Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My notebook is super slow. I even have lag when I'm typing! [S


  • This topic is locked This topic is locked

#1
BlackUfa

BlackUfa

    New Member

  • Member
  • Pip
  • 6 posts

When ever I'm watching youtube or flash videos, my notebook computer freezes and there's a ton of lag. It's also almost impossible to open iTunes or Photo Shop because it's just so bad. I thought once I upgraded to Windows 8 it would have fixed itself but I'm not that lucky. If I restart my machine, then the symptoms go away for about 30 minutes but God forbid I open more than one window or program! I dont expect much out of this old HP G60 but this is just plain horrible. 

 

This post had taken me several minutes to type because the lag is so bad. I should mention I have a 50 mbps internet connection that works just fine. Help! and thank you in advance!

 

The OTL

 

OTL logfile created on: 5/28/2014 11:33:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nick\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 61.94% Memory free
7.91 Gb Paging File | 5.91 Gb Available in Paging File | 74.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.64 Gb Total Space | 131.56 Gb Free Space | 59.62% Space Free | Partition Type: NTFS
Drive D: | 12.24 Gb Total Space | 1.90 Gb Free Space | 15.51% Space Free | Partition Type: NTFS
 
Computer Name: NICK-PC | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/28 23:33:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nick\Downloads\OTL.exe
PRC - [2014/05/13 16:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/11 15:31:12 | 000,263,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
PRC - [2013/03/28 16:55:58 | 001,058,880 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/13 16:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 16:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 16:40:45 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/13 16:40:44 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/13 16:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/22 16:16:30 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/23 19:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 19:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/07 22:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 00:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/05 23:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 08:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 02:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 02:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 02:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 02:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 02:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 08:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/12/10 00:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/22 21:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/14 00:26:20 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/11/14 00:17:10 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/11/14 00:17:09 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/09/20 16:30:00 | 000,654,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 04:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 04:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 04:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 04:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 04:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 03:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 03:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 02:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 02:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 02:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 02:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 02:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 02:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 02:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 02:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/05/17 00:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2014/05/06 19:27:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/14 00:26:18 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 20:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 19:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/03/23 19:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 19:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 19:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 20:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 05:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 13:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 13:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 09:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 08:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/02/22 08:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 08:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 08:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 08:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 08:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 08:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 05:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/01/13 19:02:40 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/13 19:02:40 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/13 19:02:40 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/11/14 00:29:45 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 00:26:18 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 00:17:11 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/11/14 00:17:10 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 00:17:03 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/11/14 00:17:03 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/11/14 00:17:03 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/11/14 00:17:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/11/14 00:17:03 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 06:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 06:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 05:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 05:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 05:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 05:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 05:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 05:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 05:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 05:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 05:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 05:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 05:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 05:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 05:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 05:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 05:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 05:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 05:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 05:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 05:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 05:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 05:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 05:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 05:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 05:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 05:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 05:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 05:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 04:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 04:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 04:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 04:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 04:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 04:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 04:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 04:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 04:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 04:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 04:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 04:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 04:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 04:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 04:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 04:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 04:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 04:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 04:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 04:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 04:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 04:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 04:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 04:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 01:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 16:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 17:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 11:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 12:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 08:05:48 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2013/06/18 08:05:48 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2013/06/18 08:05:46 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2013/06/18 07:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/06/18 07:45:05 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwnx.sys -- (athr)
DRV:64bit: - [2013/01/29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/01/29 19:15:04 | 000,029,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/23 19:13:28 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/03/28 03:06:00 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8633B2DC-E7FA-4574-8487-9D6684A7E0AC}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{759345B3-AC48-4804-9E40-35C185F07A7A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{8633B2DC-E7FA-4574-8487-9D6684A7E0AC}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{759345B3-AC48-4804-9E40-35C185F07A7A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8633B2DC-E7FA-4574-8487-9D6684A7E0AC}: "URL" = http://www.bing.com/...E11SR&pc=HPNTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/05/20 20:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Extensions
[2014/05/20 20:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/20 20:24:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: Google Search = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.35_0\
CHR - Extension: Isoball 3 = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.4.4_0\
CHR - Extension: Google Wallet = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Hover Zoom = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.2_0\
CHR - Extension: Gmail = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Canvas Rider = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-410 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000002] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-410 Series" File not found
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Nick\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_B9D48092DF53DE2F032C3C1B28E5E1A1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [googletalk] C:\Users\Nick\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{147FB1FB-297D-4285-A493-9929E46C792D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57E819C2-48C0-4B39-AD3F-37AFE5F4A148}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/28 22:38:21 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/05/28 22:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/28 22:31:50 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Oracle
[2014/05/28 22:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014/05/28 22:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/05/28 22:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/28 22:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/28 22:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/28 22:11:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/05/28 21:59:21 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/20 20:24:58 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Mozilla
[2014/05/20 20:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/05/20 20:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/20 18:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/05/20 17:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2014/05/20 17:53:26 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
[2014/05/20 17:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/05/20 17:28:12 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\Charity
[2014/05/14 18:26:18 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\Letters
[2014/05/11 15:23:57 | 000,000,000 | ---D | C] -- C:\Temp
[2010/03/16 09:04:56 | 004,669,560 | ---- | C] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files (x86)\Common Files\Samsung_Mobile_USB_Driver(V5.16)_V1.2.2200.0.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/28 23:36:00 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/28 23:11:01 | 000,000,749 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
[2014/05/28 23:11:01 | 000,000,749 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
[2014/05/28 23:11:00 | 000,000,935 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
[2014/05/28 23:11:00 | 000,000,935 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
[2014/05/28 23:08:00 | 000,000,935 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {082467FA-3012-44C1-B73E-8E136354997D}.job
[2014/05/28 23:08:00 | 000,000,749 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {082467FA-3012-44C1-B73E-8E136354997D}.job
[2014/05/28 23:06:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
[2014/05/28 23:03:00 | 000,000,935 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
[2014/05/28 23:03:00 | 000,000,749 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
[2014/05/28 22:57:00 | 000,000,935 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
[2014/05/28 22:57:00 | 000,000,749 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
[2014/05/28 22:07:26 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/28 22:06:29 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/28 22:05:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/28 22:05:18 | 3354,763,264 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/28 21:19:03 | 000,007,605 | ---- | M] () -- C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
[2014/05/28 18:06:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
[2014/05/20 20:24:51 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/20 17:58:06 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/05/20 17:52:40 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/05/14 17:39:28 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/14 17:39:28 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/14 17:39:28 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/11 15:27:00 | 005,186,872 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/28 21:19:03 | 000,007,605 | ---- | C] () -- C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
[2014/05/20 20:24:51 | 000,001,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/05/20 20:24:51 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/20 17:58:06 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/05/20 17:53:50 | 000,000,920 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
[2014/05/20 17:53:45 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
[2014/05/20 17:52:40 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/04/22 17:04:32 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 17:54:33 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/10/29 12:59:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\XP-410.ini
[2013/09/23 01:04:06 | 000,008,192 | ---- | C] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 02:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 00:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/09/04 21:48:52 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Audacity
[2014/05/28 22:38:21 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/04/14 16:43:48 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\EncryptStick
[2013/11/13 09:40:08 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Epson
[2013/10/29 12:59:43 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Leadertech
[2013/01/16 23:29:12 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\OpenOffice.org
[2014/05/28 22:31:50 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Oracle
[2013/07/28 21:21:37 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\SmartPCFix
[2010/02/02 13:48:16 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Template
[2014/05/20 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Nick\SkyDrive:ms-properties
 
< End of report >
 

 

Not sure if it's needed but here's the OTL Extras.Txt Log

 

OTL Extras logfile created on: 5/28/2014 11:33:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nick\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 61.94% Memory free
7.91 Gb Paging File | 5.91 Gb Available in Paging File | 74.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.64 Gb Total Space | 131.56 Gb Free Space | 59.62% Space Free | Partition Type: NTFS
Drive D: | 12.24 Gb Total Space | 1.90 Gb Free Space | 15.51% Space Free | Partition Type: NTFS
 
Computer Name: NICK-PC | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{110A17CC-9911-4E5F-94A7-8275A222A000}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{30FA3292-6F08-4131-85A2-56C918BBEB81}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5935B322-3111-4583-AFF5-5375842D3FE0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{8394F4F7-9770-43CE-9A48-6DBB343AD053}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B890DB27-05E6-4FF9-A8B0-CE1AC2B4349A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BA660BB8-DABB-437F-89FD-1EEBE2578E2E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CA2D97BF-6E7D-4A53-A3B8-EEE27209BF50}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D21D7E92-8C4D-4DFD-984E-09214F96BCE2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{D276A966-3081-49B0-B382-A80378E1727B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{DE053210-635A-4DA2-80C8-AAD78ED1D5BC}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{DE1E8C13-95C5-4AA7-8459-A802513FE5F6}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{076BF3AE-9B69-416B-9D6D-B28BAE33BDDC}" = dir=out | [email protected]{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{0CF1BA45-4CF2-421B-8600-D330DF21E8F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0EB8C921-94AB-4A05-BC2B-A1621BBD098B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{14939F13-8AE9-41FC-B0AA-CEE96BB9C726}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{189F329D-9B69-4FEF-9CF6-B83AA16DFAEF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{197F12D6-C422-4DF0-B113-E1E2DD71C40B}" = dir=in | name=juniper networks junos pulse | 
"{19837125-F72A-49E2-A557-72D1C8D65BE3}" = dir=out | [email protected]{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{1F36B5DF-993C-40B0-A244-B94FFDE5E3B1}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{24BC505E-60A2-42C5-92F1-BE995CDBFB8D}" = dir=out | [email protected]{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{2764BE8D-4F87-436C-8A98-EB8E1E2253A5}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{2A607FC4-9637-4273-8C42-ED8F7DDD9520}" = dir=out | name=juniper networks junos pulse | 
"{30F1B034-69A1-43AF-9323-B1B465A8A4A4}" = dir=out | [email protected]{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{359F6B36-793D-44E2-844D-BD37195F67F7}" = dir=out | name=sonicwall mobile connect | 
"{3853DD12-F0D4-43B0-8010-D9FB4524AEAC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{387184F9-A09D-4BC7-AEC3-F5B484E576EF}" = dir=in | name=f5 vpn | 
"{39CE0D22-5F21-49B2-8CC6-EB838EBE9B6F}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"{3E60DF9A-722B-4EF5-AB76-2EBF0DFED71F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{40B4F666-8DF3-42D1-AC3D-5B559DB9CFA3}" = dir=out | [email protected]{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{48A2B2A5-0DD6-47B1-A90B-A647B7B88697}" = dir=out | [email protected]{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{48B39925-2800-4D51-AB29-A8DD08A6FC56}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{49A23D83-59C3-4DF1-B348-A5591983F2D2}" = dir=out | [email protected]{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{4C59266F-A9BA-48C7-B814-CAC505DF46CA}" = dir=in | name=skype | 
"{4C9319C5-A837-483E-B1A6-50F9E092BECC}" = dir=out | [email protected]{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{4D73E5A8-A96C-448F-BE0E-0FB1DFC8E4DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4DF43AA1-F643-4D8F-9A80-18FB764D5F40}" = dir=out | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{506B4B10-01C2-40D1-8A83-D9B343D8CA5C}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{5205C3CE-804E-4DD8-9EC1-40F9C8DE41B7}" = protocol=17 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{55AD464E-28C0-48A4-966B-F6549FFED06C}" = protocol=6 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{5AA2E3B5-C259-48B7-B420-1263880E4E23}" = dir=out | [email protected]{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{5B4570C5-7344-46DF-8A98-AC29F4A31275}" = dir=out | [email protected]{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{5C6DA89E-D29F-40CE-A368-30D2A8D4529C}" = dir=out | name=windows_ie_ac_001 | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{6AEA9EB6-9A0C-4235-A112-D78503B7B49C}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{6B10F6AD-1D04-4F84-B850-07F77900D02D}" = dir=out | [email protected]{microsoft.zunemusic_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{755CA83A-5FD2-4D99-A268-164305AB5D10}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{78F3205B-F440-4040-AFE8-A862B57F523C}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{7F70644B-EF01-4226-9778-2251FD5D5C3D}" = dir=out | [email protected]{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{854A8F2D-9D3A-4077-ABA2-FE868DDA2500}" = dir=out | [email protected]{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{889B03D3-8B35-4151-B77E-CD7D001A367C}" = dir=out | name=skype | 
"{89559A77-AB2E-46CD-8F7B-5A855919339D}" = dir=in | name=sonicwall mobile connect | 
"{915D5AE2-4ED8-4972-B20B-0F0F8D8F9FAE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{9943009B-D30C-4579-B9C1-5E2519771431}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{A36854D4-FADC-46F3-BEF3-5D5942709E42}" = protocol=6 | dir=out | app=system | 
"{A4F22217-9DEC-4683-9058-F77132086340}" = dir=out | [email protected]{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{A63FA485-153F-450C-8BD8-7EDE5FC2FEE6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A8C5CAC4-EF76-444D-9BC3-FD464E65F37F}" = dir=out | [email protected]{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{AB42D7A6-E471-47A2-AE17-4A57D2079A0C}" = dir=in | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{ABBDAF38-67A8-4AA0-96C3-3AD671907808}" = dir=in | app=c:\users\nick\appdata\local\microsoft\skydrive\skydrive.exe | 
"{B2BCFAE8-6670-4AD5-81D1-2D19B634E918}" = dir=out | name=windows_ie_ac_001 | 
"{B2E110C5-ECB8-47C3-928A-8EFE6FA6C137}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B636C935-B956-4A3A-BB6D-5496D766AFA2}" = dir=out | name=f5 vpn | 
"{BC2C9297-78F8-40D2-9222-B6E88610D1EF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{BE8F4665-4E5C-430F-B32E-56960A65158E}" = dir=in | name=check point vpn | 
"{BE95D2A6-386A-4CAD-984F-8F22F152D00E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{C11E0AAB-C31A-4B67-AB40-D3DA64F3CEB3}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{C3E50907-8895-41BF-972E-CBE8BADE2D5B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C557BCB9-EB02-4BB3-ACD9-4F1E5D4E7087}" = dir=out | [email protected]{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{D11C3D9B-FC1E-4E6A-992E-F2FB92E019C8}" = dir=out | name=check point vpn | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DEB0D3DC-BEA1-4E86-89EF-972B74C49EC8}" = dir=out | [email protected]{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA7865D9-AADE-4764-83B9-3A011051ED12}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F9EC7D44-FC82-4DAD-8CF0-63FC1A581869}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FD9DC411-0792-4E12-B98E-AB73F47C0EC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{90EDF2C5-E102-4A76-96EC-8B284573E66F}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{7F42A1E6-49F2-45A6-AEF5-92B55077A296}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft Mouse and Keyboard Center
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"EPSON XP-410 Series" = EPSON XP-410 Series Printer Uninstall
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{2970697F-2A11-4588-8B7F-97322D1CCF3C}" = Epson Event Manager
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{8C9EBE06-8BA2-4AEB-BFD8-6614072FE75F}" = SamsungSimpleDownloaderTool for SPH-D710
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}" = Software Updater
"{C0C1D2BC-72FE-4F77-A2F9-CD10D5AA8F93}" = SAMSUNG USB Driver for Mobile Phones V5.16.0.0
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"Adobe AIR" = Adobe AIR
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON Scanner" = EPSON Scan
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{8C9EBE06-8BA2-4AEB-BFD8-6614072FE75F}" = SamsungSimpleDownloaderTool for SPH-D710
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"Prism" = Prism Video File Converter
"UsersGuideEpson XP-410 User's Guide_is1" = Epson XP-410 User's Guide version 1.0
"VideoPad" = VideoPad Video Editor
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Google+ Auto Backup" = Google+ Auto Backup
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/29/2014 1:30:00 AM | Computer Name = Nick-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with
 error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 5/29/2014 1:34:19 AM | Computer Name = Nick-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
 failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/29/2014 1:34:27 AM | Computer Name = Nick-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
 failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/29/2014 1:40:04 AM | Computer Name = Nick-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with
 error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
[ System Events ]
Error - 5/29/2014 1:26:48 AM | Computer Name = Nick-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 5/29/2014 1:27:18 AM | Computer Name = Nick-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 5/29/2014 1:27:48 AM | Computer Name = Nick-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 5/29/2014 1:28:19 AM | Computer Name = Nick-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 5/29/2014 1:28:49 AM | Computer Name = Nick-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

Edited by BlackUfa, 29 May 2014 - 12:56 AM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello BlackUfa,

 

Welcome to Geekstogo.

 

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.


  • 1

#3
BlackUfa

BlackUfa

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you for your help and time!!

 

Here is the FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Nick (administrator) on NICK-PC on 10-06-2014 12:23:44
Running from C:\Users\Nick\Downloads
Platform: Windows 8.1 Pro (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1234216 2008-03-28] (Synaptics, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [googletalk] => C:\Users\Nick\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [GoogleChromeAutoLaunch_B9D48092DF53DE2F032C3C1B28E5E1A1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-13] (Google Inc.)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [Google Update] => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-20] (Google Inc.)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [Google+ Auto Backup] => C:\Users\Nick\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-03-26] (Google Inc.)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
SearchScopes: HKLM - DefaultScope {8633B2DC-E7FA-4574-8487-9D6684A7E0AC} URL = http://search.live.c...ms}&FORM=HPNTDF
SearchScopes: HKLM - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM - {8633B2DC-E7FA-4574-8487-9D6684A7E0AC} URL = http://search.live.c...ms}&FORM=HPNTDF
SearchScopes: HKLM-x32 - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = 
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\qq6xdbyx.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://google.com/
CHR StartupUrls: "hxxp://google.com/", "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-08-07]
CHR Extension: (Google Docs) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-15]
CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-15]
CHR Extension: (Adblock Plus) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-07]
CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-15]
CHR Extension: (AdBlock) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-07]
CHR Extension: (Isoball 3) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2013-08-07]
CHR Extension: (Google Voice (by Google)) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2013-08-07]
CHR Extension: (Google Wallet) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Hover Zoom) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-05-28]
CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-15]
CHR Extension: (Canvas Rider) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-08-07]
 
==================== Services (Whitelisted) =================
 
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-13] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-13] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-10 12:23 - 2014-06-10 12:24 - 00015112 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-06-10 12:23 - 2014-06-10 12:23 - 00000000 ____D () C:\FRST
2014-06-10 12:22 - 2014-06-10 12:22 - 02080768 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2014-05-29 01:49 - 2014-05-29 01:49 - 00000000 ____D () C:\Users\Nick\Desktop\OTL report
2014-05-28 23:47 - 2014-05-28 23:47 - 00107614 _____ () C:\Users\Nick\Downloads\OTL.Txt
2014-05-28 23:47 - 2014-05-28 23:47 - 00056492 _____ () C:\Users\Nick\Downloads\Extras.Txt
2014-05-28 23:33 - 2014-05-28 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe
2014-05-28 22:38 - 2014-05-28 22:38 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-05-28 22:36 - 2014-05-28 22:36 - 06431728 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-05-28 22:34 - 2014-05-28 22:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Oracle
2014-05-28 22:29 - 2014-05-28 22:29 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Sun
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-28 22:28 - 2014-05-28 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\Nick\Downloads\chromeinstall-7u60.exe
2014-05-28 22:11 - 2014-05-28 22:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 22:01 - 2014-05-28 22:01 - 01016261 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2014-05-28 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-28 21:48 - 2014-05-28 21:49 - 00854367 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2014-05-28 21:46 - 2014-05-28 21:46 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu (1).exe
2014-05-28 21:43 - 2014-05-28 21:43 - 00984576 _____ () C:\Users\Nick\Downloads\MicrosoftFixit50906.msi
2014-05-28 21:19 - 2014-05-28 21:19 - 00007605 _____ () C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
2014-05-20 20:24 - 2014-05-20 20:25 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2014-05-20 20:24 - 2014-05-20 20:24 - 00282928 _____ (Mozilla) C:\Users\Nick\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-20 20:24 - 2014-05-20 20:24 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 20:23 - 2014-05-20 20:23 - 00943384 _____ () C:\Users\Nick\Downloads\Firefox.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 17:58 - 2014-05-20 17:58 - 00002232 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-20 17:58 - 2014-05-20 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (3).exe
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (2).exe
2014-05-20 17:53 - 2014-06-10 12:13 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
2014-05-20 17:53 - 2014-06-02 18:06 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
2014-05-20 17:53 - 2014-05-20 18:01 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA
2014-05-20 17:53 - 2014-05-20 18:01 - 00003484 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-05-20 17:52 - 2014-05-20 17:52 - 00001126 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-05-20 17:51 - 2014-05-20 17:51 - 02721416 _____ (US Tech Support LLC) C:\Users\Nick\Downloads\SpeedCounts-PC-Optimizer.exe
2014-05-20 17:51 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-20 17:50 - 2014-05-20 17:50 - 17529160 _____ (Google Inc.) C:\Users\Nick\Downloads\picasa39-setup.exe
2014-05-20 17:28 - 2014-05-20 21:46 - 00000000 ____D () C:\Users\Nick\Documents\Charity
2014-05-14 18:26 - 2014-05-14 18:38 - 00000000 ____D () C:\Users\Nick\Documents\Letters
2014-05-14 17:33 - 2014-05-01 13:30 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-14 17:33 - 2014-05-01 13:30 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 17:25 - 2014-04-11 03:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 17:25 - 2014-04-11 03:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 17:25 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 17:25 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 17:25 - 2014-04-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 17:25 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 17:25 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 17:25 - 2014-04-10 20:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 17:25 - 2014-04-10 20:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 17:25 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 17:25 - 2014-04-10 20:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:25 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 17:25 - 2014-04-10 20:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:25 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 17:25 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 17:25 - 2014-04-10 20:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 17:25 - 2014-04-10 19:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 17:25 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 17:25 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 17:25 - 2014-04-10 19:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 17:25 - 2014-04-10 19:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 17:25 - 2014-04-10 19:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 17:25 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 17:25 - 2014-04-10 19:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 17:25 - 2014-04-10 19:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 17:25 - 2014-04-10 19:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 17:25 - 2014-04-10 19:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 17:25 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 17:25 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 17:25 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 17:25 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 17:25 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 17:24 - 2014-05-05 21:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 17:24 - 2014-05-05 20:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 17:24 - 2014-05-05 20:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 17:24 - 2014-05-05 19:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 17:24 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 17:24 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 17:24 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 17:24 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 17:24 - 2014-03-27 02:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 17:24 - 2014-03-27 00:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-11 15:23 - 2014-05-11 15:23 - 00000000 ____D () C:\Temp
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
 
==================== One Month Modified Files and Folders =======
 
2014-06-10 12:24 - 2014-06-10 12:23 - 00015112 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-06-10 12:24 - 2014-01-13 19:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\Temp
2014-06-10 12:23 - 2014-06-10 12:23 - 00000000 ____D () C:\FRST
2014-06-10 12:23 - 2012-12-20 21:41 - 01088000 ___SH () C:\Users\Nick\Downloads\Thumbs.db
2014-06-10 12:22 - 2014-06-10 12:22 - 02080768 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2014-06-10 12:16 - 2014-01-27 11:57 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ECDA5768-F7A9-4AC8-BD77-AEAE70ECC4EA}
2014-06-10 12:16 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-10 12:14 - 2014-01-13 19:39 - 01665093 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 12:14 - 2012-12-20 21:33 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 12:13 - 2014-05-20 17:53 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
2014-06-10 12:13 - 2014-01-30 12:11 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
2014-06-10 12:13 - 2014-01-30 12:11 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
2014-06-10 12:13 - 2014-01-30 12:11 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
2014-06-10 12:13 - 2014-01-30 12:11 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
2014-06-10 12:13 - 2014-01-30 12:08 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {082467FA-3012-44C1-B73E-8E136354997D}.job
2014-06-10 12:13 - 2014-01-30 12:08 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {082467FA-3012-44C1-B73E-8E136354997D}.job
2014-06-10 12:13 - 2013-10-29 12:57 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
2014-06-10 12:13 - 2013-10-29 12:57 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
2014-06-10 12:13 - 2013-10-24 17:03 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
2014-06-10 12:13 - 2013-10-24 17:03 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
2014-06-08 16:20 - 2012-12-20 21:21 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1251555134-3555320841-2832081066-1000
2014-06-08 16:16 - 2012-12-20 21:33 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 16:15 - 2014-01-27 11:55 - 00000000 ___RD () C:\Users\Nick\SkyDrive
2014-06-08 16:14 - 2014-01-13 19:18 - 00000000 ____D () C:\Users\Nick
2014-06-08 16:14 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-02 18:06 - 2014-05-20 17:53 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
2014-06-01 11:54 - 2013-06-12 17:06 - 00562688 ___SH () C:\Users\Nick\Desktop\Thumbs.db
2014-05-29 01:49 - 2014-05-29 01:49 - 00000000 ____D () C:\Users\Nick\Desktop\OTL report
2014-05-28 23:47 - 2014-05-28 23:47 - 00107614 _____ () C:\Users\Nick\Downloads\OTL.Txt
2014-05-28 23:47 - 2014-05-28 23:47 - 00056492 _____ () C:\Users\Nick\Downloads\Extras.Txt
2014-05-28 23:33 - 2014-05-28 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe
2014-05-28 22:38 - 2014-05-28 22:38 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-05-28 22:36 - 2014-05-28 22:36 - 06431728 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-05-28 22:34 - 2014-05-28 22:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Oracle
2014-05-28 22:29 - 2014-05-28 22:29 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Sun
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-28 22:28 - 2014-05-28 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\Nick\Downloads\chromeinstall-7u60.exe
2014-05-28 22:11 - 2014-05-28 22:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 22:05 - 2013-11-14 00:20 - 00330080 _____ () C:\WINDOWS\PFRO.log
2014-05-28 22:04 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-28 22:01 - 2014-05-28 22:01 - 01016261 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2014-05-28 21:49 - 2014-05-28 21:48 - 00854367 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2014-05-28 21:46 - 2014-05-28 21:46 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu (1).exe
2014-05-28 21:43 - 2014-05-28 21:43 - 00984576 _____ () C:\Users\Nick\Downloads\MicrosoftFixit50906.msi
2014-05-28 21:36 - 2014-04-23 14:38 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-28 21:19 - 2014-05-28 21:19 - 00007605 _____ () C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
2014-05-28 21:12 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-28 20:17 - 2013-02-10 23:27 - 00000000 ___RD () C:\Users\Nick\Google Drive
2014-05-28 18:37 - 2011-05-30 15:51 - 00000000 ____D () C:\Users\Nick\Documents\Hunting
2014-05-20 21:46 - 2014-05-20 17:28 - 00000000 ____D () C:\Users\Nick\Documents\Charity
2014-05-20 20:25 - 2014-05-20 20:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2014-05-20 20:25 - 2012-12-20 21:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2014-05-20 20:24 - 2014-05-20 20:24 - 00282928 _____ (Mozilla) C:\Users\Nick\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-20 20:24 - 2014-05-20 20:24 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 20:23 - 2014-05-20 20:23 - 00943384 _____ () C:\Users\Nick\Downloads\Firefox.exe
2014-05-20 20:22 - 2012-12-20 21:14 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2014-05-20 20:21 - 2013-06-12 16:30 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\uTorrent
2014-05-20 18:58 - 2014-05-20 18:58 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 18:01 - 2014-05-20 17:53 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA
2014-05-20 18:01 - 2014-05-20 17:53 - 00003484 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core
2014-05-20 17:58 - 2014-05-20 17:58 - 00002232 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-20 17:58 - 2014-05-20 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-20 17:57 - 2012-12-20 21:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-20 17:57 - 2012-12-20 21:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\Google
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (3).exe
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (2).exe
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-05-20 17:52 - 2014-05-20 17:52 - 00001126 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-05-20 17:51 - 2014-05-20 17:51 - 02721416 _____ (US Tech Support LLC) C:\Users\Nick\Downloads\SpeedCounts-PC-Optimizer.exe
2014-05-20 17:51 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-20 17:50 - 2014-05-20 17:50 - 17529160 _____ (Google Inc.) C:\Users\Nick\Downloads\picasa39-setup.exe
2014-05-20 00:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 18:38 - 2014-05-14 18:26 - 00000000 ____D () C:\Users\Nick\Documents\Letters
2014-05-14 18:38 - 2011-03-14 13:39 - 00000000 ____D () C:\Users\Nick\Documents\envelopes adress
2014-05-14 17:52 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-14 17:39 - 2013-11-14 00:29 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-14 17:36 - 2012-12-20 21:15 - 00000000 ___RD () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:36 - 2012-12-20 21:15 - 00000000 ___RD () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:28 - 2013-08-20 00:03 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 17:27 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-14 17:27 - 2012-12-22 10:30 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-11 15:38 - 2013-02-10 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-11 15:31 - 2012-12-20 21:33 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 15:31 - 2012-12-20 21:33 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-11 15:27 - 2013-08-22 07:44 - 05186872 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-11 15:23 - 2014-05-11 15:23 - 00000000 ____D () C:\Temp
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-29 00:16
 
==================== End Of Log ============================
 
And here is the Addition log:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Nick at 2014-06-10 12:25:20
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.01 - NCH Software)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones V5.16.0.0 (HKLM-x32\...\{C0C1D2BC-72FE-4F77-A2F9-CD10D5AA8F93}) (Version: 1.2.2200.0 - SAMSUNG Electronics CO., LTD.)
SamsungSimpleDownloaderTool for SPH-D710 (HKLM-x32\...\InstallShield_{8C9EBE06-8BA2-4AEB-BFD8-6614072FE75F}) (Version: 1.0.047 - Samsung Electronics)
SamsungSimpleDownloaderTool for SPH-D710 (x32 Version: 1.0.047 - Samsung Electronics) Hidden
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.10 - NCH Software)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
 
==================== Restore Points  =========================
 
22-05-2014 02:51:34 Scheduled Checkpoint
29-05-2014 03:57:50 Removed US Tech Support Framework
 
==================== Hosts content: ==========================
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1690410D-93C5-42EF-A111-7C7338DFFAB9} - System32\Tasks\EPSON XP-410 Series Invitation {AC08CF5A-45D6-45CE-899D-485067E7D139} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {1AC14D0E-723C-4E80-AE08-FB6CF9D0F8C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {1EB73A26-731E-479D-824E-B7452C2ED960} - System32\Tasks\EPSON XP-410 Series Invitation {8DB8FA58-F080-4E35-A176-4DD394B43511} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28F00467-B74C-4664-8B82-5C9C52E92D6A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-20] (Google Inc.)
Task: {299603BC-B0B5-4F02-9D0E-2B129FCBAE24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-20] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33F63F73-EAFE-4E81-A49B-373077E6E7B4} - System32\Tasks\EPSON XP-410 Series Update {A156C4E3-6350-4F00-B615-9F8E694FCE79} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D9A2E03-1AFE-4775-AC48-D8B0B49350F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {421F9D81-E6D7-44BE-891C-0A38671B25B6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DE8AD5A-E387-4479-ABED-8051796335F7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {51955399-8F46-4870-B0D4-957B7E6501D2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5EE2318A-4403-42A8-8B21-AA958CD55D26} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76443D60-BEDA-4DE2-A416-E988CE4E77CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {78E55513-EDD2-4588-B1BE-BDD9FC7805EC} - System32\Tasks\AdobeAAMUpdater-1.0-Nick-PC-Nick => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {96798A86-FA32-4010-840D-1C7B64703D9E} - System32\Tasks\EPSON XP-410 Series Invitation {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {9C78BC0F-BC93-4136-9D5C-79BA65A5D1D9} - System32\Tasks\EPSON XP-410 Series Invitation {A156C4E3-6350-4F00-B615-9F8E694FCE79} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AEB85EFE-DB45-4425-9F14-BDFEF70152BE} - System32\Tasks\EPSON XP-410 Series Invitation {082467FA-3012-44C1-B73E-8E136354997D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B4764E65-3028-4404-9C1D-0AD458DDC8A2} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {BFFFFF38-1BFF-45A3-90EF-EA7DFC29F7DB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {C3D47BF1-F5BF-4E93-8418-AA87882449BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {CFDBC1B2-4E60-4838-A729-254CA8CBFA82} - System32\Tasks\EPSON XP-410 Series Update {082467FA-3012-44C1-B73E-8E136354997D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D25D6E9C-9986-4969-924F-81C4DE409FDE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DA5E8635-6869-4C77-8A76-EA3AA7270FC3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ECBB6EEC-6EFD-4DD1-B859-15475B54106D} - System32\Tasks\EPSON XP-410 Series Update {8DB8FA58-F080-4E35-A176-4DD394B43511} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F3A2DEFC-DB5C-4D89-89D0-A16A5C28323E} - System32\Tasks\EPSON XP-410 Series Update {AC08CF5A-45D6-45CE-899D-485067E7D139} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F5179241-D655-49E4-B335-B41DB6B7A43F} - System32\Tasks\EPSON XP-410 Series Update {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {FDC48073-5B37-44D3-83A3-1883C57F602E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {082467FA-3012-44C1-B73E-8E136354997D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {8DB8FA58-F080-4E35-A176-4DD394B43511}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {AC08CF5A-45D6-45CE-899D-485067E7D139}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {082467FA-3012-44C1-B73E-8E136354997D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {8DB8FA58-F080-4E35-A176-4DD394B43511}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {AC08CF5A-45D6-45CE-899D-485067E7D139}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-27 14:36 - 2014-05-13 16:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-27 14:36 - 2014-05-13 16:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-27 14:36 - 2014-05-13 16:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-27 14:36 - 2014-05-13 16:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-27 14:36 - 2014-05-13 16:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Nick\Cookies:Jvo6ZKckTWnpLdMfRr7Tn0Y
AlternateDataStreams: C:\Users\Nick\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Nick\Downloads\Fwd_ NOT DONE WITH YOU YET! Blessings multiplied,.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/10/2014 00:25:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (06/10/2014 00:23:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4485
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4485
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3063
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3063
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/10/2014 00:13:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1547
 
Error: (06/10/2014 00:13:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1547
 
 
System errors:
=============
Error: (06/10/2014 00:14:02 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (06/08/2014 05:20:49 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (06/08/2014 04:25:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (06/08/2014 04:15:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (06/08/2014 04:14:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:15:57 PM on ‎6/‎3/‎2014 was unexpected.
 
Error: (06/01/2014 11:43:15 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (05/28/2014 10:28:49 PM) (Source: DCOM) (EventID: 10010) (User: NICK-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (05/28/2014 10:28:19 PM) (Source: DCOM) (EventID: 10010) (User: NICK-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (05/28/2014 10:27:48 PM) (Source: DCOM) (EventID: 10010) (User: NICK-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (05/28/2014 10:27:18 PM) (Source: DCOM) (EventID: 10010) (User: NICK-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (06/10/2014 00:25:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_enu (1).exe
 
Error: (06/10/2014 00:23:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_enu.exe
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4485
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4485
 
Error: (06/10/2014 00:14:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3063
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3063
 
Error: (06/10/2014 00:14:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/10/2014 00:13:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1547
 
Error: (06/10/2014 00:13:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1547
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-01 15:25:31.111
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:24:32.263
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:19:48.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:19:48.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:19:48.510
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:19:48.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:17:17.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:17:11.823
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:17:07.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-06-01 15:16:54.540
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 45%
Total physical RAM: 3999.19 MB
Available physical RAM: 2198.68 MB
Total Pagefile: 8095.19 MB
Available Pagefile: 5889.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.64 GB) (Free:127.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:12.24 GB) (Free:1.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 155E524B)
Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello BlackUfa,

You have a lot of Google stuff going on at start up which may be slowing start up down.

There is some other bits and pieces too.

Let's attack that.

Quite a bit to do in this post. You might like to print the instructions out and take it slowly step by step. :)

Now

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

After that

Download TFC.exe from  here (Vista and above users right click and run as Administrator).

If you are asked "Do you want to allow the following program..." click yes.

The "Temp file cleaner by Oldtimer" console will pop up. Click continue and allow it to do it's job.

You may be asked to reboot when it is finished. Please do so.

If you are not asked to reboot you may be confronted with two windows. One will be the Temp File Cleaner console with a report of what has been cleaned. The other will just be a window showing your libraries etc. They can both be closed.

You are finished.

Finally in this post
 

  • Please run Farbars Recovery Scan Tool again
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

So when you return please post

  • Fixlog.txt
  • AdwCleaner log
  • FRST.txt

 

 


  • 0

#5
BlackUfa

BlackUfa

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Ok, I've done all you asked. 

 

Here is the fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014

Ran by Nick at 2014-06-10 21:07:35 Run:1
Running from C:\Users\Nick\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {8633B2DC-E7FA-4574-8487-9D6684A7E0AC} URL = http://search.live.c...ms}&FORM=HPNTDF
SearchScopes: HKLM - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM - {8633B2DC-E7FA-4574-8487-9D6684A7E0AC} URL = http://search.live.c...ms}&FORM=HPNTDF
SearchScopes: HKLM-x32 - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {759345B3-AC48-4804-9E40-35C185F07A7A} URL = 
AlternateDataStreams: C:\Users\Nick\Cookies:Jvo6ZKckTWnpLdMfRr7Tn0Y
AlternateDataStreams: C:\Users\Nick\Downloads\Fwd_ NOT DONE WITH YOU YET! Blessings multiplied,.eml:OECustomProperty
*****************
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{759345B3-AC48-4804-9E40-35C185F07A7A}' => Key deleted successfully.
'HKCR\CLSID\{759345B3-AC48-4804-9E40-35C185F07A7A}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8633B2DC-E7FA-4574-8487-9D6684A7E0AC}' => Key deleted successfully.
'HKCR\CLSID\{8633B2DC-E7FA-4574-8487-9D6684A7E0AC}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{759345B3-AC48-4804-9E40-35C185F07A7A}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{759345B3-AC48-4804-9E40-35C185F07A7A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}' => Key deleted successfully.
'HKCR\CLSID\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}' => Key deleted successfully.
'HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{759345B3-AC48-4804-9E40-35C185F07A7A}' => Key deleted successfully.
'HKCR\CLSID\{759345B3-AC48-4804-9E40-35C185F07A7A}'=> Key not found.
"C:\Users\Nick\Cookies" => ":Jvo6ZKckTWnpLdMfRr7Tn0Y" ADS not found.
C:\Users\Nick\Downloads\Fwd_ NOT DONE WITH YOU YET! Blessings multiplied,.eml => ":OECustomProperty" ADS removed successfully.
 
==== End of Fixlog ====
 
Here is the AdwCleaner Log
 
# AdwCleaner v3.212 - Report created 10/06/2014 at 21:13:06
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Nick - NICK-PC
# Running from : C:\Users\Nick\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\qq6xdbyx.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [872 octets] - [10/06/2014 21:11:45]
AdwCleaner[S0].txt - [794 octets] - [10/06/2014 21:13:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [853 octets] ##########
 
And here is the FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014
Ran by Nick (administrator) on NICK-PC on 10-06-2014 21:30:54
Running from C:\Users\Nick\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1234216 2008-03-28] (Synaptics, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [googletalk] => C:\Users\Nick\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [GoogleChromeAutoLaunch_B9D48092DF53DE2F032C3C1B28E5E1A1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-13] (Google Inc.)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [Google Update] => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-20] (Google Inc.)
HKU\S-1-5-21-1251555134-3555320841-2832081066-1000\...\Run: [Google+ Auto Backup] => C:\Users\Nick\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-03-26] (Google Inc.)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\qq6xdbyx.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://google.com/
CHR StartupUrls: "hxxp://google.com/", "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-08-07]
CHR Extension: (Google Docs) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-15]
CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-15]
CHR Extension: (Adblock Plus) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-07]
CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-15]
CHR Extension: (AdBlock) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-07]
CHR Extension: (Isoball 3) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2013-08-07]
CHR Extension: (Google Voice (by Google)) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2013-08-07]
CHR Extension: (Google Wallet) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Hover Zoom) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-05-28]
CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-15]
CHR Extension: (Canvas Rider) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-08-07]
 
==================== Services (Whitelisted) =================
 
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-13] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-13] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-10 21:26 - 2014-06-10 21:26 - 00448512 _____ (OldTimer Tools) C:\Users\Nick\Desktop\TFC.exe
2014-06-10 21:11 - 2014-06-10 21:13 - 00000000 ____D () C:\AdwCleaner
2014-06-10 21:09 - 2014-06-10 21:09 - 01333465 _____ () C:\Users\Nick\Desktop\AdwCleaner.exe
2014-06-10 21:04 - 2014-06-10 21:04 - 00000000 ____D () C:\Users\Nick\Desktop\FRST-OlderVersion
2014-06-10 17:08 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-10 17:08 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-10 17:08 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-10 17:08 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-10 17:08 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-10 17:08 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-10 17:08 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-10 17:08 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-10 17:08 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-10 17:08 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-10 17:08 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-10 17:08 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-10 17:08 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-10 17:08 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-10 17:08 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-10 17:08 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-10 17:08 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-10 17:08 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-10 17:08 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-10 17:08 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-10 17:08 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-10 17:08 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-10 17:08 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-10 17:08 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-10 17:08 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-10 17:08 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-10 17:08 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-10 17:08 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-10 17:08 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-10 17:08 - 2014-05-09 20:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-10 17:08 - 2014-05-09 20:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-10 17:08 - 2014-05-04 21:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-10 17:08 - 2014-04-30 04:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-10 17:08 - 2014-04-29 20:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-10 17:08 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-10 17:08 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-10 17:08 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-10 17:08 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-10 17:08 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-10 17:08 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-10 17:08 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-10 17:08 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-10 17:08 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-10 17:08 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-10 17:08 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-10 17:08 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-10 17:07 - 2014-05-08 16:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-10 17:07 - 2014-05-03 00:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-10 17:07 - 2014-05-02 21:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-10 17:07 - 2014-05-02 21:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-10 17:07 - 2014-05-02 20:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-10 17:07 - 2014-05-02 20:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-10 17:07 - 2014-04-18 07:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-10 17:07 - 2014-04-18 07:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-10 17:07 - 2014-04-18 06:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-10 17:07 - 2014-04-18 02:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-10 17:07 - 2014-04-18 02:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-10 17:07 - 2014-04-18 01:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-10 17:07 - 2014-04-18 01:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-10 17:07 - 2014-04-18 01:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-10 17:07 - 2014-04-18 01:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-10 17:07 - 2014-04-18 00:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-10 17:07 - 2014-04-18 00:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-10 17:07 - 2014-04-14 02:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-10 17:07 - 2014-04-14 01:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-10 17:07 - 2014-04-10 21:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-10 17:07 - 2014-04-10 21:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-10 17:07 - 2014-04-10 20:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-10 17:07 - 2014-04-09 04:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-10 17:07 - 2014-04-08 23:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-10 17:07 - 2014-04-08 22:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-10 17:07 - 2014-04-08 21:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-10 17:07 - 2014-04-08 20:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-10 17:07 - 2014-04-07 19:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-10 17:07 - 2014-04-06 09:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-10 17:07 - 2014-04-06 09:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-10 17:07 - 2014-04-06 09:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-10 17:07 - 2014-04-06 09:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-10 17:07 - 2014-04-06 09:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-10 17:07 - 2014-04-06 09:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-10 17:07 - 2014-04-06 09:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-10 17:07 - 2014-04-06 09:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-10 17:07 - 2014-04-06 09:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-10 17:07 - 2014-04-06 08:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-10 17:07 - 2014-04-06 08:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-10 17:07 - 2014-04-06 08:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-10 17:07 - 2014-04-06 08:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-10 17:07 - 2014-04-06 07:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-10 17:07 - 2014-04-06 05:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-10 17:07 - 2014-04-06 05:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-10 17:07 - 2014-04-06 04:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-10 17:07 - 2014-04-06 04:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-10 17:07 - 2014-04-06 04:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-10 17:07 - 2014-04-06 03:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-10 17:07 - 2014-04-06 03:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-10 17:07 - 2014-04-06 03:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-10 17:07 - 2014-04-06 03:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-10 17:07 - 2014-04-06 03:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-10 17:07 - 2014-04-06 02:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-10 17:07 - 2014-04-03 01:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-10 17:07 - 2014-04-03 01:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-10 17:07 - 2014-04-03 01:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-10 17:07 - 2014-04-03 00:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-10 17:07 - 2014-04-03 00:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-10 17:07 - 2014-04-02 21:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-10 17:07 - 2014-04-02 21:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-10 17:07 - 2014-04-02 20:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-10 17:07 - 2014-04-02 19:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-10 17:07 - 2014-04-02 19:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-10 17:07 - 2014-04-02 19:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-10 17:07 - 2014-04-02 19:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-10 17:07 - 2014-04-02 19:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-10 17:07 - 2014-04-02 19:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-10 17:07 - 2014-03-31 23:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-10 17:07 - 2014-03-30 22:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-10 17:07 - 2014-03-30 15:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-10 17:07 - 2014-03-28 08:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-10 17:07 - 2014-03-26 23:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-10 17:07 - 2014-03-26 22:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-10 17:07 - 2014-03-26 21:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-10 17:07 - 2014-03-26 21:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-10 17:07 - 2014-03-26 20:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-10 17:07 - 2014-03-26 20:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-10 17:07 - 2014-03-26 20:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-10 17:07 - 2014-03-24 15:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-10 17:07 - 2014-03-20 21:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-10 17:07 - 2014-03-19 20:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-10 17:07 - 2014-03-19 17:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-10 17:07 - 2014-03-19 17:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-10 17:07 - 2014-03-19 16:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-10 17:07 - 2014-03-19 16:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-10 17:07 - 2014-03-19 01:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-10 17:07 - 2014-03-18 21:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-10 17:07 - 2014-03-18 01:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-10 17:07 - 2014-03-17 22:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-10 17:07 - 2014-03-17 21:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-10 17:07 - 2014-03-16 22:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-10 17:07 - 2014-03-16 21:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-10 17:07 - 2014-03-16 20:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-10 17:07 - 2014-03-16 19:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-10 17:07 - 2014-03-16 19:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-10 17:07 - 2014-03-13 23:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-10 17:07 - 2014-03-13 23:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-10 17:07 - 2014-03-06 05:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-10 17:06 - 2014-05-18 23:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-10 17:06 - 2014-05-18 23:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-10 17:06 - 2014-05-18 22:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-10 17:06 - 2014-05-01 06:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-10 17:06 - 2014-05-01 06:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-10 17:06 - 2014-05-01 00:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-10 17:06 - 2014-05-01 00:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-10 17:06 - 2014-04-30 23:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-10 17:06 - 2014-04-30 22:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-10 17:06 - 2014-04-29 21:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-10 17:06 - 2014-04-29 21:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-10 17:06 - 2014-04-29 20:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-10 17:06 - 2014-04-06 05:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-10 17:06 - 2014-04-06 05:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-10 17:06 - 2014-04-06 05:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-10 17:06 - 2014-04-06 04:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-10 17:06 - 2014-04-06 04:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-10 17:06 - 2014-04-02 19:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-10 17:06 - 2014-03-30 17:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-10 17:06 - 2014-03-30 17:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-10 17:06 - 2014-03-30 16:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-10 17:06 - 2014-03-30 15:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-10 17:06 - 2014-03-30 15:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-10 17:06 - 2014-03-30 15:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-10 17:06 - 2014-03-30 14:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-10 17:06 - 2014-03-26 21:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-10 17:06 - 2014-03-19 01:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-10 17:06 - 2014-03-19 00:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-10 17:06 - 2014-03-19 00:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-10 17:06 - 2014-03-18 23:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-10 17:06 - 2014-03-18 22:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-10 17:06 - 2014-03-18 22:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-10 17:06 - 2014-03-18 22:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-10 17:06 - 2014-03-18 22:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-10 17:06 - 2014-03-18 22:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-10 17:06 - 2014-03-18 22:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-10 17:06 - 2014-03-18 21:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-10 17:06 - 2014-03-18 21:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-10 17:04 - 2014-06-10 17:04 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 12:47 - 2014-06-10 21:30 - 00013925 _____ () C:\Users\Nick\Desktop\FRST.txt
2014-06-10 12:47 - 2014-06-10 12:47 - 00032192 _____ () C:\Users\Nick\Desktop\Addition.txt
2014-06-10 12:25 - 2014-06-10 12:25 - 00032192 _____ () C:\Users\Nick\Downloads\Addition.txt
2014-06-10 12:23 - 2014-06-10 21:30 - 00000000 ____D () C:\FRST
2014-06-10 12:23 - 2014-06-10 12:25 - 00041852 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-06-10 12:22 - 2014-06-10 21:04 - 02081792 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe
2014-05-28 23:47 - 2014-05-28 23:47 - 00107614 _____ () C:\Users\Nick\Downloads\OTL.Txt
2014-05-28 23:47 - 2014-05-28 23:47 - 00056492 _____ () C:\Users\Nick\Downloads\Extras.Txt
2014-05-28 23:33 - 2014-05-28 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe
2014-05-28 22:38 - 2014-05-28 22:38 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-05-28 22:36 - 2014-05-28 22:36 - 06431728 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-05-28 22:34 - 2014-05-28 22:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Oracle
2014-05-28 22:29 - 2014-05-28 22:29 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Sun
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-28 22:28 - 2014-05-28 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\Nick\Downloads\chromeinstall-7u60.exe
2014-05-28 22:11 - 2014-05-28 22:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 22:01 - 2014-05-28 22:01 - 01016261 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2014-05-28 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-28 21:48 - 2014-05-28 21:49 - 00854367 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2014-05-28 21:46 - 2014-05-28 21:46 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu (1).exe
2014-05-28 21:43 - 2014-05-28 21:43 - 00984576 _____ () C:\Users\Nick\Downloads\MicrosoftFixit50906.msi
2014-05-28 21:19 - 2014-05-28 21:19 - 00007605 _____ () C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
2014-05-20 20:24 - 2014-05-20 20:25 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2014-05-20 20:24 - 2014-05-20 20:24 - 00282928 _____ (Mozilla) C:\Users\Nick\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-20 20:24 - 2014-05-20 20:24 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 20:23 - 2014-05-20 20:23 - 00943384 _____ () C:\Users\Nick\Downloads\Firefox.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 17:58 - 2014-05-20 17:58 - 00002232 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-20 17:58 - 2014-05-20 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (3).exe
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (2).exe
2014-05-20 17:53 - 2014-06-10 21:06 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
2014-05-20 17:53 - 2014-06-02 18:06 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
2014-05-20 17:53 - 2014-05-20 18:01 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA
2014-05-20 17:53 - 2014-05-20 18:01 - 00003484 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-05-20 17:52 - 2014-05-20 17:52 - 00001126 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-05-20 17:51 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-20 17:50 - 2014-05-20 17:50 - 17529160 _____ (Google Inc.) C:\Users\Nick\Downloads\picasa39-setup.exe
2014-05-20 17:28 - 2014-05-20 21:46 - 00000000 ____D () C:\Users\Nick\Documents\Charity
2014-05-14 18:26 - 2014-05-14 18:38 - 00000000 ____D () C:\Users\Nick\Documents\Letters
2014-05-14 17:33 - 2014-05-30 22:13 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-14 17:33 - 2014-05-30 22:13 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 17:25 - 2014-04-11 03:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 17:25 - 2014-04-11 03:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 17:25 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 17:25 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 17:25 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 17:25 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 17:25 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 17:25 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 17:25 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 17:25 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 17:25 - 2014-04-10 20:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 17:25 - 2014-04-10 19:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 17:25 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 17:25 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 17:25 - 2014-04-10 19:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 17:25 - 2014-04-10 19:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 17:25 - 2014-04-10 19:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 17:25 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 17:25 - 2014-04-10 19:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 17:25 - 2014-04-10 19:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 17:25 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 17:25 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 17:25 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 17:25 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 17:25 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 17:24 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 17:24 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 17:24 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 17:24 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-11 15:23 - 2014-05-11 15:23 - 00000000 ____D () C:\Temp
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
 
==================== One Month Modified Files and Folders =======
 
2014-06-10 21:31 - 2014-06-10 12:47 - 00013925 _____ () C:\Users\Nick\Desktop\FRST.txt
2014-06-10 21:31 - 2014-01-13 19:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\Temp
2014-06-10 21:30 - 2014-06-10 12:23 - 00000000 ____D () C:\FRST
2014-06-10 21:30 - 2010-12-13 19:49 - 00197251 _____ () C:\Users\Nick\Downloads\Fwd_ NOT DONE WITH YOU YET! Blessings multiplied,.eml
2014-06-10 21:27 - 2013-06-12 17:06 - 00562688 ___SH () C:\Users\Nick\Desktop\Thumbs.db
2014-06-10 21:27 - 2012-12-20 21:41 - 01093632 ___SH () C:\Users\Nick\Downloads\Thumbs.db
2014-06-10 21:27 - 2012-12-20 21:21 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1251555134-3555320841-2832081066-1000
2014-06-10 21:26 - 2014-06-10 21:26 - 00448512 _____ (OldTimer Tools) C:\Users\Nick\Desktop\TFC.exe
2014-06-10 21:26 - 2013-11-14 00:29 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-10 21:24 - 2014-01-27 11:57 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ECDA5768-F7A9-4AC8-BD77-AEAE70ECC4EA}
2014-06-10 21:22 - 2014-01-27 11:55 - 00000000 ___RD () C:\Users\Nick\SkyDrive
2014-06-10 21:22 - 2012-12-20 21:33 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 21:21 - 2012-12-20 21:15 - 00000000 ___RD () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-10 21:21 - 2012-12-20 21:15 - 00000000 ___RD () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-10 21:20 - 2013-11-14 00:20 - 00330394 _____ () C:\WINDOWS\PFRO.log
2014-06-10 21:20 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-10 21:20 - 2013-08-22 07:44 - 05186872 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-10 21:18 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-10 21:18 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-10 21:18 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-10 21:17 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-10 21:17 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-10 21:14 - 2014-01-13 19:39 - 02071530 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 21:13 - 2014-06-10 21:11 - 00000000 ____D () C:\AdwCleaner
2014-06-10 21:11 - 2014-01-30 12:11 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
2014-06-10 21:11 - 2014-01-30 12:11 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
2014-06-10 21:11 - 2014-01-30 12:11 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A3AE90B6-DE83-4FCF-942A-94D8CEAB9CF8}.job
2014-06-10 21:11 - 2014-01-30 12:11 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {8DB8FA58-F080-4E35-A176-4DD394B43511}.job
2014-06-10 21:09 - 2014-06-10 21:09 - 01333465 _____ () C:\Users\Nick\Desktop\AdwCleaner.exe
2014-06-10 21:08 - 2014-01-30 12:08 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {082467FA-3012-44C1-B73E-8E136354997D}.job
2014-06-10 21:08 - 2014-01-30 12:08 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {082467FA-3012-44C1-B73E-8E136354997D}.job
2014-06-10 21:06 - 2014-05-20 17:53 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA.job
2014-06-10 21:04 - 2014-06-10 21:04 - 00000000 ____D () C:\Users\Nick\Desktop\FRST-OlderVersion
2014-06-10 21:04 - 2014-06-10 12:22 - 02081792 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe
2014-06-10 21:03 - 2013-10-24 17:03 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
2014-06-10 21:03 - 2013-10-24 17:03 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {A156C4E3-6350-4F00-B615-9F8E694FCE79}.job
2014-06-10 21:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-10 20:57 - 2013-10-29 12:57 - 00000935 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
2014-06-10 20:57 - 2013-10-29 12:57 - 00000749 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {AC08CF5A-45D6-45CE-899D-485067E7D139}.job
2014-06-10 20:45 - 2014-04-02 14:08 - 00000000 ____D () C:\Users\Nick\Documents\Cars
2014-06-10 20:36 - 2012-12-20 21:33 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 20:20 - 2013-08-20 00:03 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-10 20:20 - 2012-12-22 10:30 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-10 17:06 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-10 17:04 - 2014-06-10 17:04 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 12:47 - 2014-06-10 12:47 - 00032192 _____ () C:\Users\Nick\Desktop\Addition.txt
2014-06-10 12:33 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-10 12:25 - 2014-06-10 12:25 - 00032192 _____ () C:\Users\Nick\Downloads\Addition.txt
2014-06-10 12:25 - 2014-06-10 12:23 - 00041852 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-06-08 16:14 - 2014-01-13 19:18 - 00000000 ____D () C:\Users\Nick
2014-06-02 18:06 - 2014-05-20 17:53 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core.job
2014-05-30 22:13 - 2014-05-14 17:33 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-30 22:13 - 2014-05-14 17:33 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 03:21 - 2014-06-10 17:08 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 02:45 - 2014-06-10 17:08 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 02:28 - 2014-06-10 17:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 02:20 - 2014-06-10 17:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 02:18 - 2014-06-10 17:08 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 02:08 - 2014-06-10 17:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 02:06 - 2014-06-10 17:08 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 01:46 - 2014-06-10 17:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 01:44 - 2014-06-10 17:08 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 01:43 - 2014-06-10 17:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 01:38 - 2014-06-10 17:08 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 01:35 - 2014-06-10 17:08 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 01:29 - 2014-06-10 17:08 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 01:27 - 2014-06-10 17:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 01:23 - 2014-06-10 17:08 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 01:16 - 2014-06-10 17:08 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 01:04 - 2014-06-10 17:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 01:02 - 2014-06-10 17:08 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 00:56 - 2014-06-10 17:08 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 00:56 - 2014-06-10 17:08 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 00:54 - 2014-06-10 17:08 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 00:49 - 2014-06-10 17:08 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 00:43 - 2014-06-10 17:08 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 00:40 - 2014-06-10 17:08 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 00:30 - 2014-06-10 17:08 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 00:21 - 2014-06-10 17:08 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 00:15 - 2014-06-10 17:08 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 00:13 - 2014-06-10 17:08 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 00:13 - 2014-06-10 17:08 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-28 23:47 - 2014-05-28 23:47 - 00107614 _____ () C:\Users\Nick\Downloads\OTL.Txt
2014-05-28 23:47 - 2014-05-28 23:47 - 00056492 _____ () C:\Users\Nick\Downloads\Extras.Txt
2014-05-28 23:33 - 2014-05-28 23:33 - 00602112 _____ (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe
2014-05-28 22:38 - 2014-05-28 22:38 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-05-28 22:36 - 2014-05-28 22:36 - 06431728 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-05-28 22:34 - 2014-05-28 22:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-28 22:31 - 2014-05-28 22:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Oracle
2014-05-28 22:29 - 2014-05-28 22:29 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-28 22:29 - 2014-05-28 22:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Sun
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-28 22:29 - 2014-05-28 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-28 22:28 - 2014-05-28 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\Nick\Downloads\chromeinstall-7u60.exe
2014-05-28 22:11 - 2014-05-28 22:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 22:01 - 2014-05-28 22:01 - 01016261 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2014-05-28 21:49 - 2014-05-28 21:48 - 00854367 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2014-05-28 21:46 - 2014-05-28 21:46 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu (1).exe
2014-05-28 21:43 - 2014-05-28 21:43 - 00984576 _____ () C:\Users\Nick\Downloads\MicrosoftFixit50906.msi
2014-05-28 21:36 - 2014-04-23 14:38 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-28 21:19 - 2014-05-28 21:19 - 00007605 _____ () C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
2014-05-28 21:12 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-28 20:17 - 2013-02-10 23:27 - 00000000 ___RD () C:\Users\Nick\Google Drive
2014-05-28 18:37 - 2011-05-30 15:51 - 00000000 ____D () C:\Users\Nick\Documents\Hunting
2014-05-20 21:46 - 2014-05-20 17:28 - 00000000 ____D () C:\Users\Nick\Documents\Charity
2014-05-20 20:25 - 2014-05-20 20:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2014-05-20 20:25 - 2012-12-20 21:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2014-05-20 20:24 - 2014-05-20 20:24 - 00282928 _____ (Mozilla) C:\Users\Nick\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-20 20:24 - 2014-05-20 20:24 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 20:24 - 2014-05-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 20:23 - 2014-05-20 20:23 - 00943384 _____ () C:\Users\Nick\Downloads\Firefox.exe
2014-05-20 20:22 - 2012-12-20 21:14 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2014-05-20 20:21 - 2013-06-12 16:30 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\uTorrent
2014-05-20 18:58 - 2014-05-20 18:58 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe
2014-05-20 18:58 - 2014-05-20 18:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 18:01 - 2014-05-20 17:53 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000UA
2014-05-20 18:01 - 2014-05-20 17:53 - 00003484 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1251555134-3555320841-2832081066-1000Core
2014-05-20 17:58 - 2014-05-20 17:58 - 00002232 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-20 17:58 - 2014-05-20 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-20 17:57 - 2012-12-20 21:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-20 17:57 - 2012-12-20 21:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\Google
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (3).exe
2014-05-20 17:55 - 2014-05-20 17:55 - 00918672 _____ (Google Inc.) C:\Users\Nick\Downloads\GoogleEarthSetup (2).exe
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-05-20 17:52 - 2014-05-20 17:52 - 00001126 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-05-20 17:51 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-20 17:50 - 2014-05-20 17:50 - 17529160 _____ (Google Inc.) C:\Users\Nick\Downloads\picasa39-setup.exe
2014-05-20 00:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 23:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-18 23:31 - 2014-06-10 17:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-05-18 23:21 - 2014-06-10 17:06 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-05-18 22:23 - 2014-06-10 17:06 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-05-14 18:38 - 2014-05-14 18:26 - 00000000 ____D () C:\Users\Nick\Documents\Letters
2014-05-14 18:38 - 2011-03-14 13:39 - 00000000 ____D () C:\Users\Nick\Documents\envelopes adress
2014-05-11 15:38 - 2013-02-10 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-11 15:31 - 2012-12-20 21:33 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 15:31 - 2012-12-20 21:33 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-11 15:23 - 2014-05-11 15:23 - 00000000 ____D () C:\Temp
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-11 15:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-11 15:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-05-11 15:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-11 15:01 - 2014-05-11 15:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-10 13:52
 
==================== End Of Log ============================

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello again BlackUfa,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

 If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

 

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • If you are given an option to quarantine files ensure the scan is set to do so.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how you machine is now.

 

 


  • 0

#7
BlackUfa

BlackUfa

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

My machine is running great now!! I'm not going to lie, I have been putting this off for a couple of years and was actually going to buy a new computer just because I couldn't bother my self to actually putting the time into fixing it. You actually saved me quite a bit of money. 

 

Thank you very much!!

 

Here is the log.txt

 

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e91a9dce739038438392b1e8c9f213d7
# engine=18345
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-21 03:17:46
# local_time=2014-05-20 08:17:46 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=774 16777213 71 76 0 2266709 0 0
# compatibility_mode=5893 16776574 100 88 0 4100587 0 0
# scanned=34690
# found=0
# cleaned=0
# scan_time=1975
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e91a9dce739038438392b1e8c9f213d7
# engine=18453
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-29 05:02:50
# local_time=2014-05-28 10:02:50 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776573 100 88 0 4798091 0 0
# scanned=20889
# found=0
# cleaned=0
# scan_time=725
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=e91a9dce739038438392b1e8c9f213d7
# engine=18660
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-11 08:20:01
# local_time=2014-06-11 01:20:01 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 5933122 0 0
# scanned=103268
# found=10
# cleaned=0
# scan_time=12152
sh=3B7E9FBC94CE7D6C9715700C5E0990EB95C91651 ft=1 fh=9d4e62833a831c8f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\Prism\prism.exe"
sh=8C4CC31E12C442997B43E530EDB43764F91E2160 ft=1 fh=87fcbf92e652bd8b vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\Prism\prismsetup_v2.01.exe"
sh=894ED446931F7020A9B360FBDE9F12B8D21B7BDA ft=1 fh=4da184e646496781 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe"
sh=BA71A83A1B40ED80AF728425B36B28802F67A19B ft=1 fh=a9f877751ddb974f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.10.exe"
sh=DCB3F0BC022DD9EB597FC1D4680001A755B97258 ft=1 fh=1fd21e016452543c vn="Win32/OutBrowse.T potentially unwanted application" ac=I fn="C:\Users\Nick\Downloads\Firefox.exe"
sh=BE6DCD115965061C82513501A52B8CDF1A4981C0 ft=1 fh=1bce313b8e1e7144 vn="Win32/Graboid potentially unsafe application" ac=I fn="C:\Users\Nick\Downloads\GraboidVideoSetup-3.26.exe"
sh=2B3BB8915C721570A11D52F252F65F2A181E4CF9 ft=1 fh=479bb619d8c1df3d vn="Win32/Toolbar.SearchSuite potentially unwanted application" ac=I fn="C:\Users\Nick\Downloads\iLividSetupV1.exe"
sh=7C14920BC3817A85DFB37C62E8DA01DAD9E8832E ft=1 fh=0f3c6dd4c3da6459 vn="Win32/SoftonicDownloader.E potentially unwanted application" ac=I fn="C:\Users\Nick\Downloads\SoftonicDownloader_for_windows-live-movie-maker.exe"
sh=8DB6E860FD20EB745BA7C80CC3202AE3369213EB ft=1 fh=e18b70e7dc66508e vn="a variant of Win32/Bunndle potentially unsafe application" ac=I fn="C:\Users\Nick\Downloads\utorrent (1).exe"
sh=BA71A83A1B40ED80AF728425B36B28802F67A19B ft=1 fh=a9f877751ddb974f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Users\Nick\Downloads\vppsetup.exe"
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=e91a9dce739038438392b1e8c9f213d7
# engine=18663
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-11 09:14:31
# local_time=2014-06-11 02:14:31 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 5936392 0 0
# scanned=39248
# found=4
# cleaned=0
# scan_time=3142
sh=3B7E9FBC94CE7D6C9715700C5E0990EB95C91651 ft=1 fh=9d4e62833a831c8f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\Prism\prism.exe"
sh=8C4CC31E12C442997B43E530EDB43764F91E2160 ft=1 fh=87fcbf92e652bd8b vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\Prism\prismsetup_v2.01.exe"
sh=894ED446931F7020A9B360FBDE9F12B8D21B7BDA ft=1 fh=4da184e646496781 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe"
sh=BA71A83A1B40ED80AF728425B36B28802F67A19B ft=1 fh=a9f877751ddb974f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.10.exe"
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=e91a9dce739038438392b1e8c9f213d7
# engine=18663
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-11 02:02:59
# local_time=2014-06-11 07:02:59 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 5953700 0 0
# scanned=210023
# found=11
# cleaned=11
# scan_time=17008
sh=3B7E9FBC94CE7D6C9715700C5E0990EB95C91651 ft=1 fh=9d4e62833a831c8f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Prism\prism.exe"
sh=8C4CC31E12C442997B43E530EDB43764F91E2160 ft=1 fh=87fcbf92e652bd8b vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Prism\prismsetup_v2.01.exe"
sh=894ED446931F7020A9B360FBDE9F12B8D21B7BDA ft=1 fh=4da184e646496781 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe"
sh=BA71A83A1B40ED80AF728425B36B28802F67A19B ft=1 fh=a9f877751ddb974f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.10.exe"
sh=DCB3F0BC022DD9EB597FC1D4680001A755B97258 ft=1 fh=1fd21e016452543c vn="Win32/OutBrowse.T potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\Firefox.exe"
sh=BE6DCD115965061C82513501A52B8CDF1A4981C0 ft=1 fh=1bce313b8e1e7144 vn="Win32/Graboid potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\GraboidVideoSetup-3.26.exe"
sh=2B3BB8915C721570A11D52F252F65F2A181E4CF9 ft=1 fh=479bb619d8c1df3d vn="Win32/Toolbar.SearchSuite potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\iLividSetupV1.exe"
sh=7C14920BC3817A85DFB37C62E8DA01DAD9E8832E ft=1 fh=0f3c6dd4c3da6459 vn="Win32/SoftonicDownloader.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\SoftonicDownloader_for_windows-live-movie-maker.exe"
sh=8DB6E860FD20EB745BA7C80CC3202AE3369213EB ft=1 fh=e18b70e7dc66508e vn="a variant of Win32/Bunndle potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\utorrent (1).exe"
sh=BA71A83A1B40ED80AF728425B36B28802F67A19B ft=1 fh=a9f877751ddb974f vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\vppsetup.exe"
sh=07FC4C7ADE0614C5A533A4CB77CA43229E6D69A1 ft=1 fh=39f312b7a830b123 vn="a variant of Win32/Soft32Downloader.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Nick\Downloads\windows live movie maker setup.exe"

  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello BlackUfa,
 

My machine is running great now!!


Excellent news. I think you are good to go now. :thumbsup:

We have a couple of last steps to perform and then you're all set. :)

Please go here to download OTC.
Run this program to remove most of the tools we have been using.
If you are asked to reboot the machine to finish the CleanUp process choose Yes.

To remove AdwCleaner double click on adwcleaner.exe to run the tool.
Click on Uninstall, then confirm with yes to remove AdwCleaner from your computer.

TFC can be deleted although you might like to keep it. I run it once a week on my machine to clear out unwanted temporary files and bits and pieces in cache.

Any remaining tools may be deleted.

Next, we need to clean your restore points and set a new one:

Open System by right-clicking Computer, and then clicking Properties.
 

  • In the left pane, click System protection. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Under Protection Settings, click the radio button Configure.
  • Under Disk Space Usage, click the radio button Delete.
  • Click Continue, and then click OK.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.

       
  • Click Start > Control Panel > Add or Remove Programs
       
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

 


  • 0

#9
BlackUfa

BlackUfa

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you very much!! You were a big help for me.  I have a friend in NZ, I love it down there although Los Angeles is my home.   Also, I provided a small donation for your help. Thanks!!


  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

 

 I have a friend in NZ, I love it down there although Los Angeles is my home.

 

Glad you like it here, but the city life not quite so exciting as Los Angeles I would think.

 

 

Also, I provided a small donation for your help.

 

Not necessary but very kind of you. :)

 

 

Thank you very much!!

 

You are very welcome. :happy:

 

I will keep this topic open for a day or two in case any issues arise.


  • 0

#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP