B4-AD93457594EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {CD62808D-39B6-4553-9376-4D5A416B7906} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe <==== ATTENTION
Task: {D15297C8-34D7-46F5-866E-7A3C7EE56AB7} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe <==== ATTENTION
Task: {D9D19404-E63B-49A2-A5E0-4313921F236E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {DA737C09-4909-4B1C-B16A-D294BDCE05B4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe
Task: {DEC6FEB4-113F-40A3-AF3E-43DAF19972E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFfix => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe [2013-08-05] (Hewlett-Packard Company)
Task: {E194AFEB-27D8-4B4D-B04B-09542E5FA054} - System32\Tasks\RunAsStdUser Task => C:\Users\Alex\AppData\Local\gamesleapSA\bin\1.0.11.0\GamesLeapSA.exe <==== ATTENTION
Task: {E3CFC4F7-060D-45E0-BD09-8C98568B71D0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA => C:\Users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {F480C149-38F4-413E-ABF7-F42BF0D27154} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {F4C0AC29-487A-4099-B9B7-4DEEA9F8D956} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4ed1d411201c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job => C:\Users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job => C:\Users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForStorage.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2012-12-19 16:32 - 2012-12-19 16:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-09-14 23:43 - 2013-06-17 22:24 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-17 03:00 - 2014-04-17 00:06 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041700\algo.dll
2014-04-17 12:48 - 2014-04-17 12:28 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041703\algo.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-09 22:57 - 2014-02-09 22:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temporary Internet Files:lYFUKDfsQ6zS8U8hKut0idS1F4
AlternateDataStreams: C:\Users\Storage\Cookies:R4IPQdOyeqlD5Gz4K9cz4YrA0
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/17/2014 01:10:31 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/17/2014 01:10:31 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (04/17/2014 01:10:21 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/17/2014 01:10:21 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (04/17/2014 01:10:10 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/17/2014 01:10:10 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (04/17/2014 01:10:00 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/17/2014 01:10:00 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (04/17/2014 01:09:50 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/17/2014 01:09:50 PM) (Source: ESENT) (User: )
Description: DllHost (4284) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
System errors:
=============
Error: (04/17/2014 03:21:12 AM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service failed to start due to the following error:
%%2
Error: (04/17/2014 03:19:08 AM) (Source: ipnathlp) (User: )
Description: 192.168.1.65192.168.137.0255.255.255.0
Error: (04/17/2014 03:19:08 AM) (Source: ipnathlp) (User: )
Description:
Error: (04/17/2014 03:19:05 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS
Error: (04/17/2014 03:18:59 AM) (Source: Service Control Manager) (User: )
Description: The Sendoriv1 service failed to start due to the following error:
%%2
Error: (04/17/2014 03:00:20 AM) (Source: ipnathlp) (User: )
Description: 192.168.1.65192.168.137.0255.255.255.0
Error: (04/17/2014 03:00:19 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (04/17/2014 03:00:14 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (04/16/2014 09:29:14 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{C882AA94-6E83-4763-A643-0CBF69D7C1B0}.
The backup browser is stopping.
Microsoft Office Sessions:
=========================
Error: (04/17/2014 01:10:31 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
Error: (04/17/2014 01:10:31 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
Error: (04/17/2014 01:10:21 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
Error: (04/17/2014 01:10:21 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
Error: (04/17/2014 01:10:10 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
Error: (04/17/2014 01:10:10 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
Error: (04/17/2014 01:10:00 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
Error: (04/17/2014 01:10:00 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
Error: (04/17/2014 01:09:50 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
Error: (04/17/2014 01:09:50 PM) (Source: ESENT)(User: )
Description: DllHost4284WebCacheLocal: C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
==================== Memory info ===========================
Percentage of memory in use: 18%
Total physical RAM: 7656.59 MB
Available physical RAM: 6255.14 MB
Total Pagefile: 15311.35 MB
Available Pagefile: 13578.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:914.81 GB) (Free:517.11 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:16.61 GB) (Free:2.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FCB143B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
==================== End Of Log ============================