Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Frequent BSOD - Suspected Malware [Solved]

Started by Daniel Christmas Lee , Sep 06 2014 08:37 PM
BSOD Malware Godawgs

  • This topic is locked This topic is locked

#16
BrianDrab
Posted 14 September 2014 - 04:28 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Understood about Malwarebytes. A nasty TDSS MBR infection was removed which is great. The ESET scan should be one of the last long scans that need to be done. We're almost there.

 

Thanks for downloading a fresh version of FRST. When FRST is opened it checks to see if there is a new version and tries to autoupdate itself. It may have been in the process of doing that when you ran it the first time.

 

I'll await the ESET log.


  • 0

Advertisements

#17
Daniel Christmas Lee
Posted 14 September 2014 - 10:17 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Step #4 Total Scan Time: 7:25:52

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8dac239a3c29cd47ad7d551b0fc9737b
# engine=20151
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-15 02:25:57
# local_time=2014-09-14 07:25:57 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 0 81922779 0 0
# scanned=730633
# found=10
# cleaned=0
# scan_time=26752
sh=05FF92BFB54B2B3CEE8031952C2151D6CAD5E4A9 ft=1 fh=4592cd5e2b2b049b vn="a variant of Win32/HackTool.Crack.BQ potentially unsafe application" ac=I fn="E:\Program Files (x86)\The Walking Dead 400 Days\steam_api.dll"
sh=85C2E758DADB8A93064CA5CEDF96BC69C021B84C ft=1 fh=1f9bbc275addc6d3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="E:\Users\DLee\Desktop\rcsetup151.exe"
sh=E0637B3DB582DA568B313C6B8774A748FAABE22F ft=1 fh=1917a6c48850f649 vn="a variant of Win32/InstallCore.IO potentially unwanted application" ac=I fn="E:\Users\DLee\Desktop\CamStudio\CamStudio_Setup_v2.7.2_r326_(build_19Oct2013).exe"
sh=75369EBA2AFB6A2E3AFBD0D8107F16055FD48439 ft=1 fh=37f7841365141e7d vn="Win32/ELEX.AH potentially unwanted application" ac=I fn="E:\Users\DLee\Desktop\Desktop July 2014\Misc\defragsetup.exe"
sh=EFAC400A958FF47C383223068F646B37F60837E5 ft=1 fh=88ca0f4f6508474e vn="Win32/InstallMonetizer.AN potentially unwanted application" ac=I fn="K:\New Data\DLee\Desktop\Super Anti-SpyWare Proffesional 4 Full Tested\Setup.exe"
sh=49748B679406298B17175B0F7BD34FEFF183733F ft=1 fh=9a7ec95291376629 vn="a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application" ac=I fn="K:\Pend\Downloads\pc-wizard_2010.1.961-setup.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Keygen.GU potentially unsafe application" ac=I fn="U:\Tooorrrent\The Sims 3 - Razor1911 Final MAXSPEED\The Sims 3 - Razor1911 MAXSPEED www.torentz.3xforum.ro\The Sims 3 - Razor1911 MAXSPEED www.torentz.3xforum.ro.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/HackTool.Crack.BQ potentially unsafe application" ac=I fn="U:\Tooorrrent\The.Walking.Dead.400.Days-HI2U\hi-twd400.iso"
sh=70E9799CB05D66D71FB0716A882E91778ECD96F6 ft=1 fh=18e65955db4d354b vn="a variant of Win32/GameHack.F potentially unsafe application" ac=I fn="U:\Tooorrrent\Tom Clancy's H.A.W.X\Install Files\Main.cf2"
sh=C868083BF36BEBBFB11CBC44DC05186070475D22 ft=1 fh=5f8bb7ff13af2599 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="U:\Tooorrrent\Winamp Pro v5.63 build 3235 with Key [h33t][iahq76]\winamp563_full_emusic-7plus_all.exe"
 


  • 0

#18
BrianDrab
Posted 15 September 2014 - 09:14 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Very nice job. Let's validate that the MBR infection is gone. Please follow the steps below and then let me know how your machine is now. Are you now still having the BSOD issues?

 

Step#1 - Rootkit Scan - Validate
1. Download aswMBR to your desktop.
2. Right-click on aswMBR.exe and select Run as administrator to run it.
3. If you get a question about Virtualization Technology, answer Yes.
4. If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
5. Click the "Scan" button to start scan.
6. On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

 

Step#2 - Security Check
 
1. Download Security Check from here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

 

  

 

Items for your next post

1. aswMBR Log

2. checkup.txt log

3. How's your machine doing?

 


  • 0

#19
Daniel Christmas Lee
Posted 15 September 2014 - 11:17 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Step #1

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-15 21:27:49
-----------------------------
21:27:49.281    OS Version: Windows x64 6.1.7601 Service Pack 1
21:27:49.281    Number of processors: 6 586 0xA00
21:27:49.281    ComputerName: ARMOR  UserName: DLee
21:27:49.471    Initialize success
21:27:49.501    VM: initialized successfully
21:27:49.621    VM: Amd CPU supported
21:27:55.321    VM: supported disk I/O storport.sys
21:29:10.961    The log file has been saved successfully to "E:\Users\DLee\Desktop\aswMBR.txt"
21:29:15.821    AVAST engine defs: 14091501
21:29:25.371    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000075
21:29:25.371    Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 11
21:29:25.371    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000076
21:29:25.371    Disk 1 Vendor: C300-CTF 0006 Size: 61057MB BusType: 11
21:29:25.381    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000078
21:29:25.381    Disk 2 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 11
21:29:25.381    Disk 1 MBR read successfully
21:29:25.391    Disk 1 MBR scan
21:29:25.421    Disk 1 Windows 7 default MBR code
21:29:25.421    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        61055 MB offset 2048
21:29:25.431    Disk 1 default boot code
21:29:25.491    Disk 1 scanning C:\Windows\system32\drivers
21:29:31.271    Service scanning
21:29:45.551    Modules scanning
21:29:45.551    Disk 1 trace - called modules:
21:29:45.551    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
21:29:45.561    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800d2ee060]
21:29:45.561    3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa800ccfeac0]
21:29:45.561    5 amd_xata.sys[fffff880010a1d00] -> nt!IofCallDriver -> \Device\00000076[0xfffffa800cce99c0]
21:29:45.661    AVAST engine scan C:\Windows
21:29:46.761    AVAST engine scan C:\Windows\system32
21:31:56.842    AVAST engine scan C:\Windows\system32\drivers
21:32:04.022    AVAST engine scan E:\Users\DLee
22:04:24.514    AVAST engine scan C:\ProgramData
22:04:38.678    Scan finished successfully
22:09:35.048    Disk 1 MBR has been saved successfully to "E:\Users\DLee\Desktop\MBR.dat"
22:09:35.079    The log file has been saved successfully to "E:\Users\DLee\Desktop\aswMBR.txt"

 


  • 0

#20
Daniel Christmas Lee
Posted 16 September 2014 - 08:38 AM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Quick Update. I haven't done the security check. BUT my Firefox is behaving oddly. Most noticeably, it is laggy... Chrome works fine. But FF. I am unable to access Google Maps and browsing Amazon.com is very laggy. My internet connection is fine. I've checked plugins and my Flash is out of date, so I updated that, but still nothing.

 

Every thing was working fine yesterday, things changed when I ran aswMBR. Do you have any ideas what is going on?

 

OK, nevermind, Chrome is behaving weird too. PLEASE HELP. I NEED THESE THINGS TO WORK.

 

Just ran FF in Safe Mode. Allows me to use Google Maps but still very laggy. Chrome is still unable to search Google Maps or get directions and is laggy.

 

Switching to "Lite Mode" in Google Maps helps a little, but does not explain laggy browser.


Edited by Daniel Christmas Lee, 16 September 2014 - 08:47 AM.

  • 0

#21
BrianDrab
Posted 16 September 2014 - 11:04 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hang in there. Now that we've removed the MBR infection, let's do the following.

 

Step#1 - Internet Speed Check
Would you mind doing this speed test and let me know what is reported?

1. Go to http://www.speedtest.net

2. Wait until the BEGIN TEST button appears and click on it.

    BeginTest.JPG

3. When it's finished please let me know the Ping, Download Speed and Upload Speed

    Results.JPG

 

 

Step#2 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check this log will be created as well. Please copy and paste this log as well.

 

 

Step#3 - FRST Fix

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   23bytes   191 downloads

Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
 
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

 

 

Items for Next Post

1. Speed Test Results

2. New FRST and Addition logs

3. FRST Fix log


  • 0

#22
Daniel Christmas Lee
Posted 16 September 2014 - 10:32 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

I haven't done the previous last step "Security Check."

 

Step #1 Disclaimer, I have Verizon FIOS, but I'm connected via USB wireless N adapter.

 

Ping 9ms, Down: 17.20 Mbps, Up: 32.61Mbps, I actually ran a speed test this morning and my internets showed up as slow (<10 Mbps Down), but upload is usually > 20 Mbps. My browsers are currently behaving.

 

Step #2

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by DLee (administrator) on ARMOR on 16-09-2014 21:31:29
Running from E:\Users\DLee\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
() E:\Program Files (x86)\ASUS\ASWLCCSVC.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) E:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) E:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Farbar) E:\Users\DLee\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [QFan Help] => E:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {07ca8828-3f49-11e2-9ee4-bcaec54ce1d6} - H:\MotoCastSetup.exe -a
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {41189d8f-0438-11e2-98c9-f7d387e36a36} - H:\MotoCastSetup.exe -a
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {726e2053-07a8-11e2-b8b6-bcaec54ce1d6} - F:\Setup.exe
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {c0634394-38f0-11e3-8f55-bcaec54ce1d6} - H:\MotoCastSetup.exe -a
ShellIconOverlayIdentifiers: 01ElephantIconOverlay -> {AFA39CBB-DF66-47f9-A047-47ED25FE655E} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 02ElephantIconOverlay -> {1E519A85-494E-4706-AC87-1CC8BB9CC5DA} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 03ElephantIconOverlay -> {0E2DD711-458A-4b39-8211-3F5FDAA0539E} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 04ElephantIconOverlay -> {2E28D71B-2733-46CD-B61B-49926AC3FD6F} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38B84B00BBF3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel
FF DefaultSearchEngine: Answers.com
FF SelectedSearchEngine: Answers.com
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.google.com/search?q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> E:\Users\DLee\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> E:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: E:\Users\DLee\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\answerscom.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\espn.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\facebook.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\mozilla-add-ons.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\weathercom.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\yahoo-answers.xml
FF Extension: Show Picture - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Multi Links - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\multilinks@plugin [2014-08-24]
FF Extension: Define Word - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d} [2014-08-24]
FF Extension: Print/Print Preview - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1} [2014-08-24]
FF Extension: Old Location Bar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{3205B348-523A-4fac-9BC4-9939CBF583B0} [2014-08-24]
FF Extension: oldbar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb} [2014-08-24]
FF Extension: Gmail Manager - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7} [2014-08-24]
FF Extension: DownloadHelper - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-24]
FF Extension: Add to Amazon Wish List Button - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Save Images - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Restart Button - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Save File to - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Status-4-Evar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Status-bar Scientific Calculator - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Session Manager - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-08-24]
FF Extension: Image Zoom - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2014-08-24]
FF Extension: Download Status Bar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-08-24]
FF Extension: Adblock Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-24]
FF Extension: Tab Mix Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-08-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-09-14]
FF StartMenuInternet: FIREFOX.EXE - E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> EA344939FB524CFE44177D06DB878BA45C7FCDD7ABC4B81644143D0A0DFC9D3D
CHR DefaultSearchURL: Default -> https://www.google.c...r/render?cid=%s
CHR Profile: E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (YouTube) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30]
CHR Extension: (Google Search) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-30]
CHR Extension: (LastPass: Free Password Manager) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-29]
CHR Extension: (YouTube Downloader: MP3 / HD Video Download) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkkeahicimadnjhdamcladhobabaafbg [2012-07-24]
CHR Extension: (Google Wallet) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Media Player) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgcaekibnhngdlffnlaknlciggicekp [2012-07-24]
CHR Extension: (Gmail) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] () [File not signed]
R2 ASWLCCSvc; E:\Program Files (x86)\ASUS\ASWLCCSVC.exe [172032 2009-05-21] () [File not signed]
S3 ElephantDrive-MappedDrive.exe; E:\Program Files (x86)\ElephantDrive\ElephantDrive\ElephantDrive-MappedDrive.exe [125136 2012-08-13] (ElephantDrive)
S3 ElephantDrive-Service.exe; E:\Program Files (x86)\ElephantDrive\ElephantDrive\ElephantDrive-Service.exe [125136 2012-08-13] (ElephantDrive)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
S3 Cam5603D; C:\Windows\System32\Drivers\BisonCam.sys [739760 2007-04-23] (Bison Electronics. Inc. )
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 cpuz136; E:\Users\DLee\PC WIZARD 2013\pcwiz_x64.sys [25320 2013-08-24] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2012-09-26] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [45752 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50; C:\Windows\SysWOW64\Drivers\PCASp50.sys [45752 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cpuz135; \??\E:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X]
S3 ESEADriver2; \??\E:\Users\DLee\AppData\Local\Temp\ESEADriver2.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 PCANDIS4; \??\E:\PROGRA~1\Ugutil\program\PCANDIS4.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 22:09 - 2014-09-15 22:09 - 00002355 _____ () E:\Users\DLee\Desktop\aswMBR.txt
2014-09-15 22:09 - 2014-09-15 22:09 - 00000512 _____ () E:\Users\DLee\Desktop\MBR.dat
2014-09-15 21:27 - 2014-09-15 21:27 - 00854417 _____ () E:\Users\DLee\Desktop\SecurityCheck.exe
2014-09-15 21:26 - 2014-09-15 21:27 - 05185536 _____ (AVAST Software) E:\Users\DLee\Desktop\aswMBR.exe
2014-09-15 20:33 - 2014-09-15 20:33 - 00000336 _____ () E:\Users\DLee\Desktop\Adobe Acrobat X Serials.txt
2014-09-14 23:33 - 2014-09-14 23:33 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-14 23:33 - 2014-09-14 23:33 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-09-14 23:33 - 2014-09-14 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-09-14 22:50 - 2014-09-16 07:35 - 00000000 ____D () E:\Users\DLee\AppData\Local\Adobe
2014-09-14 11:56 - 2014-09-14 14:03 - 02347384 _____ (ESET) E:\Users\DLee\Desktop\esetsmartinstaller_enu.exe
2014-09-14 11:38 - 2014-09-14 11:38 - 17292760 _____ (Malwarebytes Corporation ) E:\Users\DLee\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-14 11:29 - 2014-09-14 11:30 - 02105856 _____ (Farbar) E:\Users\DLee\Desktop\FRST64(1).exe
2014-09-14 11:25 - 2014-09-14 11:25 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-09-13 12:05 - 2014-09-13 12:05 - 00002402 _____ () E:\Users\DLee\Desktop\AdwCleaner[S0].txt
2014-09-13 12:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 22:57 - 2014-09-12 22:57 - 04181856 _____ (Kaspersky Lab ZAO) E:\Users\DLee\Desktop\tdsskiller.exe
2014-09-12 22:57 - 2014-09-12 22:57 - 01373475 _____ () E:\Users\DLee\Desktop\AdwCleaner.exe
2014-09-12 22:55 - 2014-09-12 22:55 - 00006356 _____ () E:\Users\DLee\Desktop\BSOD.txt
2014-09-12 22:55 - 2014-09-12 22:55 - 00000951 _____ () E:\Users\DLee\Desktop\BlueScreenView.cfg
2014-09-12 22:53 - 2013-07-17 10:36 - 00146528 _____ (NirSoft) E:\Users\DLee\Desktop\BlueScreenView.exe
2014-09-12 22:53 - 2013-07-17 10:36 - 00018384 _____ () E:\Users\DLee\Desktop\BlueScreenView.chm
2014-09-12 22:53 - 2013-07-17 10:36 - 00017196 _____ () E:\Users\DLee\Desktop\readme.txt
2014-09-12 22:51 - 2014-09-12 22:51 - 00084917 _____ () E:\Users\DLee\Desktop\bluescreenview-x64.zip
2014-09-11 21:44 - 2014-09-11 21:44 - 00054878 _____ () E:\Users\DLee\Desktop\Addition.txt
2014-09-11 21:43 - 2014-09-16 21:31 - 00019556 _____ () E:\Users\DLee\Desktop\FRST.txt
2014-09-11 21:43 - 2014-09-16 21:31 - 00000000 ___DC () C:\FRST
2014-09-11 21:42 - 2014-09-12 07:53 - 00000347 _____ () E:\Users\DLee\Desktop\FRST64.exe
2014-09-10 00:02 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 00:02 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 00:01 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 00:01 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 00:01 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 00:01 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 00:01 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 00:01 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 00:01 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 00:01 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 00:01 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 00:01 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 00:01 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 00:01 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 00:01 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 00:01 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 00:01 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 00:01 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 00:01 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 00:01 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 00:01 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 00:01 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 00:01 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 00:01 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 00:01 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 00:01 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 00:01 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 00:01 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 00:01 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 00:01 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 00:01 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 00:01 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 00:01 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 00:01 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 00:01 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 00:01 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 00:01 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 00:01 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 00:01 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 00:01 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 00:01 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 00:01 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 00:01 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 00:01 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 00:01 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 00:01 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 00:01 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 00:01 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 00:01 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 00:01 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-09 23:59 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-09 23:59 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 23:58 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 23:58 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 23:58 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 23:58 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 23:58 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 23:58 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 23:58 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 23:58 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 23:58 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 23:58 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 23:58 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () E:\Users\DLee\Desktop\cmd.exe - Shortcut.lnk
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () C:\Windows\system32\cmd.exe - Shortcut.lnk
2014-09-07 13:55 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-09-06 21:32 - 2014-09-07 22:38 - 00000624 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-06 19:13 - 2014-09-06 19:13 - 00288329 _____ () C:\Windows\Minidump\090614-17160-01.dmp
2014-09-06 01:54 - 2014-09-06 01:54 - 00358329 _____ () C:\Windows\Minidump\090614-14554-01.dmp
2014-09-05 16:04 - 2014-09-05 16:06 - 00000000 ____D () E:\Users\DLee\.yawcam
2014-09-05 16:00 - 2014-09-05 16:00 - 04675501 _____ (Magnus Lundvall ) E:\Users\DLee\Desktop\yawcam_install.exe
2014-09-04 23:38 - 2014-09-04 23:39 - 00000000 ____D () E:\Users\DLee\Auto
2014-08-30 15:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-30 15:53 - 2014-08-30 15:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-30 15:51 - 2014-08-30 15:55 - 00007479 _____ () C:\Windows\IE11_main.log
2014-08-29 19:57 - 2014-08-29 19:57 - 00000000 ____D () C:\ProgramData\ATI
2014-08-29 19:56 - 2014-08-29 19:56 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201408291956017482.log
2014-08-29 19:56 - 2014-08-29 19:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-29 19:56 - 2014-02-16 09:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-29 19:05 - 2014-08-29 19:05 - 00288329 _____ () C:\Windows\Minidump\082914-15631-01.dmp
2014-08-27 20:24 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:24 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:24 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () E:\Users\DLee\AppData\Local\Skype
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-25 22:57 - 2014-08-26 00:04 - 00000000 ____D () E:\Users\DLee\Tax 2014
2014-08-25 08:35 - 2014-08-25 08:35 - 00000000 ____D () E:\Users\DLee\Desktop\tlw3ic70.Daniel
2014-08-25 08:33 - 2014-08-25 08:33 - 00000817 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-24 21:51 - 2014-08-24 21:51 - 00000000 ____D () E:\Users\DLee\Desktop\b0pajpvg.Daniel
2014-08-24 20:49 - 2014-08-24 20:49 - 24654088 _____ (Mozilla) E:\Users\DLee\Desktop\Firefox Setup 27.0.1.exe
2014-08-20 22:18 - 2014-08-22 00:22 - 00000000 ____D () E:\Users\DLee\Desktop\ED Work Folder
2014-08-20 20:33 - 2014-08-20 22:28 - 00000000 ___SD () E:\Users\DLee\Desktop\My ElephantDrive
2014-08-19 21:03 - 2014-08-19 21:03 - 00024178 _____ () E:\Users\DLee\Desktop\the-railway-man-english-yify-12002.zip
2014-08-18 16:38 - 2014-08-18 16:38 - 00066392 _____ () E:\Users\DLee\Desktop\Displacement.psd
2014-08-18 15:06 - 2014-09-16 07:49 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000.job
2014-08-18 15:06 - 2014-09-15 21:26 - 00003558 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000
2014-08-18 15:06 - 2014-08-18 15:06 - 00002335 _____ () E:\Users\DLee\Desktop\GoToMeeting Quick Connect.lnk
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () E:\Users\DLee\AppData\Local\Citrix
2014-08-17 22:29 - 2014-08-17 22:29 - 00047145 _____ () E:\Users\DLee\Desktop\the-amazing-spider-man-2-english-yify-19058.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 21:31 - 2014-09-11 21:43 - 00019556 _____ () E:\Users\DLee\Desktop\FRST.txt
2014-09-16 21:31 - 2014-09-11 21:43 - 00000000 ___DC () C:\FRST
2014-09-16 21:29 - 2012-09-21 15:16 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job
2014-09-16 21:28 - 2012-09-21 03:41 - 01759309 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 21:26 - 2009-07-13 21:45 - 00022592 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 21:26 - 2009-07-13 21:45 - 00022592 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 21:25 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 21:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-16 21:20 - 2012-09-24 20:21 - 00000000 ____D () C:\Temp
2014-09-16 21:19 - 2014-02-25 16:43 - 00035822 _____ () C:\Windows\setupact.log
2014-09-16 21:19 - 2012-09-21 17:23 - 00243118 _____ () C:\Windows\PFRO.log
2014-09-16 21:19 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 07:49 - 2014-08-18 15:06 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000.job
2014-09-16 07:35 - 2014-09-14 22:50 - 00000000 ____D () E:\Users\DLee\AppData\Local\Adobe
2014-09-16 07:35 - 2013-03-16 16:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-16 07:35 - 2013-03-16 16:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 22:29 - 2012-09-21 15:16 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job
2014-09-15 22:09 - 2014-09-15 22:09 - 00002355 _____ () E:\Users\DLee\Desktop\aswMBR.txt
2014-09-15 22:09 - 2014-09-15 22:09 - 00000512 _____ () E:\Users\DLee\Desktop\MBR.dat
2014-09-15 21:41 - 2012-12-12 23:21 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job
2014-09-15 21:27 - 2014-09-15 21:27 - 00854417 _____ () E:\Users\DLee\Desktop\SecurityCheck.exe
2014-09-15 21:27 - 2014-09-15 21:26 - 05185536 _____ (AVAST Software) E:\Users\DLee\Desktop\aswMBR.exe
2014-09-15 21:26 - 2014-08-18 15:06 - 00003558 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000
2014-09-15 20:33 - 2014-09-15 20:33 - 00000336 _____ () E:\Users\DLee\Desktop\Adobe Acrobat X Serials.txt
2014-09-15 00:44 - 2009-07-13 21:45 - 04968560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 23:37 - 2012-09-24 23:34 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-14 23:33 - 2014-09-14 23:33 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-14 23:33 - 2014-09-14 23:33 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-09-14 23:33 - 2014-09-14 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-09-14 23:33 - 2012-11-05 12:07 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Adobe
2014-09-14 23:32 - 2012-11-05 12:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 23:20 - 2014-08-09 20:15 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-09-14 22:40 - 2012-09-24 23:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-14 18:41 - 2012-12-12 23:21 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job
2014-09-14 14:03 - 2014-09-14 11:56 - 02347384 _____ (ESET) E:\Users\DLee\Desktop\esetsmartinstaller_enu.exe
2014-09-14 11:40 - 2014-08-12 11:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 11:39 - 2014-08-12 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-14 11:38 - 2014-09-14 11:38 - 17292760 _____ (Malwarebytes Corporation ) E:\Users\DLee\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-14 11:30 - 2014-09-14 11:29 - 02105856 _____ (Farbar) E:\Users\DLee\Desktop\FRST64(1).exe
2014-09-14 11:30 - 2011-03-19 21:12 - 00000000 ____D () E:\Users\DLee
2014-09-14 11:25 - 2014-09-14 11:25 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-09-13 23:04 - 2011-03-20 02:03 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Skype
2014-09-13 15:29 - 2011-05-09 02:30 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\vlc
2014-09-13 12:58 - 2012-02-09 20:13 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\uTorrent
2014-09-13 12:35 - 2012-09-28 19:03 - 00002322 _____ () E:\Users\DLee\Desktop\Google Chrome.lnk
2014-09-13 12:05 - 2014-09-13 12:05 - 00002402 _____ () E:\Users\DLee\Desktop\AdwCleaner[S0].txt
2014-09-12 22:57 - 2014-09-12 22:57 - 04181856 _____ (Kaspersky Lab ZAO) E:\Users\DLee\Desktop\tdsskiller.exe
2014-09-12 22:57 - 2014-09-12 22:57 - 01373475 _____ () E:\Users\DLee\Desktop\AdwCleaner.exe
2014-09-12 22:55 - 2014-09-12 22:55 - 00006356 _____ () E:\Users\DLee\Desktop\BSOD.txt
2014-09-12 22:55 - 2014-09-12 22:55 - 00000951 _____ () E:\Users\DLee\Desktop\BlueScreenView.cfg
2014-09-12 22:51 - 2014-09-12 22:51 - 00084917 _____ () E:\Users\DLee\Desktop\bluescreenview-x64.zip
2014-09-12 22:33 - 2012-09-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 07:53 - 2014-09-11 21:42 - 00000347 _____ () E:\Users\DLee\Desktop\FRST64.exe
2014-09-11 21:44 - 2014-09-11 21:44 - 00054878 _____ () E:\Users\DLee\Desktop\Addition.txt
2014-09-11 21:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 19:47 - 2014-05-06 19:13 - 00000000 ____D () E:\Users\DLee\SS
2014-09-10 00:00 - 2012-09-22 11:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-10 00:00 - 2012-09-22 11:53 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 00:00 - 2012-09-22 11:53 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 00:00 - 2012-09-22 11:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 00:00 - 2012-09-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-09 23:59 - 2014-04-22 11:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-07 22:38 - 2014-09-06 21:32 - 00000624 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-07 15:33 - 2013-06-24 16:09 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-09-07 15:33 - 2011-04-13 20:53 - 00000000 ____D () E:\Users\DLee\Documents\Youcam
2014-09-07 15:11 - 2014-07-26 22:18 - 00000000 ____D () E:\Users\DLee\Desktop\MTGO
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () E:\Users\DLee\Desktop\cmd.exe - Shortcut.lnk
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () C:\Windows\system32\cmd.exe - Shortcut.lnk
2014-09-07 12:54 - 2012-09-21 15:24 - 00000000 ____D () C:\Windows\Minidump
2014-09-07 12:26 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-06 21:48 - 2012-10-26 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-09-06 21:48 - 2011-03-19 21:40 - 00000000 ____D () E:\Users\DLee\AppData\Local\Downloaded Installations
2014-09-06 19:13 - 2014-09-06 19:13 - 00288329 _____ () C:\Windows\Minidump\090614-17160-01.dmp
2014-09-06 18:42 - 2011-06-21 20:05 - 00000000 ___RD () E:\Users\DLee\My Pictures 2
2014-09-06 01:54 - 2014-09-06 01:54 - 00358329 _____ () C:\Windows\Minidump\090614-14554-01.dmp
2014-09-05 16:06 - 2014-09-05 16:04 - 00000000 ____D () E:\Users\DLee\.yawcam
2014-09-05 16:00 - 2014-09-05 16:00 - 04675501 _____ (Magnus Lundvall ) E:\Users\DLee\Desktop\yawcam_install.exe
2014-09-04 23:39 - 2014-09-04 23:38 - 00000000 ____D () E:\Users\DLee\Auto
2014-09-04 19:10 - 2014-09-09 23:58 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 19:05 - 2014-09-09 23:58 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 18:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-31 08:05 - 2013-03-23 15:25 - 00001274 _____ () E:\Users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 17:09 - 2009-07-13 19:34 - 00000567 _____ () C:\Windows\win.ini
2014-08-30 17:08 - 2011-03-21 00:31 - 00000000 ____D () E:\Users\DLee\Asus Wireless Win7x64
2014-08-30 15:55 - 2014-08-30 15:51 - 00007479 _____ () C:\Windows\IE11_main.log
2014-08-30 15:53 - 2014-08-30 15:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-29 19:57 - 2014-08-29 19:57 - 00000000 ____D () C:\ProgramData\ATI
2014-08-29 19:56 - 2014-08-29 19:56 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201408291956017482.log
2014-08-29 19:56 - 2014-08-29 19:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-29 19:56 - 2012-09-21 15:14 - 00000000 ____D () C:\ProgramData\AMD
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-29 19:55 - 2013-03-20 19:29 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-29 19:49 - 2013-02-11 00:30 - 00000000 ___DC () C:\AMD
2014-08-29 19:05 - 2014-08-29 19:05 - 00288329 _____ () C:\Windows\Minidump\082914-15631-01.dmp
2014-08-29 17:51 - 2014-08-04 10:27 - 00000000 ____D () E:\Users\DLee\Housing
2014-08-29 11:22 - 2013-09-17 20:54 - 00000000 ____D () E:\Users\DLee\Loans
2014-08-28 23:04 - 2012-01-26 22:23 - 00000000 ____D () E:\Users\DLee\Job
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () E:\Users\DLee\AppData\Local\Skype
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-26 20:22 - 2012-12-13 14:34 - 00000000 ____D () C:\ProgramData\Skype
2014-08-26 00:04 - 2014-08-25 22:57 - 00000000 ____D () E:\Users\DLee\Tax 2014
2014-08-25 08:53 - 2012-10-21 01:25 - 00002620 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-08-25 08:53 - 2011-08-20 21:18 - 00000000 ____D () E:\Users\DLee\AppData\Local\Corel
2014-08-25 08:53 - 2011-08-20 21:17 - 00000000 ____D () E:\Users\DLee\Documents\My PSP Files
2014-08-25 08:40 - 2011-03-20 00:19 - 00000000 ____D () E:\Users\DLee\AppData\Local\Mozilla
2014-08-25 08:35 - 2014-08-25 08:35 - 00000000 ____D () E:\Users\DLee\Desktop\tlw3ic70.Daniel
2014-08-25 08:33 - 2014-08-25 08:33 - 00000817 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-24 21:57 - 2011-03-20 00:19 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Mozilla
2014-08-24 21:51 - 2014-08-24 21:51 - 00000000 ____D () E:\Users\DLee\Desktop\b0pajpvg.Daniel
2014-08-24 20:49 - 2014-08-24 20:49 - 24654088 _____ (Mozilla) E:\Users\DLee\Desktop\Firefox Setup 27.0.1.exe
2014-08-22 21:04 - 2012-08-07 16:51 - 00000000 ____D () E:\Users\DLee\dwhelper
2014-08-22 19:07 - 2014-08-27 20:24 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 20:24 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 20:24 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 00:22 - 2014-08-20 22:18 - 00000000 ____D () E:\Users\DLee\Desktop\ED Work Folder
2014-08-21 21:30 - 2013-09-19 10:02 - 00000000 ____D () E:\Users\DLee\Health
2014-08-20 22:28 - 2014-08-20 20:33 - 00000000 ___SD () E:\Users\DLee\Desktop\My ElephantDrive
2014-08-19 21:03 - 2014-08-19 21:03 - 00024178 _____ () E:\Users\DLee\Desktop\the-railway-man-english-yify-12002.zip
2014-08-19 11:05 - 2014-09-10 00:01 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 10:39 - 2014-09-10 00:01 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-18 17:06 - 2012-07-26 15:33 - 00001456 _____ () E:\Users\DLee\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-08-18 16:38 - 2014-08-18 16:38 - 00066392 _____ () E:\Users\DLee\Desktop\Displacement.psd
2014-08-18 16:01 - 2014-09-10 00:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 15:29 - 2014-09-10 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 15:29 - 2014-09-10 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 15:26 - 2014-09-10 00:01 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 15:20 - 2014-09-10 00:01 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 15:19 - 2014-09-10 00:01 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 15:15 - 2014-09-10 00:01 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 15:15 - 2014-09-10 00:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 15:14 - 2014-09-10 00:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 15:14 - 2014-09-10 00:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 15:08 - 2014-09-10 00:01 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 15:08 - 2014-09-10 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 15:08 - 2014-09-10 00:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 15:06 - 2014-08-18 15:06 - 00002335 _____ () E:\Users\DLee\Desktop\GoToMeeting Quick Connect.lnk
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () E:\Users\DLee\AppData\Local\Citrix
2014-08-18 15:06 - 2012-10-17 09:30 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-08-18 15:05 - 2014-09-10 00:02 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 15:03 - 2014-09-10 00:01 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 15:03 - 2014-09-10 00:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 15:03 - 2014-09-10 00:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 14:57 - 2014-09-10 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 14:56 - 2014-09-10 00:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 14:51 - 2014-09-10 00:01 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 14:46 - 2014-09-10 00:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 14:45 - 2014-09-10 00:01 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 14:45 - 2014-09-10 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 14:44 - 2014-09-10 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 14:44 - 2014-09-10 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 14:42 - 2014-09-10 00:01 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 14:40 - 2014-09-10 00:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 14:39 - 2014-09-10 00:01 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 14:39 - 2014-09-10 00:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 14:39 - 2014-09-10 00:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 14:38 - 2014-09-10 00:01 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 14:37 - 2014-09-10 00:02 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 14:36 - 2014-09-10 00:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 14:35 - 2014-09-10 00:01 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 14:27 - 2014-09-10 00:01 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 14:25 - 2014-09-10 00:01 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 14:25 - 2014-09-10 00:01 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 14:23 - 2014-09-10 00:01 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 14:23 - 2014-09-10 00:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 14:22 - 2014-09-10 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 14:19 - 2014-09-10 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 14:17 - 2014-09-10 00:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 14:17 - 2014-09-10 00:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 14:16 - 2014-09-10 00:01 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 14:15 - 2014-09-10 00:01 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 14:15 - 2014-09-10 00:01 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 14:09 - 2014-09-10 00:01 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 14:08 - 2014-09-10 00:01 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 14:07 - 2014-09-10 00:01 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 13:55 - 2014-09-10 00:01 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 13:46 - 2014-09-10 00:01 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 13:38 - 2014-09-10 00:01 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 13:38 - 2014-09-10 00:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 13:36 - 2014-09-10 00:01 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 22:29 - 2014-08-17 22:29 - 00047145 _____ () E:\Users\DLee\Desktop\the-amazing-spider-man-2-english-yify-19058.zip

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 00:48

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by DLee at 2014-09-16 21:32:07
Running from E:\Users\DLee\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.57 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.2 - Adobe Systems)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.20 - )
Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
AMD Accelerated Video Transcoding (Version: 13.30.100.40811 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5A53DBA6-9B15-450F-EDF3-C01E12E9C61F}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS USB2.0 Webcam (HKLM-x32\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.96.2.2a - ASUS USB2.0 Webcam)
ASUS WLAN Card Utilities/Driver (HKLM-x32\...\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}) (Version: 4.3.1.0 - ASUS)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version:  - )
Brother MFL-Pro Suite MFC-440CN (HKLM-x32\...\{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
ElephantDrive (HKLM-x32\...\{6B4990B0-BE17-4B48-BA38-A8EE35E09EE1}) (Version: 5.1.0 - ElephantDrive)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
GoToMeeting 6.4.2.1669 (HKCU\...\GoToMeeting) (Version: 6.4.2.1669 - CitrixOnline)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Magic Online (HKLM-x32\...\{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}) (Version: 3.00.0000 - Wizards of the Coast)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
MPC-HC 1.7.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.5 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Controller Editor (Version: 1.5.1.1124 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.1.1.2673 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0095 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 27.2.79231 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STO Keybinds (HKCU\...\bdb72a49df691b00) (Version: 1.0.0.105 - Federation Emergency Services)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Walking Dead 400 Days (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWQ=_is1) (Version: 1 - )
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.32 - )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.SingleImage_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SingleImage_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.SingleImage_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{0B6EF241-90CC-4AC7-B36F-2EECB12E61CF}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{4C975BB2-B3EE-4F66-A8E7-5C917B7C439D}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.SingleImage_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
VirtuaGirl version 1.1.0.70 (HKCU\...\VirtuaGirl_is1) (Version: 1.1.0.70 - Totem Entertainment)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{18707c5c-c2e7-4ff1-94af-2ee9807e6f0d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

15-09-2014 04:48:04 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
15-09-2014 05:37:20 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
15-09-2014 05:41:21 Removed Adobe Help Manager
15-09-2014 05:41:46 Removed Adobe Widget Browser
15-09-2014 05:42:48 Removed NVIDIA PhysX
15-09-2014 05:43:22 Removed Amazon Music Importer
15-09-2014 06:31:10 Installed Adobe Acrobat X Pro - English, Français, Deutsch.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-09-14 23:28 - 00001016 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12DD8DC0-5E66-4EE3-A2DC-F18B37838C6D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1F550FD6-77E7-43B4-A065-0580279D7D56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {457FFDE4-41D6-4490-9098-4E19EFB7CECA} - System32\Tasks\ASUS\TurboVHelp => E:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {654C4496-63F8-4B24-B1AF-0D1E9C17E5B2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {68216C4C-76D1-41DE-BE35-AF271E487178} - System32\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\1669\g2mupdate.exe [2014-09-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {688DAE9A-11EE-4AC1-A58E-E062C350A523} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {785E5907-EF25-4383-AE4F-F6AEE72BDC12} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {8DFBEFC3-E3B3-4200-AB6A-A10815F1CDB2} - System32\Tasks\ASUS\ASUS Update Checker => E:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {8EAC7C11-D6DF-4E65-8F69-036CC7FDA474} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {8FEBC456-05EA-4261-A5B0-1485F92A5D85} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {A0972BB2-005C-4CCE-89DB-C8BA6E2BA6BD} - \{2C9578E6-E69F-4155-A18E-58E356D72B46} No Task File <==== ATTENTION
Task: {A1523DAA-D60F-45DC-942B-97EC5F4DA7EE} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {A5028A0D-104D-4B7E-A8AD-303BCD76F8EC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {A77C337D-61C6-4371-B9EE-CA2F497402B0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe
Task: {B037A57E-5898-43F1-A757-2EFCE5C48B17} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {C224EC8E-93C0-45CB-A895-9EFCBF4F4E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {CE1CF273-A82D-480C-9A54-34F07C873E1D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E6342053-AE33-49BB-BA3E-6C0CB85334C1} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {EB8BC2C2-A0CC-48E8-8CC6-67C4673F404A} - System32\Tasks\{8D7A625B-87B7-4AF2-A334-F321F8D0A824} => Firefox.exe http://www.skype.com...8;LastError=404
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\1669\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-11 23:06 - 2014-08-11 23:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-09-23 22:15 - 2010-06-24 14:19 - 00109056 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
2013-02-11 00:07 - 2009-05-21 16:09 - 00172032 _____ () E:\Program Files (x86)\ASUS\ASWLCCSVC.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-07-25 00:23 - 2012-07-25 00:23 - 00886784 _____ () E:\Program Files (x86)\ElephantDrive\ElephantDrive\RightClickMenu-64bit.dll
2013-10-31 08:05 - 2013-10-31 08:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2012-09-25 23:39 - 2010-02-08 17:19 - 00053248 _____ () E:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2012-09-25 23:39 - 2010-06-01 10:38 - 00253952 _____ () E:\Program Files\ASUS\TurboV EVO\pngio.dll
2014-08-25 08:33 - 2014-02-12 17:36 - 03578992 _____ () E:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-16 07:35 - 2014-09-16 07:35 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40260784.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42424843.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\40260784.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42424843.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Shortcut to ElephantDrive.exe.lnk => C:\Windows\pss\Shortcut to ElephantDrive.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Status Monitor.lnk => C:\Windows\pss\Status Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: E:^Users^DLee^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk => C:\Windows\pss\DesktopVideoPlayer.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "E:\Users\DLee\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: Control Center => E:\Program Files (x86)\ASUS\CenterAgent.exe
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "E:\Program Files (x86)\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "U:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TurboV EVO => "E:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
MSCONFIG\startupreg: YouCam Service6 => "E:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 09:29:15 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/16/2014 07:29:50 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/15/2014 10:29:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e58

Start Time: 01cfd16c7058b213

Termination Time: 17

Application Path: E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 6d07e4bc-3d62-11e4-bbef-bcaec54ce1d6

Error: (09/15/2014 08:29:22 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/15/2014 08:29:55 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/14/2014 09:54:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0xb20
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (09/14/2014 09:17:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2014 07:51:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2014 04:29:58 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/14/2014 02:12:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/16/2014 09:19:19 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/16/2014 07:02:25 AM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume K: were aborted during detection because a critical control file could not be opened.

Error: (09/16/2014 07:02:25 AM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume G: were aborted during detection because a critical control file could not be opened.

Error: (09/16/2014 07:02:11 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/15/2014 08:18:33 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/15/2014 08:10:51 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/15/2014 00:44:38 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/14/2014 10:45:46 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/14/2014 09:52:49 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/14/2014 09:29:38 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.


Microsoft Office Sessions:
=========================
Error: (09/16/2014 09:29:15 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/16/2014 07:29:50 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/15/2014 10:29:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe27.0.1.5156e5801cfd16c7058b21317E:\Program Files (x86)\Mozilla Firefox\firefox.exe6d07e4bc-3d62-11e4-bbef-bcaec54ce1d6

Error: (09/15/2014 08:29:22 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/15/2014 08:29:55 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/14/2014 09:54:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4b2001cfd0a0edb3f88dC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll6404f9be-3c94-11e4-afa1-bcaec54ce1d6

Error: (09/14/2014 09:17:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/14/2014 07:51:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/14/2014 04:29:58 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/14/2014 02:12:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Users\DLee\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-07 14:14:32.621
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.496
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.433
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.448
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.370
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.307
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.245
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:10:37.255
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:10:37.193
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1075T Processor
Percentage of memory in use: 14%
Total physical RAM: 16382.14 MB
Available physical RAM: 14052.33 MB
Total Pagefile: 49144.61 MB
Available Pagefile: 46587.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:59.62 GB) (Free:22.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Old C) (Fixed) (Total:465.65 GB) (Free:298.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected.
Drive k: (Phantom K) (Fixed) (Total:465.76 GB) (Free:268.22 GB) NTFS
Drive u: (Unique) (Fixed) (Total:931.51 GB) (Free:358.85 GB) NTFS
Drive x: (Falcon X) (Fixed) (Total:465.86 GB) (Free:270.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F72B7564)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 9A4048C5)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BAA5BAA5)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: F87B4C9A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: 000098EC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#23
Daniel Christmas Lee
Posted 16 September 2014 - 10:33 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Step #3

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by DLee at 2014-09-16 21:33:06 Run:2
Running from E:\Users\DLee\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
cmd: ipconfig /flushdns
*****************


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


==== End of Fixlog ====


  • 0

#24
Daniel Christmas Lee
Posted 16 September 2014 - 10:33 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Should I still do this step?

 

Security Check
 
1. Download Security Check from here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.


  • 0

#25
BrianDrab
Posted 17 September 2014 - 05:16 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Yes please do the Security Check step as well. I'm reviewing the logs. Thank you.


  • 0

Advertisements

#26
BrianDrab
Posted 17 September 2014 - 11:10 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks for the info. Unfortunately we can't proceed as there is illegal/cracked Adobe software on your machine. The Terms of Use that you agreed to when signing up for an account stipulates the following taken from bullet 3p.

 

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.

 

If you would like us to continue please follow the steps below.

 

Step#1 - Remove any illegal/Cracked Adobe Software

 

 

Step#2 - FRST Fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   8bytes   135 downloads

Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
 
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Step#3 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check this log will be created as well. Please copy and paste this log as well.

 

 

 

Items for your Next Post

1. FRST Fix Log

2. Fresh FRST and Addition logs
 


  • 0

#27
Daniel Christmas Lee
Posted 17 September 2014 - 09:00 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

I'll have to reply on Saturday. I "need my computer for work tomorrow and Friday." Thanks so far for the help!


  • 0

#28
Daniel Christmas Lee
Posted 20 September 2014 - 09:12 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Step #1 Completed

 

Step #2

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by DLee at 2014-09-20 20:12:36 Run:3
Running from E:\Users\DLee\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
hosts:

*****************

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====


  • 0

#29
Daniel Christmas Lee
Posted 20 September 2014 - 09:14 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Step #3

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by DLee (administrator) on ARMOR on 20-09-2014 20:13:52
Running from E:\Users\DLee\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
() E:\Program Files (x86)\ASUS\ASWLCCSVC.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) E:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) E:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) E:\Users\DLee\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [QFan Help] => E:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.)
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {07ca8828-3f49-11e2-9ee4-bcaec54ce1d6} - H:\MotoCastSetup.exe -a
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {41189d8f-0438-11e2-98c9-f7d387e36a36} - H:\MotoCastSetup.exe -a
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {726e2053-07a8-11e2-b8b6-bcaec54ce1d6} - F:\Setup.exe
HKU\S-1-5-21-80866519-203923749-430787433-1000\...\MountPoints2: {c0634394-38f0-11e3-8f55-bcaec54ce1d6} - H:\MotoCastSetup.exe -a
ShellIconOverlayIdentifiers: 01ElephantIconOverlay -> {AFA39CBB-DF66-47f9-A047-47ED25FE655E} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 02ElephantIconOverlay -> {1E519A85-494E-4706-AC87-1CC8BB9CC5DA} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 03ElephantIconOverlay -> {0E2DD711-458A-4b39-8211-3F5FDAA0539E} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 04ElephantIconOverlay -> {2E28D71B-2733-46CD-B61B-49926AC3FD6F} => E:\Program Files (x86)\ElephantDrive\ElephantDrive\IconOverlay-64bit.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38B84B00BBF3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel
FF DefaultSearchEngine: Answers.com
FF SelectedSearchEngine: Answers.com
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.google.com/search?q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> E:\Users\DLee\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> E:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: E:\Users\DLee\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\answerscom.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\espn.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\facebook.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\mozilla-add-ons.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\weathercom.xml
FF SearchPlugin: E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\searchplugins\yahoo-answers.xml
FF Extension: Show Picture - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Multi Links - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\multilinks@plugin [2014-08-24]
FF Extension: Define Word - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d} [2014-08-24]
FF Extension: Print/Print Preview - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1} [2014-08-24]
FF Extension: Old Location Bar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{3205B348-523A-4fac-9BC4-9939CBF583B0} [2014-08-24]
FF Extension: oldbar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb} [2014-08-24]
FF Extension: Gmail Manager - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7} [2014-08-24]
FF Extension: DownloadHelper - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-24]
FF Extension: Add to Amazon Wish List Button - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Save Images - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Restart Button - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Save File to - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Status-4-Evar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Status-bar Scientific Calculator - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\[email protected] [2014-08-24]
FF Extension: Session Manager - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-08-24]
FF Extension: Image Zoom - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2014-08-24]
FF Extension: Download Status Bar - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-08-24]
FF Extension: Adblock Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-24]
FF Extension: Tab Mix Plus - E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\tlw3ic70.Daniel\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-08-24]
FF StartMenuInternet: FIREFOX.EXE - E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> EA344939FB524CFE44177D06DB878BA45C7FCDD7ABC4B81644143D0A0DFC9D3D
CHR DefaultSearchURL: Default -> https://www.google.c...r/render?cid=%s
CHR Profile: E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (YouTube) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30]
CHR Extension: (Google Search) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-30]
CHR Extension: (LastPass: Free Password Manager) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-29]
CHR Extension: (YouTube Downloader: MP3 / HD Video Download) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkkeahicimadnjhdamcladhobabaafbg [2012-07-24]
CHR Extension: (Google Wallet) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Media Player) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgcaekibnhngdlffnlaknlciggicekp [2012-07-24]
CHR Extension: (Gmail) - E:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] () [File not signed]
R2 ASWLCCSvc; E:\Program Files (x86)\ASUS\ASWLCCSVC.exe [172032 2009-05-21] () [File not signed]
S3 ElephantDrive-MappedDrive.exe; E:\Program Files (x86)\ElephantDrive\ElephantDrive\ElephantDrive-MappedDrive.exe [125136 2012-08-13] (ElephantDrive)
S3 ElephantDrive-Service.exe; E:\Program Files (x86)\ElephantDrive\ElephantDrive\ElephantDrive-Service.exe [125136 2012-08-13] (ElephantDrive)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 SkypeUpdate; E:\Program Files (x86)\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
S3 Cam5603D; C:\Windows\System32\Drivers\BisonCam.sys [739760 2007-04-23] (Bison Electronics. Inc. )
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 cpuz136; E:\Users\DLee\PC WIZARD 2013\pcwiz_x64.sys [25320 2013-08-24] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2012-09-26] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [45752 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50; C:\Windows\SysWOW64\Drivers\PCASp50.sys [45752 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cpuz135; \??\E:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X]
S3 ESEADriver2; \??\E:\Users\DLee\AppData\Local\Temp\ESEADriver2.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 PCANDIS4; \??\E:\PROGRA~1\Ugutil\program\PCANDIS4.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 12:18 - 2014-09-19 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-19 12:18 - 2014-09-19 12:18 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-17 21:58 - 2014-09-17 22:51 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\vghd
2014-09-17 21:58 - 2014-09-17 21:58 - 00000000 ____D () E:\Users\DLee\AppData\Local\vghd
2014-09-15 22:09 - 2014-09-15 22:09 - 00002355 _____ () E:\Users\DLee\Desktop\aswMBR.txt
2014-09-15 22:09 - 2014-09-15 22:09 - 00000512 _____ () E:\Users\DLee\Desktop\MBR.dat
2014-09-15 21:27 - 2014-09-15 21:27 - 00854417 _____ () E:\Users\DLee\Desktop\SecurityCheck.exe
2014-09-15 21:26 - 2014-09-15 21:27 - 05185536 _____ (AVAST Software) E:\Users\DLee\Desktop\aswMBR.exe
2014-09-14 22:50 - 2014-09-16 07:35 - 00000000 ____D () E:\Users\DLee\AppData\Local\Adobe
2014-09-14 11:56 - 2014-09-14 14:03 - 02347384 _____ (ESET) E:\Users\DLee\Desktop\esetsmartinstaller_enu.exe
2014-09-14 11:38 - 2014-09-14 11:38 - 17292760 _____ (Malwarebytes Corporation ) E:\Users\DLee\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-14 11:29 - 2014-09-14 11:30 - 02105856 _____ (Farbar) E:\Users\DLee\Desktop\FRST64(1).exe
2014-09-14 11:25 - 2014-09-14 11:25 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-09-13 12:05 - 2014-09-13 12:05 - 00002402 _____ () E:\Users\DLee\Desktop\AdwCleaner[S0].txt
2014-09-13 12:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 22:57 - 2014-09-12 22:57 - 04181856 _____ (Kaspersky Lab ZAO) E:\Users\DLee\Desktop\tdsskiller.exe
2014-09-12 22:57 - 2014-09-12 22:57 - 01373475 _____ () E:\Users\DLee\Desktop\AdwCleaner.exe
2014-09-12 22:55 - 2014-09-12 22:55 - 00006356 _____ () E:\Users\DLee\Desktop\BSOD.txt
2014-09-12 22:55 - 2014-09-12 22:55 - 00000951 _____ () E:\Users\DLee\Desktop\BlueScreenView.cfg
2014-09-12 22:53 - 2013-07-17 10:36 - 00146528 _____ (NirSoft) E:\Users\DLee\Desktop\BlueScreenView.exe
2014-09-12 22:53 - 2013-07-17 10:36 - 00018384 _____ () E:\Users\DLee\Desktop\BlueScreenView.chm
2014-09-12 22:53 - 2013-07-17 10:36 - 00017196 _____ () E:\Users\DLee\Desktop\readme.txt
2014-09-12 22:51 - 2014-09-12 22:51 - 00084917 _____ () E:\Users\DLee\Desktop\bluescreenview-x64.zip
2014-09-11 21:44 - 2014-09-16 21:32 - 00055553 _____ () E:\Users\DLee\Desktop\Addition.txt
2014-09-11 21:43 - 2014-09-20 20:14 - 00018240 _____ () E:\Users\DLee\Desktop\FRST.txt
2014-09-11 21:43 - 2014-09-20 20:14 - 00000000 ___DC () C:\FRST
2014-09-11 21:42 - 2014-09-12 07:53 - 00000347 _____ () E:\Users\DLee\Desktop\FRST64.exe
2014-09-10 00:02 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 00:02 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 00:01 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 00:01 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 00:01 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 00:01 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 00:01 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 00:01 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 00:01 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 00:01 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 00:01 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 00:01 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 00:01 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 00:01 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 00:01 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 00:01 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 00:01 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 00:01 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 00:01 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 00:01 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 00:01 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 00:01 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 00:01 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 00:01 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 00:01 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 00:01 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 00:01 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 00:01 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 00:01 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 00:01 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 00:01 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 00:01 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 00:01 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 00:01 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 00:01 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 00:01 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 00:01 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 00:01 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 00:01 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 00:01 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 00:01 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 00:01 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 00:01 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 00:01 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 00:01 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 00:01 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 00:01 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 00:01 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 00:01 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 00:01 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 00:01 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 00:01 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-09 23:59 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-09 23:59 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 23:58 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 23:58 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 23:58 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 23:58 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 23:58 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 23:58 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 23:58 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 23:58 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 23:58 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 23:58 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 23:58 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () E:\Users\DLee\Desktop\cmd.exe - Shortcut.lnk
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () C:\Windows\system32\cmd.exe - Shortcut.lnk
2014-09-07 13:55 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-09-06 21:32 - 2014-09-07 22:38 - 00000624 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-06 19:13 - 2014-09-06 19:13 - 00288329 _____ () C:\Windows\Minidump\090614-17160-01.dmp
2014-09-06 01:54 - 2014-09-06 01:54 - 00358329 _____ () C:\Windows\Minidump\090614-14554-01.dmp
2014-09-05 16:04 - 2014-09-05 16:06 - 00000000 ____D () E:\Users\DLee\.yawcam
2014-09-05 16:00 - 2014-09-05 16:00 - 04675501 _____ (Magnus Lundvall ) E:\Users\DLee\Desktop\yawcam_install.exe
2014-09-04 23:38 - 2014-09-04 23:39 - 00000000 ____D () E:\Users\DLee\Auto
2014-08-30 15:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-30 15:53 - 2014-08-30 15:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-30 15:51 - 2014-08-30 15:55 - 00007479 _____ () C:\Windows\IE11_main.log
2014-08-29 19:57 - 2014-08-29 19:57 - 00000000 ____D () C:\ProgramData\ATI
2014-08-29 19:56 - 2014-08-29 19:56 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201408291956017482.log
2014-08-29 19:56 - 2014-08-29 19:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-29 19:56 - 2014-02-16 09:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-29 19:05 - 2014-08-29 19:05 - 00288329 _____ () C:\Windows\Minidump\082914-15631-01.dmp
2014-08-27 20:24 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:24 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:24 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () E:\Users\DLee\AppData\Local\Skype
2014-08-25 22:57 - 2014-08-26 00:04 - 00000000 ____D () E:\Users\DLee\Tax 2014
2014-08-25 08:35 - 2014-08-25 08:35 - 00000000 ____D () E:\Users\DLee\Desktop\tlw3ic70.Daniel
2014-08-25 08:33 - 2014-08-25 08:33 - 00000817 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-24 21:51 - 2014-08-24 21:51 - 00000000 ____D () E:\Users\DLee\Desktop\b0pajpvg.Daniel
2014-08-24 20:49 - 2014-08-24 20:49 - 24654088 _____ (Mozilla) E:\Users\DLee\Desktop\Firefox Setup 27.0.1.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 20:14 - 2014-09-11 21:43 - 00018240 _____ () E:\Users\DLee\Desktop\FRST.txt
2014-09-20 20:14 - 2014-09-11 21:43 - 00000000 ___DC () C:\FRST
2014-09-20 20:13 - 2012-09-21 03:41 - 01989127 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 20:09 - 2012-11-05 12:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-20 20:09 - 2009-07-13 21:45 - 00022592 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 20:09 - 2009-07-13 21:45 - 00022592 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 20:06 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-20 20:05 - 2012-09-24 20:21 - 00000000 ____D () C:\Temp
2014-09-20 20:02 - 2014-02-25 16:43 - 00036528 _____ () C:\Windows\setupact.log
2014-09-20 20:02 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 00:49 - 2014-08-18 15:06 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000.job
2014-09-20 00:41 - 2012-12-12 23:21 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job
2014-09-20 00:29 - 2012-09-21 15:16 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job
2014-09-19 23:58 - 2012-02-09 20:13 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\uTorrent
2014-09-19 23:55 - 2011-05-09 02:30 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\vlc
2014-09-19 22:29 - 2012-09-21 15:16 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job
2014-09-19 19:02 - 2011-03-20 02:03 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Skype
2014-09-19 18:41 - 2012-12-12 23:21 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job
2014-09-19 16:16 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-19 12:18 - 2014-09-19 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-19 12:18 - 2014-09-19 12:18 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-19 12:18 - 2012-12-13 14:34 - 00000000 ____D () C:\ProgramData\Skype
2014-09-17 22:51 - 2014-09-17 21:58 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\vghd
2014-09-17 21:58 - 2014-09-17 21:58 - 00000000 ____D () E:\Users\DLee\AppData\Local\vghd
2014-09-16 21:32 - 2014-09-11 21:44 - 00055553 _____ () E:\Users\DLee\Desktop\Addition.txt
2014-09-16 21:19 - 2012-09-21 17:23 - 00243118 _____ () C:\Windows\PFRO.log
2014-09-16 07:35 - 2014-09-14 22:50 - 00000000 ____D () E:\Users\DLee\AppData\Local\Adobe
2014-09-16 07:35 - 2013-03-16 16:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-16 07:35 - 2013-03-16 16:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 22:09 - 2014-09-15 22:09 - 00002355 _____ () E:\Users\DLee\Desktop\aswMBR.txt
2014-09-15 22:09 - 2014-09-15 22:09 - 00000512 _____ () E:\Users\DLee\Desktop\MBR.dat
2014-09-15 21:27 - 2014-09-15 21:27 - 00854417 _____ () E:\Users\DLee\Desktop\SecurityCheck.exe
2014-09-15 21:27 - 2014-09-15 21:26 - 05185536 _____ (AVAST Software) E:\Users\DLee\Desktop\aswMBR.exe
2014-09-15 21:26 - 2014-08-18 15:06 - 00003558 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000
2014-09-15 00:44 - 2009-07-13 21:45 - 04968560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 23:37 - 2012-09-24 23:34 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-14 23:33 - 2012-11-05 12:07 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Adobe
2014-09-14 22:40 - 2012-09-24 23:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-14 14:03 - 2014-09-14 11:56 - 02347384 _____ (ESET) E:\Users\DLee\Desktop\esetsmartinstaller_enu.exe
2014-09-14 11:40 - 2014-08-12 11:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 11:39 - 2014-08-12 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-14 11:38 - 2014-09-14 11:38 - 17292760 _____ (Malwarebytes Corporation ) E:\Users\DLee\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-14 11:30 - 2014-09-14 11:29 - 02105856 _____ (Farbar) E:\Users\DLee\Desktop\FRST64(1).exe
2014-09-14 11:30 - 2011-03-19 21:12 - 00000000 ____D () E:\Users\DLee
2014-09-14 11:25 - 2014-09-14 11:25 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-09-13 12:35 - 2012-09-28 19:03 - 00002322 _____ () E:\Users\DLee\Desktop\Google Chrome.lnk
2014-09-13 12:05 - 2014-09-13 12:05 - 00002402 _____ () E:\Users\DLee\Desktop\AdwCleaner[S0].txt
2014-09-12 22:57 - 2014-09-12 22:57 - 04181856 _____ (Kaspersky Lab ZAO) E:\Users\DLee\Desktop\tdsskiller.exe
2014-09-12 22:57 - 2014-09-12 22:57 - 01373475 _____ () E:\Users\DLee\Desktop\AdwCleaner.exe
2014-09-12 22:55 - 2014-09-12 22:55 - 00006356 _____ () E:\Users\DLee\Desktop\BSOD.txt
2014-09-12 22:55 - 2014-09-12 22:55 - 00000951 _____ () E:\Users\DLee\Desktop\BlueScreenView.cfg
2014-09-12 22:51 - 2014-09-12 22:51 - 00084917 _____ () E:\Users\DLee\Desktop\bluescreenview-x64.zip
2014-09-12 22:33 - 2012-09-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 07:53 - 2014-09-11 21:42 - 00000347 _____ () E:\Users\DLee\Desktop\FRST64.exe
2014-09-11 21:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 19:47 - 2014-05-06 19:13 - 00000000 ____D () E:\Users\DLee\SS
2014-09-10 00:00 - 2012-09-22 11:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-10 00:00 - 2012-09-22 11:53 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 00:00 - 2012-09-22 11:53 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 00:00 - 2012-09-22 11:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 00:00 - 2012-09-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-09 23:59 - 2014-04-22 11:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-07 22:38 - 2014-09-06 21:32 - 00000624 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-07 15:33 - 2013-06-24 16:09 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-09-07 15:33 - 2011-04-13 20:53 - 00000000 ____D () E:\Users\DLee\Documents\Youcam
2014-09-07 15:11 - 2014-07-26 22:18 - 00000000 ____D () E:\Users\DLee\Desktop\MTGO
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () E:\Users\DLee\Desktop\cmd.exe - Shortcut.lnk
2014-09-07 15:04 - 2014-09-07 15:04 - 00001156 _____ () C:\Windows\system32\cmd.exe - Shortcut.lnk
2014-09-07 12:54 - 2012-09-21 15:24 - 00000000 ____D () C:\Windows\Minidump
2014-09-07 12:26 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-06 21:48 - 2012-10-26 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-09-06 21:48 - 2011-03-19 21:40 - 00000000 ____D () E:\Users\DLee\AppData\Local\Downloaded Installations
2014-09-06 19:13 - 2014-09-06 19:13 - 00288329 _____ () C:\Windows\Minidump\090614-17160-01.dmp
2014-09-06 18:42 - 2011-06-21 20:05 - 00000000 ___RD () E:\Users\DLee\My Pictures 2
2014-09-06 01:54 - 2014-09-06 01:54 - 00358329 _____ () C:\Windows\Minidump\090614-14554-01.dmp
2014-09-05 16:06 - 2014-09-05 16:04 - 00000000 ____D () E:\Users\DLee\.yawcam
2014-09-05 16:00 - 2014-09-05 16:00 - 04675501 _____ (Magnus Lundvall ) E:\Users\DLee\Desktop\yawcam_install.exe
2014-09-04 23:39 - 2014-09-04 23:38 - 00000000 ____D () E:\Users\DLee\Auto
2014-09-04 19:10 - 2014-09-09 23:58 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 19:05 - 2014-09-09 23:58 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 18:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-31 08:05 - 2013-03-23 15:25 - 00001274 _____ () E:\Users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 17:09 - 2009-07-13 19:34 - 00000567 _____ () C:\Windows\win.ini
2014-08-30 17:08 - 2011-03-21 00:31 - 00000000 ____D () E:\Users\DLee\Asus Wireless Win7x64
2014-08-30 15:55 - 2014-08-30 15:51 - 00007479 _____ () C:\Windows\IE11_main.log
2014-08-30 15:53 - 2014-08-30 15:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-30 15:53 - 2014-08-30 15:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-30 15:53 - 2014-08-30 15:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-30 15:53 - 2014-08-30 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-30 15:53 - 2014-08-30 15:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-30 15:53 - 2014-08-30 15:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-29 19:57 - 2014-08-29 19:57 - 00000000 ____D () C:\ProgramData\ATI
2014-08-29 19:56 - 2014-08-29 19:56 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201408291956017482.log
2014-08-29 19:56 - 2014-08-29 19:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-29 19:56 - 2012-09-21 15:14 - 00000000 ____D () C:\ProgramData\AMD
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-29 19:55 - 2013-03-20 19:29 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-29 19:49 - 2013-02-11 00:30 - 00000000 ___DC () C:\AMD
2014-08-29 19:05 - 2014-08-29 19:05 - 00288329 _____ () C:\Windows\Minidump\082914-15631-01.dmp
2014-08-29 17:51 - 2014-08-04 10:27 - 00000000 ____D () E:\Users\DLee\Housing
2014-08-29 11:22 - 2013-09-17 20:54 - 00000000 ____D () E:\Users\DLee\Loans
2014-08-28 23:04 - 2012-01-26 22:23 - 00000000 ____D () E:\Users\DLee\Job
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () E:\Users\DLee\AppData\Local\Skype
2014-08-26 00:04 - 2014-08-25 22:57 - 00000000 ____D () E:\Users\DLee\Tax 2014
2014-08-25 08:53 - 2012-10-21 01:25 - 00002620 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-08-25 08:53 - 2011-08-20 21:18 - 00000000 ____D () E:\Users\DLee\AppData\Local\Corel
2014-08-25 08:53 - 2011-08-20 21:17 - 00000000 ____D () E:\Users\DLee\Documents\My PSP Files
2014-08-25 08:40 - 2011-03-20 00:19 - 00000000 ____D () E:\Users\DLee\AppData\Local\Mozilla
2014-08-25 08:35 - 2014-08-25 08:35 - 00000000 ____D () E:\Users\DLee\Desktop\tlw3ic70.Daniel
2014-08-25 08:33 - 2014-08-25 08:33 - 00000817 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-24 21:57 - 2011-03-20 00:19 - 00000000 ____D () E:\Users\DLee\AppData\Roaming\Mozilla
2014-08-24 21:51 - 2014-08-24 21:51 - 00000000 ____D () E:\Users\DLee\Desktop\b0pajpvg.Daniel
2014-08-24 20:49 - 2014-08-24 20:49 - 24654088 _____ (Mozilla) E:\Users\DLee\Desktop\Firefox Setup 27.0.1.exe
2014-08-22 21:04 - 2012-08-07 16:51 - 00000000 ____D () E:\Users\DLee\dwhelper
2014-08-22 19:07 - 2014-08-27 20:24 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 20:24 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 20:24 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 00:22 - 2014-08-20 22:18 - 00000000 ____D () E:\Users\DLee\Desktop\ED Work Folder
2014-08-21 21:30 - 2013-09-19 10:02 - 00000000 ____D () E:\Users\DLee\Health

Some content of TEMP:
====================
E:\Users\DLee\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 22:47

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by DLee at 2014-09-20 20:14:37
Running from E:\Users\DLee\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.57 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.20 - )
Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
AMD Accelerated Video Transcoding (Version: 13.30.100.40811 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5A53DBA6-9B15-450F-EDF3-C01E12E9C61F}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS USB2.0 Webcam (HKLM-x32\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.96.2.2a - ASUS USB2.0 Webcam)
ASUS WLAN Card Utilities/Driver (HKLM-x32\...\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}) (Version: 4.3.1.0 - ASUS)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version:  - )
Brother MFL-Pro Suite MFC-440CN (HKLM-x32\...\{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
ElephantDrive (HKLM-x32\...\{6B4990B0-BE17-4B48-BA38-A8EE35E09EE1}) (Version: 5.1.0 - ElephantDrive)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
GoToMeeting 6.4.2.1669 (HKCU\...\GoToMeeting) (Version: 6.4.2.1669 - CitrixOnline)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Magic Online (HKLM-x32\...\{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}) (Version: 3.00.0000 - Wizards of the Coast)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
MPC-HC 1.7.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.5 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Controller Editor (Version: 1.5.1.1124 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.1.1.2673 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0095 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 27.2.79231 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STO Keybinds (HKCU\...\bdb72a49df691b00) (Version: 1.0.0.105 - Federation Emergency Services)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Walking Dead 400 Days (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWQ=_is1) (Version: 1 - )
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.32 - )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.SingleImage_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SingleImage_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.SingleImage_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{0B6EF241-90CC-4AC7-B36F-2EECB12E61CF}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{4C975BB2-B3EE-4F66-A8E7-5C917B7C439D}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.SingleImage_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{18707c5c-c2e7-4ff1-94af-2ee9807e6f0d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-80866519-203923749-430787433-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> E:\Users\DLee\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

15-09-2014 04:48:04 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
15-09-2014 05:37:20 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
15-09-2014 05:41:21 Removed Adobe Help Manager
15-09-2014 05:41:46 Removed Adobe Widget Browser
15-09-2014 05:42:48 Removed NVIDIA PhysX
15-09-2014 05:43:22 Removed Amazon Music Importer
15-09-2014 06:31:10 Installed Adobe Acrobat X Pro - English, Français, Deutsch.
18-09-2014 03:03:37 Windows Update
21-09-2014 03:07:55 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
21-09-2014 03:13:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-09-20 20:12 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12DD8DC0-5E66-4EE3-A2DC-F18B37838C6D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1F550FD6-77E7-43B4-A065-0580279D7D56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {457FFDE4-41D6-4490-9098-4E19EFB7CECA} - System32\Tasks\ASUS\TurboVHelp => E:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {654C4496-63F8-4B24-B1AF-0D1E9C17E5B2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {68216C4C-76D1-41DE-BE35-AF271E487178} - System32\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\1669\g2mupdate.exe [2014-09-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {688DAE9A-11EE-4AC1-A58E-E062C350A523} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {785E5907-EF25-4383-AE4F-F6AEE72BDC12} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {8DFBEFC3-E3B3-4200-AB6A-A10815F1CDB2} - System32\Tasks\ASUS\ASUS Update Checker => E:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {8EAC7C11-D6DF-4E65-8F69-036CC7FDA474} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {8FEBC456-05EA-4261-A5B0-1485F92A5D85} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {A0972BB2-005C-4CCE-89DB-C8BA6E2BA6BD} - \{2C9578E6-E69F-4155-A18E-58E356D72B46} No Task File <==== ATTENTION
Task: {A1523DAA-D60F-45DC-942B-97EC5F4DA7EE} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {A5028A0D-104D-4B7E-A8AD-303BCD76F8EC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {A77C337D-61C6-4371-B9EE-CA2F497402B0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe
Task: {B037A57E-5898-43F1-A757-2EFCE5C48B17} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {C224EC8E-93C0-45CB-A895-9EFCBF4F4E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {CE1CF273-A82D-480C-9A54-34F07C873E1D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E6342053-AE33-49BB-BA3E-6C0CB85334C1} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {EB8BC2C2-A0CC-48E8-8CC6-67C4673F404A} - System32\Tasks\{8D7A625B-87B7-4AF2-A334-F321F8D0A824} => Firefox.exe http://www.skype.com...8;LastError=404
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job => E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-80866519-203923749-430787433-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\1669\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000Core.job => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-80866519-203923749-430787433-1000UA.job => E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-11 23:06 - 2014-08-11 23:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-09-23 22:15 - 2010-06-24 14:19 - 00109056 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
2013-02-11 00:07 - 2009-05-21 16:09 - 00172032 _____ () E:\Program Files (x86)\ASUS\ASWLCCSVC.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-07-25 00:23 - 2012-07-25 00:23 - 00886784 _____ () E:\Program Files (x86)\ElephantDrive\ElephantDrive\RightClickMenu-64bit.dll
2013-10-31 08:05 - 2013-10-31 08:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2012-09-25 23:39 - 2010-02-08 17:19 - 00053248 _____ () E:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2012-09-25 23:39 - 2010-06-01 10:38 - 00253952 _____ () E:\Program Files\ASUS\TurboV EVO\pngio.dll
2014-08-25 08:33 - 2014-02-12 17:36 - 03578992 _____ () E:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-15 21:27 - 2014-09-15 21:27 - 00854417 _____ () E:\Users\DLee\Desktop\SecurityCheck.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40260784.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42424843.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\40260784.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42424843.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Shortcut to ElephantDrive.exe.lnk => C:\Windows\pss\Shortcut to ElephantDrive.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Status Monitor.lnk => C:\Windows\pss\Status Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: E:^Users^DLee^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk => C:\Windows\pss\DesktopVideoPlayer.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "E:\Users\DLee\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: Control Center => E:\Program Files (x86)\ASUS\CenterAgent.exe
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "E:\Users\DLee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "E:\Users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "E:\Program Files (x86)\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "U:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TurboV EVO => "E:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
MSCONFIG\startupreg: YouCam Service6 => "E:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 10:29:58 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/19/2014 05:29:14 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/19/2014 00:29:08 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/18/2014 09:29:34 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/18/2014 08:29:36 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/18/2014 01:29:33 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/17/2014 11:10:31 PM) (Source: MouseKeyboardCenter) (EventID: 0) (User: )
Description: Unknown Node:#text    -->

Error: (09/17/2014 08:29:51 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/17/2014 08:29:37 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (09/17/2014 02:29:09 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.


System errors:
=============
Error: (09/20/2014 08:02:18 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/19/2014 00:13:19 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/19/2014 08:39:55 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/18/2014 08:41:47 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/18/2014 08:21:46 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/17/2014 11:04:22 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/17/2014 09:24:53 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/17/2014 07:47:28 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/17/2014 08:22:20 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/16/2014 09:19:19 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.


Microsoft Office Sessions:
=========================
Error: (09/19/2014 10:29:58 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/19/2014 05:29:14 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/19/2014 00:29:08 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2014 09:29:34 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2014 08:29:36 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2014 01:29:33 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/17/2014 11:10:31 PM) (Source: MouseKeyboardCenter) (EventID: 0) (User: )
Description: Unknown Node:#text    -->

Error: (09/17/2014 08:29:51 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/17/2014 08:29:37 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/17/2014 02:29:09 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARMOR)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-09-07 14:14:32.621
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.496
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:14:32.433
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.448
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.370
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.307
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:13:36.245
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:10:37.255
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:10:37.193
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Ugutil\program\PCANDIS4.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1075T Processor
Percentage of memory in use: 16%
Total physical RAM: 16382.14 MB
Available physical RAM: 13614.9 MB
Total Pagefile: 49144.61 MB
Available Pagefile: 46194.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:59.62 GB) (Free:22.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Old C) (Fixed) (Total:465.65 GB) (Free:295.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected.
Drive g: (Phantom G) (Fixed) (Total:465.76 GB) (Free:260.29 GB) NTFS
Drive k: (Phantom K) (Fixed) (Total:465.76 GB) (Free:266.58 GB) NTFS
Drive u: (Unique) (Fixed) (Total:931.51 GB) (Free:357.77 GB) NTFS
Drive x: (Falcon X) (Fixed) (Total:465.86 GB) (Free:269.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F72B7564)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 9A4048C5)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BAA5BAA5)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: F87B4C9A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: 000098EC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#30
Daniel Christmas Lee
Posted 20 September 2014 - 09:16 PM

Daniel Christmas Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 208 posts

Security Check

 

Note: My Java is up to date according to: https://www.java.com/verify/

 

My Firefox is out of date on purpose!!

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 60  
 Java version out of Date!
 Adobe Flash Player 15.0.0.152  
 Mozilla Firefox 27.0.1 Firefox out of Date!  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 


Edited by Daniel Christmas Lee, 20 September 2014 - 09:18 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: BSOD, Malware, Godawgs

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP