Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 computer w/ "MyPC Backup.exe" and browser pop-ups [C


  • This topic is locked This topic is locked

#1
clayfaceboy

clayfaceboy

    New Member

  • Member
  • Pip
  • 8 posts

I have a similar problem as http://www.geekstogo...omputer-solved/

 

"Problems began about the same time I was trying to download Minecraft. Not sure how legitimate of a site was used. Can only assume it was a less than reputable source."

Symptoms:

Chrome browser shows "Related Searches" window on the left (Topic Torch by LinkSwift)
Chrome browser shows "Easyinline Advertisement" window in the lower right...often with streaming video advertisements.
Chrome browser shows simulated popup windows(?) "*********** Congratulations! You are Todays Lucky Visitor. Click OK to continue ***************"

On the windows desktop, windows pop-up notices:

"Your computer is ready to backup
Your Windows PC has free computer backup software installed. 
Click OK to register your computer and start a back up."

"Optimizer Pro
Performance Monitor
Attention!
3434 items to clean and optimize"...

Some (or all?) of the following programs don't seem familiar to me.
- Optimizer Pro
- myPCBackup

 

This occurred after I clicked on an offer for downloading Minecraft Tower Defense in exchange for currency on a certain site. Nothing has happened other than the unwanted ads on Google Chrome and programs on my PC.

Here is my OTL log:

 

OTL logfile created on: 10/5/2014 12:34:15 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Michael\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.61 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 36.18% Memory free
7.21 Gb Paging File | 4.19 Gb Available in Paging File | 58.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 319.19 Gb Free Space | 70.77% Space Free | Partition Type: NTFS
 
Computer Name: PIGPEN | User Name: Sarabeth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/05 12:32:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe
PRC - [2014/10/01 15:20:19 | 000,120,512 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
PRC - [2014/09/22 21:32:10 | 001,523,392 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2014/09/22 21:32:08 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/09/22 21:32:06 | 001,938,112 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/09/22 21:32:04 | 000,383,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2014/09/22 21:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/01 08:57:38 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/07/05 17:50:13 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/06/29 07:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/27 18:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/04/13 09:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/03 12:57:08 | 000,155,232 | ---- | M] () -- C:\Users\Michael\AppData\Local\Temp\~D28B.tmp
MOD - [2014/10/01 15:20:19 | 000,120,512 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
MOD - [2014/10/01 15:20:18 | 000,118,976 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\video_bink.dll
MOD - [2014/10/01 15:20:17 | 001,337,536 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vguimatsurface.dll
MOD - [2014/10/01 15:20:16 | 000,281,280 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\tier0.dll
MOD - [2014/10/01 15:20:13 | 001,612,992 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\shaderapidx9.dll
MOD - [2014/10/01 15:20:08 | 000,175,296 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\launcher.dll
MOD - [2014/10/01 15:20:07 | 000,121,536 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\inputsystem.dll
MOD - [2014/10/01 15:19:56 | 000,177,344 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vstdlib.dll
MOD - [2014/10/01 15:19:55 | 000,892,096 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vphysics.dll
MOD - [2014/10/01 15:19:55 | 000,107,200 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\video_services.dll
MOD - [2014/10/01 15:19:54 | 000,127,168 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\video_quicktime.dll
MOD - [2014/10/01 15:19:53 | 000,674,496 | ---- | M] () -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\FileSystem_Stdio.dll
MOD - [2014/10/01 15:19:53 | 000,369,856 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vgui2.dll
MOD - [2014/10/01 15:19:49 | 004,239,552 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\engine.dll
MOD - [2014/10/01 15:19:44 | 001,148,608 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\MaterialSystem.dll
MOD - [2014/10/01 15:19:43 | 000,517,824 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\StudioRender.dll
MOD - [2014/10/01 15:19:43 | 000,149,696 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\sourcevr.dll
MOD - [2014/10/01 15:19:36 | 000,246,464 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\datacache.dll
MOD - [2014/09/25 15:44:32 | 000,774,656 | ---- | M] () -- c:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\SDL2.dll
MOD - [2014/09/22 21:32:22 | 002,226,880 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014/09/22 21:32:10 | 000,679,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/09/22 21:32:08 | 000,138,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\audio.dll
MOD - [2014/09/22 21:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppgooglenaclpluginchrome.dll
MOD - [2014/09/22 21:07:04 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
MOD - [2014/09/22 21:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
MOD - [2014/09/22 21:06:58 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
MOD - [2014/09/22 21:06:56 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
MOD - [2014/09/22 21:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
MOD - [2014/09/04 16:29:26 | 034,589,376 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/09/04 16:29:26 | 000,837,824 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
MOD - [2014/09/03 12:28:16 | 000,774,656 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/08/21 11:15:22 | 001,171,456 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2014/08/21 11:15:22 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2014/08/21 11:15:22 | 000,442,368 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2014/08/21 11:15:22 | 000,403,968 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2014/08/21 11:15:22 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2014/07/05 17:50:20 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/05 17:50:16 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/05/30 18:27:18 | 000,153,088 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asi
MOD - [2014/05/30 18:27:18 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asi
MOD - [2011/06/29 07:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/27 18:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 18:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/24 22:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/24 22:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2010/11/24 21:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/03/22 14:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 19:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 19:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 19:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 18:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 18:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 14:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 14:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/18 15:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/07/05 17:50:13 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/08/06 00:14:06 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/07/13 18:15:36 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/27 12:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/09/22 21:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/03/20 15:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/25 19:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/09/28 07:09:36 | 000,048,792 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys -- ({fef7f75c-f985-4250-96f9-8183cd04238b}Gw64)
DRV:64bit: - [2014/07/05 17:50:55 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/05 17:50:25 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/05 17:50:25 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/05 17:50:25 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/07/05 17:50:25 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/05 17:50:25 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/05 17:50:25 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/07/05 17:50:24 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/12/19 06:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/01/22 09:52:08 | 000,075,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/17 14:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/08/17 14:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/13 19:00:06 | 009,978,880 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/13 17:33:58 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/16 15:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/16 15:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/06/06 18:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/27 12:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/04/21 19:17:10 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/31 20:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/20 10:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/12/15 23:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/29 17:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=456229231&ir=
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{37504C6E-2D7A-4B20-B421-54B25D89BF5D}: "URL" = http://search.condui...3822501330&UM=2
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://astromenda.co...r=456229231&ir=
IE - HKCU\..\SearchScopes\{8C412FB2-7F47-4E05-882C-8387B8ABA8FB}: "URL" = http://search.yahoo....22,17118,0,18,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Program Files (x86)\SunriseBrowse\bin\Pac8807.js
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-16f9ef27cfcc4bad\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sarabeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/05 17:50:27 | 000,000,000 | ---D | M]
 
[2012/05/30 19:25:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarabeth\AppData\Roaming\Mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Exent® AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-6ca07d14e2274822\\NPRobloxProxy.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\9.0.2022.122_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\Sarabeth\AppData\Local\Apps\2.0\G7H9AP90.XZR\59QVTPQM.HE0\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [Gameo] C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe ()
O4 - HKLM..\RunOnce: [DelTr171861496] cmd.exe /c rd /s /q  "C:\Users\Sarabeth\AppData\Roaming\WSE_Astromenda" File not found
O4 - HKCU..\RunOnce: [DelTr171861496] cmd.exe /c rd /s /q  "C:\Users\Sarabeth\AppData\Roaming\WSE_Astromenda" File not found
O4 - HKCU..\RunOnce: [WSE_Astromenda]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{524CEDFF-2DFF-4E9F-81F6-D26AEC086C5E}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/09/18 16:14:01 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013/01/03 23:27:53 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/05 11:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/09/28 10:38:51 | 000,000,000 | -H-D | C] -- C:\Users\Sarabeth\AppData\Roaming\GoldenGate
[2014/09/28 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Local\Gameo
[2014/09/28 10:35:41 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
[2014/09/28 10:35:18 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Roaming\Gameo
[2014/09/28 10:35:00 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\Documents\Optimizer Pro
[2014/09/28 10:33:43 | 000,048,792 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
[2014/09/28 10:32:51 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Roaming\0K1L2Z1T1C1T
[2014/09/28 10:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2014/09/28 10:28:59 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Roaming\WSE_Astromenda
[2014/09/28 10:28:38 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Local\Programs
[2014/09/24 06:49:59 | 000,000,000 | ---D | C] -- C:\5962dfa296d2e424ed56
[2014/09/22 15:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2014/09/21 14:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/09/18 16:24:12 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Roaming\Autodesk
[2014/09/18 16:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2014/09/18 16:14:11 | 000,000,000 | ---D | C] -- C:\Users\Sarabeth\AppData\Local\Akamai
[2014/09/18 16:13:34 | 000,000,000 | ---D | C] -- C:\Autodesk
[2 C:\Users\Sarabeth\Documents\*.tmp files -> C:\Users\Sarabeth\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/05 12:41:00 | 000,000,902 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/05 11:05:24 | 000,000,632 | RHS- | M] () -- C:\Users\Sarabeth\ntuser.pol
[2014/10/05 11:02:35 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job
[2014/10/04 11:17:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/03 12:25:27 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/10/03 12:22:46 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/03 12:22:46 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/03 12:02:53 | 2903,519,232 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/28 18:50:56 | 000,753,248 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/09/28 18:50:56 | 000,641,590 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/09/28 18:50:56 | 000,115,416 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/09/28 11:35:35 | 000,000,045 | ---- | M] () -- C:\Users\Sarabeth\AppData\Roaming\WB.CFG
[2014/09/28 10:39:46 | 000,001,940 | ---- | M] () -- C:\Users\Sarabeth\Desktop\Play Anno Online.lnk
[2014/09/28 10:35:44 | 000,000,174 | ---- | M] () -- C:\Users\Sarabeth\Desktop\Play Games Online.url
[2014/09/28 10:35:42 | 000,001,764 | ---- | M] () -- C:\Users\Sarabeth\Desktop\Gameo.lnk
[2014/09/28 10:29:39 | 000,000,286 | ---- | M] () -- C:\windows\tasks\LaunchSignup.job
[2014/09/28 10:29:23 | 000,000,271 | ---- | M] () -- C:\Users\Sarabeth\Desktop\Cut the Rope.url
[2014/09/28 10:29:04 | 000,002,136 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/28 07:09:36 | 000,048,792 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
[2014/09/16 21:27:55 | 346,449,126 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014/09/09 19:24:51 | 000,745,862 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2 C:\Users\Sarabeth\Documents\*.tmp files -> C:\Users\Sarabeth\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/29 16:51:22 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/09/28 11:35:35 | 000,000,045 | ---- | C] () -- C:\Users\Sarabeth\AppData\Roaming\WB.CFG
[2014/09/28 10:39:46 | 000,001,940 | ---- | C] () -- C:\Users\Sarabeth\Desktop\Play Anno Online.lnk
[2014/09/28 10:35:44 | 000,000,174 | ---- | C] () -- C:\Users\Sarabeth\Desktop\Play Games Online.url
[2014/09/28 10:35:44 | 000,000,174 | ---- | C] () -- C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[2014/09/28 10:35:42 | 000,001,764 | ---- | C] () -- C:\Users\Sarabeth\Desktop\Gameo.lnk
[2014/09/28 10:35:41 | 000,001,750 | ---- | C] () -- C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
[2014/09/28 10:29:39 | 000,000,286 | ---- | C] () -- C:\windows\tasks\LaunchSignup.job
[2014/09/28 10:29:22 | 000,000,271 | ---- | C] () -- C:\Users\Sarabeth\Desktop\Cut the Rope.url
[2014/09/16 21:27:55 | 346,449,126 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014/08/22 05:54:25 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2014/07/05 18:15:52 | 000,007,652 | ---- | C] () -- C:\Users\Sarabeth\AppData\Local\Resmon.ResmonCfg
[2014/07/05 16:54:30 | 000,000,632 | RHS- | C] () -- C:\Users\Sarabeth\ntuser.pol
[2013/02/10 22:06:52 | 000,212,572 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2012/06/07 12:38:41 | 000,012,288 | ---- | C] () -- C:\Users\Sarabeth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 19:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 18:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/09/28 10:32:51 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\0K1L2Z1T1C1T
[2014/01/21 00:13:05 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Audacity
[2014/09/18 16:24:12 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Autodesk
[2014/01/20 08:57:00 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\AVAST Software
[2014/07/05 21:01:32 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Canon
[2012/05/28 14:57:34 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Fingertapps
[2014/09/28 10:38:39 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Gameo
[2014/09/28 10:39:23 | 000,000,000 | -H-D | M] -- C:\Users\Sarabeth\AppData\Roaming\GoldenGate
[2012/11/11 13:17:07 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\IDT
[2012/05/28 14:57:23 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Leadertech
[2014/07/05 23:15:01 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Oracle
[2012/05/29 09:10:03 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\PCDr
[2012/08/19 16:43:16 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\Unity
[2014/09/28 10:29:45 | 000,000,000 | ---D | M] -- C:\Users\Sarabeth\AppData\Roaming\WSE_Astromenda
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements


#2
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)

We have a better scanner for the 64-bit type of OS.


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#3
clayfaceboy

clayfaceboy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

FRST.txt:

 

==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2655447164-819488812-1400318288-1008\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7AEBC1F192ABCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Michael\AppData\Local\Roblox\Versions\version-5e847c35ea884813\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michael\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-19]
 
Chrome: 
=======
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-07]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (avast! SafePrice) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
CHR Extension: (avast! Online Security) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-06]
CHR Extension: (SearchLock) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol [2014-09-03]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx []
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys [48792 2014-09-28] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 X6va021; \??\C:\windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-06 10:31 - 2014-10-06 10:32 - 00016428 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-10-06 10:31 - 2014-10-06 10:31 - 00000000 ____D () C:\FRST
2014-10-06 10:28 - 2014-10-06 10:28 - 02109952 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2014-10-05 13:01 - 2014-10-05 13:01 - 00073360 _____ () C:\Users\Michael\Downloads\Extras.Txt
2014-10-05 12:55 - 2014-10-05 12:55 - 00094798 _____ () C:\Users\Michael\Downloads\OTL.Txt
2014-10-05 12:32 - 2014-10-05 12:32 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe
2014-10-05 11:39 - 2014-10-05 11:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-30 20:01 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-30 20:01 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-29 16:51 - 2014-10-03 12:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 18:58 - 2008-01-23 16:44 - 00002685 _____ () C:\Users\Michael\Downloads\1551 - XenoPhobia.nfo
2014-09-28 18:58 - 2007-10-24 05:20 - 33554432 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).nds
2014-09-28 18:55 - 2014-09-28 18:56 - 10895282 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).7z
2014-09-28 10:33 - 2014-09-28 07:09 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-28 10:29 - 2014-09-28 10:29 - 00000286 _____ () C:\windows\Tasks\LaunchSignup.job
2014-09-28 10:25 - 2014-09-28 10:25 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer (1).exe
2014-09-28 10:24 - 2014-09-28 10:24 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer.exe
2014-09-28 10:21 - 2014-09-28 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-09-24 06:49 - 2014-09-24 06:50 - 00000000 ____D () C:\5962dfa296d2e424ed56
2014-09-23 19:04 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-23 19:04 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-22 15:29 - 2014-09-22 15:29 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-09-22 15:25 - 2014-09-22 15:26 - 00703533 _____ () C:\Users\Michael\Downloads\hldsupdatetool.exe
2014-09-22 05:39 - 2014-09-22 05:39 - 00604819 _____ (Ryan Gregg ) C:\Users\Michael\Downloads\gcfscape185.exe
2014-09-21 20:41 - 2014-09-21 20:41 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar (1).rar
2014-09-21 19:57 - 2014-09-21 19:58 - 12119112 _____ () C:\Users\Michael\Downloads\hmopchallengev2.zip
2014-09-21 15:56 - 2014-09-21 15:58 - 00000000 ____D () C:\Users\Michael\AppData\Local\QQSM
2014-09-21 14:04 - 2014-09-21 14:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-21 14:03 - 2014-09-21 14:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\ZMR
2014-09-21 10:44 - 2014-09-21 10:44 - 00000222 _____ () C:\Users\Michael\Desktop\Zombies Monsters Robots.url
2014-09-21 09:59 - 2014-09-21 09:59 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar.rar
2014-09-19 21:02 - 2014-09-19 21:02 - 00000000 ____D () C:\Users\Michael\Desktop\AoTTG_Data
2014-09-19 21:02 - 2014-07-30 00:01 - 19822891 _____ () C:\Users\Michael\Desktop\Attack on Titan Tribute Game v07292014.exe
2014-09-19 20:24 - 2014-09-19 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-09-19 20:23 - 2014-09-19 20:23 - 01080640 _____ (Unity Technologies ApS) C:\Users\Michael\Downloads\UnityWebPlayer.exe
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\ProgramData\Autodesk
2014-09-18 16:13 - 2014-09-18 16:14 - 00000000 ____D () C:\Autodesk
2014-09-18 16:11 - 2014-09-18 16:12 - 10566624 _____ () C:\Users\Michael\Downloads\Autodesk_Maya_2015_R1_wi_en-US_Setup.exe
2014-09-16 21:27 - 2014-09-16 21:27 - 346449126 _____ () C:\windows\MEMORY.DMP
2014-09-16 20:27 - 2009-02-18 05:29 - 67108864 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).nds
2014-09-16 20:25 - 2014-09-16 20:26 - 35337944 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).7z
2014-09-09 19:28 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-09 19:28 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-09 19:28 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-09 19:28 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-09 19:28 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-09 19:28 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-09 19:28 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-09 19:28 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-09 19:28 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-09 19:28 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-09 19:28 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-09 19:28 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-09 19:28 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-09 19:28 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-09 19:28 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-09 19:28 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-09 19:28 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-09 19:28 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-09 19:27 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-09 19:27 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-09 19:27 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-09 19:27 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-09 19:27 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-09 19:27 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-09 19:27 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-09 19:27 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-09 19:27 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-09 19:27 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-09 19:27 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-09 19:27 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-09 19:27 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-09 19:27 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-09 19:27 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-09 19:27 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-09 19:27 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-09 19:27 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-09 19:27 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-09 19:27 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-09 19:27 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-09 19:27 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 19:27 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-09 19:27 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-09 19:27 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-09 19:27 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-09 19:27 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-09 19:27 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-09 19:27 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-09 19:27 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-09 19:27 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-09 19:27 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-09 19:27 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-09 19:27 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-09 19:27 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-09 19:08 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-09 19:08 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 17:50 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-09 17:50 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-09 17:49 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-09 17:49 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-09 17:49 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-09 17:49 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-09 17:49 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-09 17:49 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-09 17:49 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 17:49 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-09 17:49 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-08 16:23 - 2014-09-08 16:24 - 30396692 _____ () C:\Users\Michael\Downloads\R4i-3DS V1.80b English.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-06 10:11 - 2014-07-06 11:22 - 00001236 __RSH () C:\Users\Michael\ntuser.pol
2014-10-06 10:11 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\Michael
2014-10-06 10:11 - 2012-05-28 14:53 - 00000000 ____D () C:\Users\Sarabeth
2014-10-06 10:08 - 2013-10-10 13:30 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job
2014-10-06 10:08 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-10-06 10:08 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-10-06 10:08 - 2012-03-07 17:30 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-10-06 09:41 - 2012-06-19 10:08 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-06 09:15 - 2012-03-07 16:28 - 01185474 _____ () C:\windows\WindowsUpdate.log
2014-10-05 19:41 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-05 19:41 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-05 16:09 - 2014-07-06 11:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-05 11:50 - 2012-03-07 17:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-05 11:50 - 2012-03-07 16:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-05 08:46 - 2009-07-13 19:34 - 00000612 _____ () C:\windows\win.ini
2014-10-03 12:13 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-03 12:09 - 2014-07-05 22:08 - 00004278 _____ () C:\windows\setupact.log
2014-10-02 06:48 - 2014-08-18 15:23 - 00000000 ____D () C:\Users\Michael\Desktop\Profile Pics
2014-09-28 18:50 - 2009-07-13 22:13 - 00753248 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-28 10:29 - 2012-06-19 10:15 - 00002136 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 10:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe
2014-09-27 08:52 - 2012-03-07 17:04 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-25 07:50 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-09-24 07:03 - 2014-07-05 21:26 - 00086072 _____ () C:\windows\PFRO.log
2014-09-21 10:44 - 2014-07-06 11:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-20 07:06 - 2009-07-13 22:08 - 00032548 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-09-17 16:12 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-16 21:28 - 2012-07-07 18:02 - 00000000 ____D () C:\windows\Minidump
2014-09-15 09:06 - 2010-11-20 20:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-09-14 17:48 - 2014-07-11 08:14 - 00000000 ____D () C:\Users\Michael\Desktop\TF2 Sprays
2014-09-09 19:27 - 2012-07-06 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 19:24 - 2012-02-26 03:54 - 00745862 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-09 19:23 - 2014-07-05 22:30 - 00000000 ____D () C:\windows\system32\MRT
2014-09-09 19:10 - 2014-07-05 22:30 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-09 19:08 - 2014-07-05 23:16 - 00000000 ___SD () C:\windows\system32\CompatTel
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\CCLauncherSelfUpdater.EXE
C:\Users\Michael\AppData\Local\Temp\SRLDetectionLibrary7527575404937813073.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
 
==================== End Of Log ============================
 
 
Addition.txt:
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip (HKLM-x32\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{F6B0EA7E-5C19-7421-C2EB-927DA66A1081}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0806.105.31 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60805.2350 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0806.105.31 - ATI) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10806 - ATI Technologies Inc.) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0806.105.31 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help English (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help French (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help German (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
ccc-utility64 (Version: 2011.0806.105.31 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CrimeCraft GangWars (HKLM-x32\...\Steam App 38830) (Version:  - Vogster Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.47 - PC-Doctor, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
ROBLOX Player for Michael (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zombies Monsters Robots (HKLM-x32\...\Steam App 306830) (Version:  - En Masse Entertainment)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\windows\Tasks\LaunchSignup.job => ?
 
==================== Loaded Modules (whitelisted) =============
 
2011-06-27 18:26 - 2011-06-27 18:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2011-06-29 07:52 - 2011-06-29 07:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2010-11-17 09:35 - 2010-11-17 09:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-08-06 00:14 - 2011-08-06 00:14 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-08-06 00:03 - 2011-08-06 00:03 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 09:17 - 2011-03-22 09:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-06 18:23 - 2014-10-01 15:20 - 00120512 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2655447164-819488812-1400318288-500 - Administrator - Disabled)
Guest (S-1-5-21-2655447164-819488812-1400318288-501 - Limited - Disabled) => C:\Users\Guest
Michael (S-1-5-21-2655447164-819488812-1400318288-1008 - Limited - Enabled) => C:\Users\Michael
Sarabeth (S-1-5-21-2655447164-819488812-1400318288-1001 - Administrator - Enabled) => C:\Users\Sarabeth
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/05/2014 07:13:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rundll32.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 29e8
 
Start Time: 01cfe10192ab779a
 
Termination Time: 94
 
Application Path: C:\windows\system32\rundll32.exe
 
Report Id: 62a7c10f-4cfe-11e4-b1ed-24b6fd28d175
 
Error: (10/05/2014 02:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x542c4c27
Exception code: 0xc0000005
Fault offset: 0x6229cc49
Faulting process id: 0xa04
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (10/03/2014 00:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/02/2014 06:07:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: libfbxsdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5164d211
Exception code: 0xc0000005
Fault offset: 0x5429cc49
Faulting process id: 0x5f4
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (10/01/2014 04:06:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x542c4c27
Exception code: 0xc0000005
Fault offset: 0x54edcc49
Faulting process id: 0xae4
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (09/30/2014 11:35:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/30/2014 11:04:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 03:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 05:59:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x54173df3
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x5425cf13
Exception code: 0xc0000005
Fault offset: 0x57bdcc49
Faulting process id: 0x2420
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (09/29/2014 04:40:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (10/06/2014 10:14:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
 
Error: (10/06/2014 10:08:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (10/05/2014 08:04:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
 
Error: (10/05/2014 08:03:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
 
Error: (10/05/2014 08:02:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (10/05/2014 08:02:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (10/05/2014 08:01:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
 
Error: (10/05/2014 08:00:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.
 
Error: (10/05/2014 06:05:06 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.0.102 with the system
having network hardware address 00-6B-9E-EE-C1-6D. Network operations on this system may
be disrupted as a result.
 
Error: (10/05/2014 01:23:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
 
Microsoft Office Sessions:
=========================
Error: (10/05/2014 07:13:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rundll32.exe6.1.7600.1638529e801cfe10192ab779a94C:\windows\system32\rundll32.exe62a7c10f-4cfe-11e4-b1ed-24b6fd28d175
 
Error: (10/05/2014 02:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4client.dll_unloaded0.0.0.0542c4c27c00000056229cc49a0401cfe0da4f65f15eC:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dlld5b220e9-4cd6-11e4-b1ed-24b6fd28d175
 
Error: (10/03/2014 00:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/02/2014 06:07:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4libfbxsdk.dll_unloaded0.0.0.05164d211c00000055429cc495f401cfddcf15bdbc6bC:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exelibfbxsdk.dll062f2f0c-4a35-11e4-990c-24b6fd28d175
 
Error: (10/01/2014 04:06:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4client.dll_unloaded0.0.0.0542c4c27c000000554edcc49ae401cfddc5ea0394a9C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dll9570bbf5-49bf-11e4-990c-24b6fd28d175
 
Error: (09/30/2014 11:35:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files\nem's tools\VTFEdit\VTFEdit.exe
 
Error: (09/30/2014 11:04:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 03:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 05:59:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.054173df3client.dll_unloaded0.0.0.05425cf13c000000557bdcc49242001cfdc447fcd6f93C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dllae037d66-48a1-11e4-941e-24b6fd28d175
 
Error: (09/29/2014 04:40:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 79%
Total physical RAM: 3692.02 MB
Available physical RAM: 770.35 MB
Total Pagefile: 7382.22 MB
Available Pagefile: 3552.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:318.43 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End Of Log ============================

  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

The headers of both logfiles are missing. Please double-check if this is all that was in the generated logfiles.


  • 0

#5
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi,

 

still with me?


  • 0

#6
clayfaceboy

clayfaceboy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I am sorry about the late reply. I didn't think the heading was important so I left it out.

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by Michael (ATTENTION: The logged in user is not administrator) on PIGPEN on 08-10-2014 09:17:32
Running from C:\Users\Michael\Downloads
Loaded Profile: Michael (Available profiles: Sarabeth & Michael & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2655447164-819488812-1400318288-1008\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7AEBC1F192ABCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Michael\AppData\Local\Roblox\Versions\version-5e847c35ea884813\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michael\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]vast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-19]
 
Chrome: 
=======
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-07]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (avast! SafePrice) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
CHR Extension: (avast! Online Security) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-06]
CHR Extension: (SearchLock) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol [2014-09-03]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx []
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys [48792 2014-09-28] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 X6va021; \??\C:\windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-06 10:33 - 2014-10-06 10:34 - 00039170 _____ () C:\Users\Michael\Downloads\Addition.txt
2014-10-06 10:31 - 2014-10-08 09:18 - 00015831 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-10-06 10:31 - 2014-10-08 09:17 - 00000000 ____D () C:\FRST
2014-10-06 10:28 - 2014-10-06 10:28 - 02109952 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2014-10-05 13:01 - 2014-10-05 13:01 - 00073360 _____ () C:\Users\Michael\Downloads\Extras.Txt
2014-10-05 12:55 - 2014-10-05 12:55 - 00094798 _____ () C:\Users\Michael\Downloads\OTL.Txt
2014-10-05 12:32 - 2014-10-05 12:32 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe
2014-10-05 11:39 - 2014-10-05 11:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-30 20:01 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-30 20:01 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-29 16:51 - 2014-10-08 09:08 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 18:58 - 2008-01-23 16:44 - 00002685 _____ () C:\Users\Michael\Downloads\1551 - XenoPhobia.nfo
2014-09-28 18:58 - 2007-10-24 05:20 - 33554432 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).nds
2014-09-28 18:55 - 2014-09-28 18:56 - 10895282 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).7z
2014-09-28 10:33 - 2014-09-28 07:09 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-28 10:29 - 2014-09-28 10:29 - 00000286 _____ () C:\windows\Tasks\LaunchSignup.job
2014-09-28 10:25 - 2014-09-28 10:25 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer (1).exe
2014-09-28 10:24 - 2014-09-28 10:24 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer.exe
2014-09-28 10:21 - 2014-09-28 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-09-24 06:49 - 2014-09-24 06:50 - 00000000 ____D () C:\5962dfa296d2e424ed56
2014-09-23 19:04 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-23 19:04 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-22 15:29 - 2014-09-22 15:29 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-09-22 15:25 - 2014-09-22 15:26 - 00703533 _____ () C:\Users\Michael\Downloads\hldsupdatetool.exe
2014-09-22 05:39 - 2014-09-22 05:39 - 00604819 _____ (Ryan Gregg ) C:\Users\Michael\Downloads\gcfscape185.exe
2014-09-21 20:41 - 2014-09-21 20:41 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar (1).rar
2014-09-21 19:57 - 2014-09-21 19:58 - 12119112 _____ () C:\Users\Michael\Downloads\hmopchallengev2.zip
2014-09-21 15:56 - 2014-09-21 15:58 - 00000000 ____D () C:\Users\Michael\AppData\Local\QQSM
2014-09-21 14:04 - 2014-09-21 14:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-21 14:03 - 2014-09-21 14:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\ZMR
2014-09-21 10:44 - 2014-09-21 10:44 - 00000222 _____ () C:\Users\Michael\Desktop\Zombies Monsters Robots.url
2014-09-21 09:59 - 2014-09-21 09:59 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar.rar
2014-09-19 21:02 - 2014-09-19 21:02 - 00000000 ____D () C:\Users\Michael\Desktop\AoTTG_Data
2014-09-19 21:02 - 2014-07-30 00:01 - 19822891 _____ () C:\Users\Michael\Desktop\Attack on Titan Tribute Game v07292014.exe
2014-09-19 20:24 - 2014-09-19 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-09-19 20:23 - 2014-09-19 20:23 - 01080640 _____ (Unity Technologies ApS) C:\Users\Michael\Downloads\UnityWebPlayer.exe
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\ProgramData\Autodesk
2014-09-18 16:13 - 2014-09-18 16:14 - 00000000 ____D () C:\Autodesk
2014-09-18 16:11 - 2014-09-18 16:12 - 10566624 _____ () C:\Users\Michael\Downloads\Autodesk_Maya_2015_R1_wi_en-US_Setup.exe
2014-09-16 21:27 - 2014-09-16 21:27 - 346449126 _____ () C:\windows\MEMORY.DMP
2014-09-16 20:27 - 2009-02-18 05:29 - 67108864 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).nds
2014-09-16 20:25 - 2014-09-16 20:26 - 35337944 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).7z
2014-09-09 19:28 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-09 19:28 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-09 19:28 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-09 19:28 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-09 19:28 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-09 19:28 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-09 19:28 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-09 19:28 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-09 19:28 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-09 19:28 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-09 19:28 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-09 19:28 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-09 19:28 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-09 19:28 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-09 19:28 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-09 19:28 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-09 19:28 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-09 19:28 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-09 19:27 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-09 19:27 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-09 19:27 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-09 19:27 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-09 19:27 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-09 19:27 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-09 19:27 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-09 19:27 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-09 19:27 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-09 19:27 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-09 19:27 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-09 19:27 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-09 19:27 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-09 19:27 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-09 19:27 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-09 19:27 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-09 19:27 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-09 19:27 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-09 19:27 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-09 19:27 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-09 19:27 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-09 19:27 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-09 19:27 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 19:27 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-09 19:27 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-09 19:27 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-09 19:27 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-09 19:27 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-09 19:27 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-09 19:27 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-09 19:27 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-09 19:27 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-09 19:27 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-09 19:27 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-09 19:27 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-09 19:27 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-09 19:08 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-09 19:08 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 17:50 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-09 17:50 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-09 17:49 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-09 17:49 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-09 17:49 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-09 17:49 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-09 17:49 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-09 17:49 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-09 17:49 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 17:49 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-09 17:49 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-08 16:23 - 2014-09-08 16:24 - 30396692 _____ () C:\Users\Michael\Downloads\R4i-3DS V1.80b English.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-08 09:17 - 2014-07-06 11:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-08 09:15 - 2012-03-07 16:28 - 01269492 _____ () C:\windows\WindowsUpdate.log
2014-10-08 09:11 - 2014-07-06 11:22 - 00001236 __RSH () C:\Users\Michael\ntuser.pol
2014-10-08 09:11 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\Michael
2014-10-08 09:05 - 2012-05-28 14:53 - 00000000 ____D () C:\Users\Sarabeth
2014-10-08 09:02 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 09:02 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 08:56 - 2012-03-07 17:30 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-10-08 08:55 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-10-08 08:55 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-10-08 08:52 - 2014-07-05 22:08 - 00004334 _____ () C:\windows\setupact.log
2014-10-08 08:41 - 2014-07-05 21:26 - 00090266 _____ () C:\windows\PFRO.log
2014-10-08 07:41 - 2012-06-19 10:08 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 23:41 - 2013-10-10 13:30 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job
2014-10-05 11:50 - 2012-03-07 17:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-05 11:50 - 2012-03-07 16:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-05 08:46 - 2009-07-13 19:34 - 00000612 _____ () C:\windows\win.ini
2014-10-03 12:13 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-02 06:48 - 2014-08-18 15:23 - 00000000 ____D () C:\Users\Michael\Desktop\Profile Pics
2014-09-28 18:50 - 2009-07-13 22:13 - 00753248 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-28 10:29 - 2012-06-19 10:15 - 00002136 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 10:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe
2014-09-27 08:52 - 2012-03-07 17:04 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-25 07:50 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-09-21 10:44 - 2014-07-06 11:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-20 07:06 - 2009-07-13 22:08 - 00032548 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-09-17 16:12 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-16 21:28 - 2012-07-07 18:02 - 00000000 ____D () C:\windows\Minidump
2014-09-15 09:06 - 2010-11-20 20:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-09-14 17:48 - 2014-07-11 08:14 - 00000000 ____D () C:\Users\Michael\Desktop\TF2 Sprays
2014-09-09 19:27 - 2012-07-06 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 19:24 - 2012-02-26 03:54 - 00745862 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-09 19:23 - 2014-07-05 22:30 - 00000000 ____D () C:\windows\system32\MRT
2014-09-09 19:10 - 2014-07-05 22:30 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-09 19:08 - 2014-07-05 23:16 - 00000000 ___SD () C:\windows\system32\CompatTel
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\CCLauncherSelfUpdater.EXE
C:\Users\Michael\AppData\Local\Temp\SRLDetectionLibrary7527575404937813073.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
 
==================== End Of Log ============================
 
 
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014
Ran by Michael at 2014-10-08 09:19:49
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip (HKLM-x32\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{F6B0EA7E-5C19-7421-C2EB-927DA66A1081}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0806.105.31 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60805.2350 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0806.105.31 - ATI) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10806 - ATI Technologies Inc.) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0806.105.31 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help English (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help French (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help German (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
ccc-utility64 (Version: 2011.0806.105.31 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CrimeCraft GangWars (HKLM-x32\...\Steam App 38830) (Version:  - Vogster Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.47 - PC-Doctor, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
ROBLOX Player for Michael (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zombies Monsters Robots (HKLM-x32\...\Steam App 306830) (Version:  - En Masse Entertainment)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\windows\Tasks\LaunchSignup.job => ?
 
==================== Loaded Modules (whitelisted) =============
 
2011-06-27 18:26 - 2011-06-27 18:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2011-06-29 07:52 - 2011-06-29 07:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2010-11-17 09:35 - 2010-11-17 09:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-08-06 00:14 - 2011-08-06 00:14 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-08-06 00:03 - 2011-08-06 00:03 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 09:17 - 2011-03-22 09:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2655447164-819488812-1400318288-500 - Administrator - Disabled)
Guest (S-1-5-21-2655447164-819488812-1400318288-501 - Limited - Disabled) => C:\Users\Guest
Michael (S-1-5-21-2655447164-819488812-1400318288-1008 - Limited - Enabled) => C:\Users\Michael
Sarabeth (S-1-5-21-2655447164-819488812-1400318288-1001 - Administrator - Enabled) => C:\Users\Sarabeth
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
System error 5 has occurred.
 
Access is denied.
 
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 50%
Total physical RAM: 3692.02 MB
Available physical RAM: 1811.8 MB
Total Pagefile: 7382.22 MB
Available Pagefile: 4993.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:319.08 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End Of Log ============================

  • 0

#7
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)
 
 

I didn't think the heading was important so I left it out.

 

Each part of the logfile is there for a reason. Always post complete information please to give me the chance to provide accurate instructions. See this one info from the header:
 

Ran by Michael (ATTENTION: The logged in user is not administrator) on PIGPEN on 08-10-2014 09:17:32


Please switch your account to the Administrator one. Download FRST again and provide me with the fresh set of logfiles from that account. Remember to always perform the instructed actions from an account with Adiministrator privileges.

 


  • 0

#8
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Due to lack of feedback, this topic has been closed.<br /><br />If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#9
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

User returned


  • 0

#10
clayfaceboy

clayfaceboy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I don't know why but I only got the FRST.txt log and not the READ.txt log.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Sarabeth (administrator) on PIGPEN on 13-10-2014 15:07:20
Running from C:\Users\Michael\Downloads
Loaded Profiles: Sarabeth & Michael (Available profiles: Sarabeth & Michael & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Akamai Technologies, Inc.) C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [Gameo] => C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe [41402880 2014-09-22] ()
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [DellSystemDetect] => C:\Users\Sarabeth\AppData\Local\Apps\2.0\G7H9AP90.XZR\59QVTPQM.HE0\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-05] (Dell)
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2655447164-819488812-1400318288-1008\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=456229231&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://astromenda.co...r=456229231&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {37504C6E-2D7A-4B20-B421-54B25D89BF5D} URL = http://search.condui...3822501330&UM=2
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://astromenda.co...r=456229231&ir=
SearchScopes: HKCU - {8C412FB2-7F47-4E05-882C-8387B8ABA8FB} URL = http://search.yahoo....22,17118,0,18,0
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-16f9ef27cfcc4bad\\NPRobloxProxy.dll ( Roblox Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sarabeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-19]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_kitara_14_39_ch&cd=2XzuyEtN2Y1L1Qzu0EtBtCzzzzyDtByDyCyE0DyCzzyC0DyEtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtBzy0B0A0E0E0BtGyDyDtAyBtGtCyByDtBtGyDyCyDtAtGtA0DtD0F0F0AyBzytByEzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EyCtBtCtDyCtGyDzytCyBtGyEzytB0FtG0B0E0F0EtG0Fzy0AtCtCyCyD0CtB0D0ByC2Q&cr=456229231&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_kitara_14_39_ch&cd=2XzuyEtN2Y1L1Qzu0EtBtCzzzzyDtByDyCyE0DyCzzyC0DyEtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtBzy0B0A0E0E0BtGyDyDtAyBtGtCyByDtBtGyDyCyDtAtGtA0DtD0F0F0AyBzytByEzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EyCtBtCtDyCtGyDzytCyBtGyEzytB0FtG0B0E0F0EtG0Fzy0AtCtCyCyD0CtB0D0ByC2Q&cr=456229231&ir="
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchProvider: Default -> Astromenda
CHR DefaultSearchURL: Default -> http://astromenda.co...r=456229231&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U1) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Exent® AOD Gecko Plugin) - C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-6ca07d14e2274822\\NPRobloxProxy.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-28]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2012-08-12]
CHR Extension: (Google Search) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-28]
CHR Extension: (avast! SafePrice) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-06]
CHR Extension: (avast! Online Security) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-05]
CHR Extension: (Google Wallet) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Astromenda New Tab) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-10-13]
CHR Extension: (Gmail) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-28]
CHR HKCU\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2013-09-28]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2013-09-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys [48792 2014-09-28] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 X6va021; \??\C:\windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-13 15:05 - 2014-10-13 15:06 - 00000000 ____D () C:\Users\Michael\Downloads\FRST-OlderVersion
2014-10-06 10:33 - 2014-10-08 09:20 - 00030189 _____ () C:\Users\Michael\Downloads\Addition.txt
2014-10-06 10:31 - 2014-10-13 15:07 - 00024853 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-10-06 10:31 - 2014-10-13 15:07 - 00000000 ____D () C:\FRST
2014-10-06 10:28 - 2014-10-13 15:06 - 02110464 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2014-10-05 13:01 - 2014-10-05 13:01 - 00073360 _____ () C:\Users\Michael\Downloads\Extras.Txt
2014-10-05 12:55 - 2014-10-05 12:55 - 00094798 _____ () C:\Users\Michael\Downloads\OTL.Txt
2014-10-05 12:32 - 2014-10-05 12:32 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe
2014-10-05 11:39 - 2014-10-05 11:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-30 20:01 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-30 20:01 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-29 16:51 - 2014-10-08 09:08 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 18:58 - 2008-01-23 16:44 - 00002685 _____ () C:\Users\Michael\Downloads\1551 - XenoPhobia.nfo
2014-09-28 18:58 - 2007-10-24 05:20 - 33554432 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).nds
2014-09-28 18:55 - 2014-09-28 18:56 - 10895282 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).7z
2014-09-28 11:35 - 2014-09-28 11:35 - 00000045 _____ () C:\Users\Sarabeth\AppData\Roaming\WB.CFG
2014-09-28 10:39 - 2014-09-28 10:39 - 00001940 _____ () C:\Users\Sarabeth\Desktop\Play Anno Online.lnk
2014-09-28 10:38 - 2014-09-28 10:39 - 00000000 ___HD () C:\Users\Sarabeth\AppData\Roaming\GoldenGate
2014-09-28 10:35 - 2014-10-13 07:42 - 00000000 ____D () C:\Users\Sarabeth\AppData\Local\Gameo
2014-09-28 10:35 - 2014-09-28 10:38 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Gameo
2014-09-28 10:35 - 2014-09-28 10:35 - 00001764 _____ () C:\Users\Sarabeth\Desktop\Gameo.lnk
2014-09-28 10:35 - 2014-09-28 10:35 - 00001750 _____ () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2014-09-28 10:35 - 2014-09-28 10:35 - 00000174 _____ () C:\Users\Sarabeth\Desktop\Play Games Online.url
2014-09-28 10:35 - 2014-09-28 10:35 - 00000174 _____ () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-28 10:35 - 2014-09-28 10:35 - 00000000 ____D () C:\Users\Sarabeth\Documents\Optimizer Pro
2014-09-28 10:35 - 2014-09-28 10:35 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2014-09-28 10:33 - 2014-09-28 07:09 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\0K1L2Z1T1C1T
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-28 10:29 - 2014-09-28 10:29 - 00000286 _____ () C:\windows\Tasks\LaunchSignup.job
2014-09-28 10:29 - 2014-09-28 10:29 - 00000271 _____ () C:\Users\Sarabeth\Desktop\Cut the Rope.url
2014-09-28 10:25 - 2014-09-28 10:25 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer (1).exe
2014-09-28 10:24 - 2014-09-28 10:24 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer.exe
2014-09-28 10:21 - 2014-09-28 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-09-24 06:49 - 2014-09-24 06:50 - 00000000 ____D () C:\5962dfa296d2e424ed56
2014-09-23 19:04 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-23 19:04 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-22 15:29 - 2014-09-22 15:29 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-09-22 15:25 - 2014-09-22 15:26 - 00703533 _____ () C:\Users\Michael\Downloads\hldsupdatetool.exe
2014-09-22 05:39 - 2014-09-22 05:39 - 00604819 _____ (Ryan Gregg ) C:\Users\Michael\Downloads\gcfscape185.exe
2014-09-21 20:41 - 2014-09-21 20:41 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar (1).rar
2014-09-21 19:57 - 2014-09-21 19:58 - 12119112 _____ () C:\Users\Michael\Downloads\hmopchallengev2.zip
2014-09-21 15:56 - 2014-09-21 15:58 - 00000000 ____D () C:\Users\Michael\AppData\Local\QQSM
2014-09-21 14:04 - 2014-09-21 14:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-21 14:03 - 2014-09-21 14:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\ZMR
2014-09-21 10:44 - 2014-09-21 10:44 - 00000222 _____ () C:\Users\Michael\Desktop\Zombies Monsters Robots.url
2014-09-21 09:59 - 2014-09-21 09:59 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar.rar
2014-09-19 21:02 - 2014-09-19 21:02 - 00000000 ____D () C:\Users\Michael\Desktop\AoTTG_Data
2014-09-19 21:02 - 2014-07-30 00:01 - 19822891 _____ () C:\Users\Michael\Desktop\Attack on Titan Tribute Game v07292014.exe
2014-09-19 20:24 - 2014-09-19 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-09-19 20:23 - 2014-09-19 20:23 - 01080640 _____ (Unity Technologies ApS) C:\Users\Michael\Downloads\UnityWebPlayer.exe
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Autodesk
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\ProgramData\Autodesk
2014-09-18 16:14 - 2014-09-18 16:15 - 00000000 ____D () C:\Users\Sarabeth\AppData\Local\Akamai
2014-09-18 16:13 - 2014-09-18 16:14 - 00000000 ____D () C:\Autodesk
2014-09-18 16:11 - 2014-09-18 16:12 - 10566624 _____ () C:\Users\Michael\Downloads\Autodesk_Maya_2015_R1_wi_en-US_Setup.exe
2014-09-16 21:28 - 2014-09-16 21:36 - 00793408 _____ () C:\windows\Minidump\091614-21746-01.dmp
2014-09-16 21:27 - 2014-09-16 21:27 - 346449126 _____ () C:\windows\MEMORY.DMP
2014-09-16 20:27 - 2009-02-18 05:29 - 67108864 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).nds
2014-09-16 20:25 - 2014-09-16 20:26 - 35337944 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).7z
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-13 14:51 - 2014-07-06 11:22 - 00001236 __RSH () C:\Users\Michael\ntuser.pol
2014-10-13 14:51 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\Michael
2014-10-13 14:51 - 2014-07-05 16:54 - 00000632 __RSH () C:\Users\Sarabeth\ntuser.pol
2014-10-13 14:51 - 2012-05-28 14:53 - 00000000 ____D () C:\Users\Sarabeth
2014-10-13 09:06 - 2012-03-07 16:28 - 01481601 _____ () C:\windows\WindowsUpdate.log
2014-10-13 07:40 - 2012-03-07 17:30 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-10-13 07:39 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-10-13 07:39 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-10-13 02:11 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-13 02:11 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 10:22 - 2014-07-06 11:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-09 14:08 - 2014-07-11 08:14 - 00000000 ____D () C:\Users\Michael\Desktop\TF2 Sprays
2014-10-08 13:04 - 2009-07-13 22:13 - 00753248 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-08 08:52 - 2014-07-05 22:08 - 00004334 _____ () C:\windows\setupact.log
2014-10-08 08:41 - 2014-07-05 21:26 - 00090266 _____ () C:\windows\PFRO.log
2014-10-08 07:41 - 2012-06-19 10:08 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 23:41 - 2013-10-10 13:30 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job
2014-10-07 07:59 - 2012-07-06 10:17 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-05 11:50 - 2012-03-07 17:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-05 11:50 - 2012-03-07 16:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-05 08:46 - 2009-07-13 19:34 - 00000612 _____ () C:\windows\win.ini
2014-10-03 12:13 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-02 06:48 - 2014-08-18 15:23 - 00000000 ____D () C:\Users\Michael\Desktop\Profile Pics
2014-09-28 10:29 - 2012-06-19 10:15 - 00002136 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 10:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe
2014-09-27 08:52 - 2012-03-07 17:04 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-25 07:50 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-09-21 10:44 - 2014-07-06 11:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-20 07:06 - 2009-07-13 22:08 - 00032548 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-09-17 16:12 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-16 21:28 - 2012-07-07 18:02 - 00000000 ____D () C:\windows\Minidump
2014-09-15 09:06 - 2010-11-20 20:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\CCLauncherSelfUpdater.EXE
C:\Users\Michael\AppData\Local\Temp\SRLDetectionLibrary7527575404937813073.dll
C:\Users\Sarabeth\AppData\Local\Temp\AcDeltree.exe
C:\Users\Sarabeth\AppData\Local\Temp\CloudBackup7216.exe
C:\Users\Sarabeth\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Sarabeth\AppData\Local\Temp\optprosetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-27 09:26
 
==================== End Of Log ============================

  • 0

Advertisements


#11
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)
 

I don't know why but I only got the FRST.txt log and not the READ.txt log.

It's because the Addition option being unchecked.


FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#12
clayfaceboy

clayfaceboy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Sarabeth (administrator) on PIGPEN on 16-10-2014 14:52:38
Running from C:\Users\Michael\Downloads
Loaded Profiles: Sarabeth & Michael (Available profiles: Sarabeth & Michael & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Akamai Technologies, Inc.) C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Akamai Technologies, Inc.) C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
(Dell) C:\Users\Sarabeth\AppData\Local\Apps\2.0\G7H9AP90.XZR\59QVTPQM.HE0\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
() C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sarabeth\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [Gameo] => C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe [41402880 2014-09-22] ()
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Run: [DellSystemDetect] => C:\Users\Sarabeth\AppData\Local\Apps\2.0\G7H9AP90.XZR\59QVTPQM.HE0\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-05] (Dell)
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2655447164-819488812-1400318288-1008\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2655447164-819488812-1400318288-1008\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=456229231&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://astromenda.co...r=456229231&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {37504C6E-2D7A-4B20-B421-54B25D89BF5D} URL = http://search.condui...3822501330&UM=2
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://astromenda.co...r=456229231&ir=
SearchScopes: HKCU - {8C412FB2-7F47-4E05-882C-8387B8ABA8FB} URL = http://search.yahoo....22,17118,0,18,0
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-16f9ef27cfcc4bad\\NPRobloxProxy.dll ( Roblox Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sarabeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-19]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_kitara_14_39_ch&cd=2XzuyEtN2Y1L1Qzu0EtBtCzzzzyDtByDyCyE0DyCzzyC0DyEtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtBzy0B0A0E0E0BtGyDyDtAyBtGtCyByDtBtGyDyCyDtAtGtA0DtD0F0F0AyBzytByEzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EyCtBtCtDyCtGyDzytCyBtGyEzytB0FtG0B0E0F0EtG0Fzy0AtCtCyCyD0CtB0D0ByC2Q&cr=456229231&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_kitara_14_39_ch&cd=2XzuyEtN2Y1L1Qzu0EtBtCzzzzyDtByDyCyE0DyCzzyC0DyEtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtBzy0B0A0E0E0BtGyDyDtAyBtGtCyByDtBtGyDyCyDtAtGtA0DtD0F0F0AyBzytByEzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EyCtBtCtDyCtGyDzytCyBtGyEzytB0FtG0B0E0F0EtG0Fzy0AtCtCyCyD0CtB0D0ByC2Q&cr=456229231&ir="
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchURL: Default -> http://astromenda.co...r=456229231&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U1) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Exent® AOD Gecko Plugin) - C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Sarabeth\AppData\Local\Roblox\Versions\version-6ca07d14e2274822\\NPRobloxProxy.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-28]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2012-08-12]
CHR Extension: (Google Search) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-28]
CHR Extension: (avast! SafePrice) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-06]
CHR Extension: (avast! Online Security) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-05]
CHR Extension: (Google Wallet) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Astromenda New Tab) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-10-13]
CHR Extension: (Gmail) - C:\Users\Sarabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-28]
CHR HKCU\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2013-09-28]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Sarabeth\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2013-09-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys [48792 2014-09-28] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 X6va021; \??\C:\windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-15 00:23 - 2014-09-28 17:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 00:23 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 00:23 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 00:23 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 00:23 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 00:23 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 00:23 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 00:22 - 2014-08-18 20:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 00:22 - 2014-08-18 20:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 00:22 - 2014-08-18 20:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 00:22 - 2014-08-18 20:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 00:22 - 2014-08-18 20:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 00:22 - 2014-08-18 20:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 00:22 - 2014-08-18 20:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 00:22 - 2014-08-18 20:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 00:22 - 2014-08-18 20:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 00:22 - 2014-08-18 20:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 00:22 - 2014-08-18 19:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 00:22 - 2014-08-18 19:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 00:22 - 2014-08-18 19:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 00:22 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-15 00:22 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-15 00:22 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-15 00:22 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-15 00:22 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-15 00:22 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-15 00:22 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-15 00:22 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-15 00:22 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-15 00:22 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-15 00:22 - 2014-07-08 15:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-15 00:22 - 2014-07-08 15:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-15 00:22 - 2014-07-06 19:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 00:22 - 2014-07-06 19:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 00:22 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 00:22 - 2014-07-06 19:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 00:22 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 00:22 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 00:22 - 2014-07-06 19:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 00:22 - 2014-07-06 19:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 00:22 - 2014-07-06 18:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 00:22 - 2014-07-06 18:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 00:22 - 2014-07-06 18:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 00:22 - 2014-07-06 18:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 00:22 - 2014-07-06 18:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 00:22 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 00:22 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 00:22 - 2014-06-27 17:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 00:22 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 00:22 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 00:21 - 2014-10-09 19:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 00:21 - 2014-10-09 19:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 00:21 - 2014-10-09 19:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 00:21 - 2014-10-06 19:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 00:21 - 2014-10-06 19:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 00:21 - 2014-09-25 15:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 00:21 - 2014-09-25 15:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 00:21 - 2014-09-25 15:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 00:21 - 2014-09-25 15:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 00:21 - 2014-09-25 15:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 00:21 - 2014-09-25 15:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 00:21 - 2014-09-25 15:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 00:21 - 2014-09-18 19:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 00:21 - 2014-09-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 00:21 - 2014-09-18 18:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 00:21 - 2014-09-18 18:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 00:21 - 2014-09-18 18:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 00:21 - 2014-09-18 18:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 00:21 - 2014-09-18 18:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 00:21 - 2014-09-18 18:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 00:21 - 2014-09-18 18:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 00:21 - 2014-09-18 18:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 00:21 - 2014-09-18 18:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 00:21 - 2014-09-18 18:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 00:21 - 2014-09-18 18:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 00:21 - 2014-09-18 18:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 00:21 - 2014-09-18 18:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 00:21 - 2014-09-18 18:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 00:21 - 2014-09-18 18:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 00:21 - 2014-09-18 18:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 00:21 - 2014-09-18 18:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 00:21 - 2014-09-18 18:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 00:21 - 2014-09-18 18:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 00:21 - 2014-09-18 18:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 00:21 - 2014-09-18 18:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 00:21 - 2014-09-18 18:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 00:21 - 2014-09-18 18:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 00:21 - 2014-09-18 18:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 00:21 - 2014-09-18 17:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 00:21 - 2014-09-18 17:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 00:21 - 2014-09-18 17:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 00:21 - 2014-09-18 17:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 00:21 - 2014-09-18 17:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 00:21 - 2014-09-18 17:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 00:21 - 2014-09-18 17:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 00:21 - 2014-09-18 17:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 00:21 - 2014-09-18 17:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 00:21 - 2014-09-18 17:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 00:21 - 2014-09-18 17:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 00:21 - 2014-09-18 17:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 00:21 - 2014-09-18 17:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 00:21 - 2014-09-18 17:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 00:21 - 2014-09-18 17:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 00:21 - 2014-09-18 17:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 00:21 - 2014-09-18 17:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 00:21 - 2014-09-18 16:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 00:21 - 2014-09-18 16:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 00:21 - 2014-09-18 16:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 00:21 - 2014-09-18 16:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 00:21 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 00:21 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 00:21 - 2014-07-06 19:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 00:21 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 00:21 - 2014-07-06 18:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 00:21 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 00:21 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 00:21 - 2014-07-06 18:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 00:21 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 00:19 - 2014-09-17 19:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 00:19 - 2014-09-17 18:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 00:19 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 00:19 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 00:19 - 2014-08-28 19:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 00:18 - 2014-09-12 18:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 00:18 - 2014-09-12 18:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 00:18 - 2014-09-04 19:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 00:18 - 2014-09-04 18:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 00:18 - 2014-07-16 19:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 00:18 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 00:18 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 00:18 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 00:18 - 2014-07-16 19:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 00:18 - 2014-07-16 19:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 00:18 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 00:18 - 2014-07-16 18:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 00:18 - 2014-07-16 18:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 00:18 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 00:18 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 15:57 - 2014-10-13 15:57 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-10-13 15:05 - 2014-10-16 14:50 - 00000000 ____D () C:\Users\Michael\Downloads\FRST-OlderVersion
2014-10-06 10:33 - 2014-10-08 09:20 - 00030189 _____ () C:\Users\Michael\Downloads\Addition.txt
2014-10-06 10:31 - 2014-10-16 14:53 - 00025096 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-10-06 10:31 - 2014-10-16 14:52 - 00000000 ____D () C:\FRST
2014-10-06 10:28 - 2014-10-16 14:50 - 02112000 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2014-10-05 13:01 - 2014-10-05 13:01 - 00073360 _____ () C:\Users\Michael\Downloads\Extras.Txt
2014-10-05 12:55 - 2014-10-05 12:55 - 00094798 _____ () C:\Users\Michael\Downloads\OTL.Txt
2014-10-05 12:32 - 2014-10-05 12:32 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe
2014-10-05 11:39 - 2014-10-05 11:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-30 20:01 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-30 20:01 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-29 16:51 - 2014-10-08 09:08 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 18:58 - 2008-01-23 16:44 - 00002685 _____ () C:\Users\Michael\Downloads\1551 - XenoPhobia.nfo
2014-09-28 18:58 - 2007-10-24 05:20 - 33554432 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).nds
2014-09-28 18:55 - 2014-09-28 18:56 - 10895282 _____ () C:\Users\Michael\Downloads\1551 - Phoenix Wright - Ace Attorney - Trials and Tribulations (U)(XenoPhobia).7z
2014-09-28 11:35 - 2014-09-28 11:35 - 00000045 _____ () C:\Users\Sarabeth\AppData\Roaming\WB.CFG
2014-09-28 10:39 - 2014-09-28 10:39 - 00001940 _____ () C:\Users\Sarabeth\Desktop\Play Anno Online.lnk
2014-09-28 10:38 - 2014-09-28 10:39 - 00000000 ___HD () C:\Users\Sarabeth\AppData\Roaming\GoldenGate
2014-09-28 10:35 - 2014-10-16 14:48 - 00000000 ____D () C:\Users\Sarabeth\AppData\Local\Gameo
2014-09-28 10:35 - 2014-09-28 10:38 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Gameo
2014-09-28 10:35 - 2014-09-28 10:35 - 00001764 _____ () C:\Users\Sarabeth\Desktop\Gameo.lnk
2014-09-28 10:35 - 2014-09-28 10:35 - 00001750 _____ () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2014-09-28 10:35 - 2014-09-28 10:35 - 00000174 _____ () C:\Users\Sarabeth\Desktop\Play Games Online.url
2014-09-28 10:35 - 2014-09-28 10:35 - 00000174 _____ () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-28 10:35 - 2014-09-28 10:35 - 00000000 ____D () C:\Users\Sarabeth\Documents\Optimizer Pro
2014-09-28 10:35 - 2014-09-28 10:35 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2014-09-28 10:33 - 2014-09-28 07:09 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw64.sys
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\0K1L2Z1T1C1T
2014-09-28 10:32 - 2014-09-28 10:32 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-28 10:29 - 2014-09-28 10:29 - 00000286 _____ () C:\windows\Tasks\LaunchSignup.job
2014-09-28 10:29 - 2014-09-28 10:29 - 00000271 _____ () C:\Users\Sarabeth\Desktop\Cut the Rope.url
2014-09-28 10:25 - 2014-09-28 10:25 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer (1).exe
2014-09-28 10:24 - 2014-09-28 10:24 - 00769192 _____ ( ) C:\Users\Michael\Downloads\Kitara_Installer.exe
2014-09-28 10:21 - 2014-09-28 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-09-24 06:49 - 2014-09-24 06:50 - 00000000 ____D () C:\5962dfa296d2e424ed56
2014-09-23 19:04 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-23 19:04 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-22 15:29 - 2014-09-22 15:29 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-09-22 15:25 - 2014-09-22 15:26 - 00703533 _____ () C:\Users\Michael\Downloads\hldsupdatetool.exe
2014-09-22 05:39 - 2014-09-22 05:39 - 00604819 _____ (Ryan Gregg ) C:\Users\Michael\Downloads\gcfscape185.exe
2014-09-21 20:41 - 2014-09-21 20:41 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar (1).rar
2014-09-21 19:57 - 2014-09-21 19:58 - 12119112 _____ () C:\Users\Michael\Downloads\hmopchallengev2.zip
2014-09-21 15:56 - 2014-09-21 15:58 - 00000000 ____D () C:\Users\Michael\AppData\Local\QQSM
2014-09-21 14:04 - 2014-09-21 14:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-21 14:03 - 2014-09-21 14:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\ZMR
2014-09-21 10:44 - 2014-09-21 10:44 - 00000222 _____ () C:\Users\Michael\Desktop\Zombies Monsters Robots.url
2014-09-21 09:59 - 2014-09-21 09:59 - 02571696 _____ () C:\Users\Michael\Downloads\Thoopjes Sniper Karate Taunt (Huntsman Replacement).rar.rar
2014-09-19 21:02 - 2014-09-19 21:02 - 00000000 ____D () C:\Users\Michael\Desktop\AoTTG_Data
2014-09-19 21:02 - 2014-07-30 00:01 - 19822891 _____ () C:\Users\Michael\Desktop\Attack on Titan Tribute Game v07292014.exe
2014-09-19 20:24 - 2014-09-19 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-09-19 20:23 - 2014-09-19 20:23 - 01080640 _____ (Unity Technologies ApS) C:\Users\Michael\Downloads\UnityWebPlayer.exe
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\Users\Sarabeth\AppData\Roaming\Autodesk
2014-09-18 16:24 - 2014-09-18 16:24 - 00000000 ____D () C:\ProgramData\Autodesk
2014-09-18 16:14 - 2014-09-18 16:15 - 00000000 ____D () C:\Users\Sarabeth\AppData\Local\Akamai
2014-09-18 16:13 - 2014-09-18 16:14 - 00000000 ____D () C:\Autodesk
2014-09-18 16:11 - 2014-09-18 16:12 - 10566624 _____ () C:\Users\Michael\Downloads\Autodesk_Maya_2015_R1_wi_en-US_Setup.exe
2014-09-16 21:28 - 2014-09-16 21:36 - 00793408 _____ () C:\windows\Minidump\091614-21746-01.dmp
2014-09-16 21:27 - 2014-09-16 21:27 - 346449126 _____ () C:\windows\MEMORY.DMP
2014-09-16 20:27 - 2009-02-18 05:29 - 67108864 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).nds
2014-09-16 20:25 - 2014-09-16 20:26 - 35337944 _____ () C:\Users\Michael\Downloads\3398 - Fire Emblem - Shadow Dragon (US)(Micronauts).7z
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-16 14:46 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-10-16 14:46 - 2012-03-07 17:43 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-10-16 14:46 - 2012-03-07 17:30 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-10-16 13:16 - 2012-03-07 16:28 - 01634213 _____ () C:\windows\WindowsUpdate.log
2014-10-16 11:28 - 2014-07-06 11:22 - 00001236 __RSH () C:\Users\Michael\ntuser.pol
2014-10-16 11:28 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\Michael
2014-10-16 11:28 - 2014-07-05 16:54 - 00000632 __RSH () C:\Users\Sarabeth\ntuser.pol
2014-10-16 11:28 - 2012-05-28 14:53 - 00000000 ____D () C:\Users\Sarabeth
2014-10-15 16:06 - 2014-07-06 11:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-15 15:59 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 15:59 - 2009-07-13 21:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 15:48 - 2014-07-05 22:08 - 00004704 _____ () C:\windows\setupact.log
2014-10-15 15:31 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-15 15:31 - 2009-07-13 21:45 - 02901288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-15 15:13 - 2014-07-05 23:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-15 15:13 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-15 15:13 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 15:06 - 2012-07-06 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 14:54 - 2014-07-05 22:30 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 14:41 - 2014-07-05 22:30 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 14:41 - 2012-06-19 10:08 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 07:50 - 2012-07-06 10:17 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-15 07:44 - 2013-10-10 13:30 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job
2014-10-09 14:08 - 2014-07-11 08:14 - 00000000 ____D () C:\Users\Michael\Desktop\TF2 Sprays
2014-10-08 13:04 - 2009-07-13 22:13 - 00753248 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-08 08:41 - 2014-07-05 21:26 - 00090266 _____ () C:\windows\PFRO.log
2014-10-05 11:50 - 2012-03-07 17:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-05 11:50 - 2012-03-07 16:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-05 08:46 - 2009-07-13 19:34 - 00000612 _____ () C:\windows\win.ini
2014-10-02 06:48 - 2014-08-18 15:23 - 00000000 ____D () C:\Users\Michael\Desktop\Profile Pics
2014-09-28 10:29 - 2012-06-19 10:15 - 00002136 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 10:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe
2014-09-27 08:52 - 2012-03-07 17:04 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-25 07:50 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-09-21 10:44 - 2014-07-06 11:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-20 07:06 - 2009-07-13 22:08 - 00032548 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-09-17 16:12 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-16 21:28 - 2012-07-07 18:02 - 00000000 ____D () C:\windows\Minidump
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\CCLauncherSelfUpdater.EXE
C:\Users\Michael\AppData\Local\Temp\SRLDetectionLibrary7527575404937813073.dll
C:\Users\Sarabeth\AppData\Local\Temp\AcDeltree.exe
C:\Users\Sarabeth\AppData\Local\Temp\CloudBackup7216.exe
C:\Users\Sarabeth\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Sarabeth\AppData\Local\Temp\optprosetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-14 15:21
 

 

==================== End Of Log ============================
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Sarabeth at 2014-10-16 14:54:57
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip (HKLM-x32\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{F6B0EA7E-5C19-7421-C2EB-927DA66A1081}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0806.105.31 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60805.2350 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0806.105.31 - ATI) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10806 - ATI Technologies Inc.) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0806.105.31 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0806.105.31 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help English (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help French (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help German (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0806.0104.31 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0806.0104.31 - ATI) Hidden
ccc-utility64 (Version: 2011.0806.105.31 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CrimeCraft GangWars (HKLM-x32\...\Steam App 38830) (Version:  - Vogster Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.47 - PC-Doctor, Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gameo (HKCU\...\Gameo) (Version: 0.10.5 - Fried Cookie Software)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayPickle Packages (HKCU\...\PlayPickle Packages) (Version:  - ) <==== ATTENTION
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
ROBLOX Player for Sarabeth (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zombies Monsters Robots (HKLM-x32\...\Steam App 306830) (Version:  - En Masse Entertainment)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
15-10-2014 07:00:02 Scheduled Checkpoint
15-10-2014 21:40:35 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {3807BAF9-F41D-48B0-B55A-F23E4077D153} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-05] (AVAST Software)
Task: {5A02C7A4-22DB-4652-9A2F-66EA06FBEB64} - \PC Optimizer Pro Updates No Task File <==== ATTENTION
Task: {7CC63155-8F45-45C1-A07D-027FF1512A4B} - System32\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
Task: {9B712D80-1772-48EB-AF46-A2E78F55B624} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
Task: {C7D205CA-09EA-4699-85E7-DAD9D857C363} - \PC Optimizer Pro64 Scan No Task File <==== ATTENTION
Task: {CC27E93D-0043-453B-9FD5-C0E84AA486DD} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-08-18] (PC-Doctor, Inc.)
Task: {F4828C1D-F198-44F2-9C06-E30FF636C7FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cec5f79ee5cff4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2011-08-06 00:14 - 2011-08-06 00:14 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-06-27 18:26 - 2011-06-27 18:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2011-06-29 07:52 - 2011-06-29 07:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2010-11-17 09:35 - 2010-11-17 09:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-08-06 00:14 - 2011-08-06 00:14 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-08-06 00:03 - 2011-08-06 00:03 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 09:17 - 2011-03-22 09:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00120512 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
2012-03-07 17:31 - 2011-08-18 08:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-09-28 10:35 - 2014-09-22 03:33 - 41402880 _____ () C:\Users\Sarabeth\AppData\Roaming\Gameo\gameo.exe
2014-07-05 17:50 - 2014-07-05 17:50 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-15 15:32 - 2014-10-15 15:32 - 02874368 _____ () C:\Program Files\AVAST Software\Avast\defs\14101506\algo.dll
2014-10-16 11:54 - 2014-10-16 11:54 - 02874368 _____ () C:\Program Files\AVAST Software\Avast\defs\14101601\algo.dll
2010-03-16 19:28 - 2010-03-16 19:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 14:52 - 2010-03-22 14:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 19:28 - 2010-03-16 19:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 19:28 - 2010-03-16 19:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-24 22:20 - 2011-06-24 22:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 18:25 - 2011-06-27 18:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-24 22:21 - 2011-06-24 22:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 18:52 - 2010-03-11 18:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 14:07 - 2010-03-05 14:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 14:07 - 2010-03-05 14:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 18:52 - 2010-03-11 18:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2010-11-24 21:44 - 2010-11-24 21:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-07-05 17:50 - 2014-07-05 17:50 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-28 15:14 - 2014-08-21 11:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 15:14 - 2014-08-21 11:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 15:14 - 2014-08-21 11:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-07-06 11:30 - 2014-09-03 12:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-06 11:30 - 2014-09-22 21:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 15:14 - 2014-08-21 11:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 15:14 - 2014-08-21 11:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-07-06 11:30 - 2014-09-22 21:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-15 16:06 - 2014-10-15 16:06 - 00155232 ___HT () C:\Users\Michael\AppData\Local\Temp\~E224.tmp
2014-07-06 11:30 - 2014-09-04 16:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-21 18:22 - 2014-09-04 16:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00175296 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\launcher.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00281280 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\tier0.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00177344 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\vstdlib.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00674496 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\filesystem_stdio.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 04239040 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\engine.dll
2014-07-06 18:24 - 2014-10-15 16:04 - 00121536 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\inputsystem.dll
2014-07-06 11:38 - 2014-09-25 15:44 - 00774656 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\SDL2.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 01148608 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\materialsystem.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00246464 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\datacache.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00517824 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\studiorender.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00892096 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\vphysics.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00107200 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\video_services.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 01337536 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\vguimatsurface.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00369856 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\vgui2.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00149696 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\sourcevr.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 01612992 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\shaderapidx9.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00127168 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\video_quicktime.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00118976 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\video_bink.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00157888 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\stdshader_dbg.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00241856 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\stdshader_dx6.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00173248 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\stdshader_dx7.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00354496 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\stdshader_dx8.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 00560320 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\stdshader_dx9.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00083648 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\unicode.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 13484736 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\bin\client.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00124096 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\parsifal.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 09650368 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\bin\server.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00140480 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\soundemittersystem.dll
2014-07-06 18:25 - 2014-10-15 16:04 - 00090816 _____ () C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\scenefilecache.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 01821376 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\replay.dll
2014-07-06 11:38 - 2014-10-15 16:04 - 02018496 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\GameUI.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00088256 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\vaudio_miles.dll
2014-07-06 18:23 - 2014-07-06 18:23 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\mssmp3.asi
2014-07-06 18:22 - 2014-07-06 18:22 - 00153088 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\mssvoice.asi
2014-07-06 18:25 - 2014-07-06 18:25 - 00013312 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\mssds3d.flt
2014-07-06 18:25 - 2014-07-06 18:25 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\msseax.flt
2014-07-06 11:38 - 2014-10-15 16:04 - 00910016 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\serverbrowser.dll
2014-07-06 18:23 - 2014-10-15 16:04 - 00181952 _____ () c:\program files (x86)\steam\steamapps\common\team fortress 2\bin\vaudio_speex.dll
2014-09-24 17:07 - 2014-09-22 21:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-24 17:07 - 2014-09-22 21:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-24 17:07 - 2014-09-22 21:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-24 17:07 - 2014-09-22 21:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-24 17:07 - 2014-09-22 21:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-24 17:07 - 2014-09-22 21:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
2014-09-28 10:35 - 2014-09-22 03:33 - 00882176 _____ () C:\Users\Sarabeth\AppData\Roaming\Gameo\ffmpegsumo.dll
2014-10-16 14:47 - 2014-10-16 14:47 - 00075776 _____ () C:\Users\Sarabeth\AppData\Local\Temp\nw12576_1050\node_modules\goldengate\build\Release\gg.node
2014-10-16 14:47 - 2014-10-16 14:47 - 00414208 _____ () C:\Users\Sarabeth\AppData\Local\Temp\nw12576_1050\node_modules\goldengate\build\Release\GOLDENGATE.dll
2014-10-16 14:47 - 2014-10-16 14:47 - 00271872 _____ () C:\Users\Sarabeth\AppData\Local\Temp\nw12576_1050\node_modules\gameo_utils\Build\Release\gameo_utils_node.node
2014-10-16 14:47 - 2014-10-16 14:47 - 00095232 _____ () C:\Users\Sarabeth\AppData\Local\Temp\nw12576_1050\node_modules\gameo_utils\Build\Release\gameo_utils.dll
2014-10-16 14:48 - 2014-10-16 14:48 - 17048240 _____ () C:\Users\Sarabeth\AppData\Local\Temp\nw12576_1050\plugins\NPSWF32_14_0_0_179.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2655447164-819488812-1400318288-500 - Administrator - Disabled)
Guest (S-1-5-21-2655447164-819488812-1400318288-501 - Limited - Disabled) => C:\Users\Guest
Michael (S-1-5-21-2655447164-819488812-1400318288-1008 - Limited - Enabled) => C:\Users\Michael
Sarabeth (S-1-5-21-2655447164-819488812-1400318288-1001 - Administrator - Enabled) => C:\Users\Sarabeth
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/15/2014 03:31:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/14/2014 08:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x542c4c27
Exception code: 0xc0000005
Fault offset: 0x619bcc49
Faulting process id: 0x2594
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (10/14/2014 03:22:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/14/2014 02:53:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/14/2014 04:53:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/07/2014 08:37:21 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE2) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (10/07/2014 08:37:21 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details. 
hr=0x80072EE2
 
Error: (10/07/2014 08:31:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/07/2014 07:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x542c4c27
Exception code: 0xc0000005
Fault offset: 0x5b83cc49
Faulting process id: 0x3900
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
Error: (10/06/2014 04:10:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x542b71a4
Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp: 0x542c4c27
Exception code: 0xc0000005
Fault offset: 0x5b80cc49
Faulting process id: 0x39f0
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
 
 
System errors:
=============
Error: (10/15/2014 09:04:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
 
Error: (10/15/2014 09:03:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
 
Error: (10/15/2014 09:02:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (10/15/2014 04:00:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2952664).
 
Error: (10/15/2014 03:57:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (10/15/2014 03:52:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx service failed to start due to the following error: 
%%3
 
Error: (10/15/2014 03:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: 
%%1053
 
Error: (10/15/2014 03:51:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DHCP Client service failed to start due to the following error: 
%%1053
 
Error: (10/15/2014 03:51:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dhcp service.
 
Error: (10/15/2014 03:51:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TCP/IP NetBIOS Helper service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/15/2014 03:31:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/14/2014 08:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4client.dll_unloaded0.0.0.0542c4c27c0000005619bcc49259401cfe80b261328f5C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dllb6c464b5-541f-11e4-84a4-24b6fd28d175
 
Error: (10/14/2014 03:22:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files\nem's tools\VTFEdit\VTFEdit.exe
 
Error: (10/14/2014 02:53:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/14/2014 04:53:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/07/2014 08:37:21 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0x80072EE266c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (10/07/2014 08:37:21 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE200010001(0x00000000, 20:36:15:140 - http://go.microsoft....?LinkId=151642)
00020001(0x00000000, 20:36:50:855)
00030001(0x00000000, 20:36:50:861 - http://go.microsoft.com)
00030002(0x00000000, 20:36:50:861 - 0)
00040001(0x00000000, 20:36:50:861 - http://go.microsoft.com)
00040002(0x00000000, 20:36:50:881 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 20:36:53:563 - <NULL>)
00040006(0x00000000, 20:36:53:563 - 1, http://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 20:36:53:563 - 0)
0002000C(0x00000000, 20:36:53:682 - 302)
0002000E(0x00000000, 20:36:53:682 - https://validation.s...WGA/slwga.asmx)
00020001(0x00000000, 20:36:53:682)
00030001(0x00000000, 20:36:53:683 - https://validation.sls.microsoft.com)
00030002(0x00000000, 20:36:53:683 - 0)
00040001(0x00000000, 20:36:53:683 - https://validation.sls.microsoft.com)
00040002(0x00000000, 20:36:53:708 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 20:36:55:971 - <NULL>)
00040006(0x00000000, 20:36:55:971 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 20:36:55:971 - 0)
00020008(0x80072EE2, 20:37:21:545 - SOAPAction: "http://microsoft.com...ice/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="http://schemas.xmlso.../soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="http://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>SLWGA</TokenType><RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xsi:nil="1"/></UseKey><Claims><Values xmlns:q1="http://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[5]"><TokenEntry><Name>GenuineAdvantagePhase</Name><Value>GenuineAdvantagePhase1</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageVersion</Name><Value>1.0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageTemplateId</Name><Value>66c92734-d682-4d71-983e-d6ec3f16059f</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientTransactionId</Name><Value>e0351fb5-4c81-4972-9c1f-b0cc475dcfb0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientToken</Name><Value>&lt;clienttoken&gt;&lt;token&gt;&lt;name&gt;ClientEvent&lt;/name&gt;&lt;type&gt;EventType&lt;/type&gt;&lt;value&gt;0x00000012&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:FirstValidation&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:MachineId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;3eBDLQJZdEOPk6KreIqn4xrPXqXmIUP8ccnNpKDOYZA=&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:NumberTimesNonGenuine&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:RemainingRearmCount&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:TimeNonGenuine&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:TotalValidations&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;8&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:UGUID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;2edcaf5d-ddf1-4795-b802-0d102bb2fd0d&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;AUOptionsLocal&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;3&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ActiveSkuDescription&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows Operating System - Windows® 7, OEM_SLP channel&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ActiveSkuId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;d2c04e90-c3dd-4260-b0f3-f845f5d27d64&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;CodeSigning&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;SIGNED_INFO_PRS_SIGNED&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;DomainJoined&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;false&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;EditionId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;HomePremium&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;HROffline&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0x00000000&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OSVersion&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;6.1.7601.2.00010300.1.0.003&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OemMarkerVersion&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0x00020001&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OemTableId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;WN09   &lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OfflineGenuineBlob&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;cXSTAw3h/L1OWe7ruZqHGJ4g6UXmbYERyzA/5zLOsEISUQ61imlKduez70ZgX0swWMNcuVY4DE3V7IyVsrVVH8MJ3Hz8QAxDIh55rEX0jMVyQniepF+Is3LfYzLNINsWuzG9D1nIhb4jamVUFKUu/s8CpPuQ7kYUvvAwBngTRvEmKMbDeYEgwSbDWSTS4hq2jydPy8PBbJju4BvlVygHxMMq6+ZqmbwIsMT+JCkopVbMbJIUvF4qLXzuD6Ey0/veicSCmu68YiMRejpwybEHShX6sp6SpmtjFT9KPDZ4mEDg956vTJ+Uea1v5ni0XiQ+yx7vE/qp8TKtsTA16lLg4kHqu4Os1P78/k84H6U4f6PRsx+Jn81pUvkdOR301PBE7truIuvxpcb4SSqdwFsbJwyJS/6CRdBaj5qkib29KPaG26PciAfV6pwMpL3wEoEg9dRNaxK10JxJmEPHP3zAToQChfzyIa5Kczmfh9tiSrjsSS7QBcfOzPAJK33GT6SLoQoB4wYFPHmXW5sgfNjiO4/gMk4cRBhHNts58Ufdz1sRn9hBOcWBMSTaMdaq3vvGA179PuqzlsymRRJqSyXu4XU43AmnnLiATEgBeJvRRHoU2edQG9kXW1k1yQPjJiMG0CdTIlTlIcgFfA22osgXlu8R/4r1BEq8nMBNuI58PX0cAg8siqC0A0adkvpjzMRBPeirMlXmM73l6o/m3F6YRybMDhAlc+IU3sYYHHxOsFzK75oC6BAMh9CCSFzPFMQmadpst8E4TeZLZ02mwY4ddholyNkgbSByovAiSRMEXASgvWQoQK2gBSsV62E10PaGzkzkja1MGn4mGJ5SQCsjYwRp05hOnlilcHvldd5fIzDGK54zuDgm9XRQCwUM++ai/HNejWNfjV/S/vsRfCadayKxu6CCks1Q+CKOVAJbYgCdvmpfpjDJBEUpzj+1WZUTvpVkCIpgalcs/KX9Yc+1teAvaxWh8GHmt+o02HvxoZgTfPUZEsUn/w+MbezLTaN66FN/7hj2FZiFC8cbfu5aIOEo5A3DEnNSXGsORQ8giQi6F6wCE4Ga/EOHoSmdxzyDeSCnrUPlzOPF161jGTRe5QiXYH4UU5QNTfkPUPBBrs4tkbYBT/JJWvLPMQwacBkPgbuTsEPwsqUZOGUo6YUqol5eG2mRBU6qdIl/Ru4IJ7LtXbS1yZ+ZwbL4/jjHeMcJ6mKK7ELPmcSKyDZtp5/so9HKrJicrI1aGGLKMJorwrYrAkC5Ozo2RKbqIrKYW9OADy9m+k4J8yep2BgZ5f821piF0uHaFU9Yb6jFIlRDNmmbIh+mLAqpVcfZwiWUoo0kXgiwuh7tnRE7PQPCyAZQzkS8Nuw5sV284PDwlKEL5Mi1W/5KhxzeJc89DochIzocGLO4qH895RV/aZPkGNPnhDa4l2aymY5DCajxzqkjpDKI31Vj7dsIFoZc02p2z4Dp9b+1yIorj4okMghBrFw9UUur1L/TDznTbstsw1N9thThGA8Lzu/5KnNwrXIw+8NTBoYZ+ZGNbMs7UZOw0Qh23ouPpeqq/EoOTj6cUZ7wwbzck71dlmIgRfHKaQ/4LAa7OWu20wk+nMgXvHltm+DL72oR0ux3uu0yn++oWHB8ykgweKLMTyOwLTCDy10AUyPLR7CrS+UhbSQzIEdNPuQp5KK+dzvIdWqAraLsGp0cAZwPQouBtygTYJfTITBgudcyC6CGVzUcX34qil9ei4o6eTCJ8WB1f3QSnL/5S0/Y02evGB/tTMSRLDDh1bO8YvJF5hnpI/eTWqokKYbGrGHC2/jzWORj7kgqRTxJthQpqhMvvp57NDfW6hyvqP1SkoMmCRYreczlXxXCnIrCb2DIAgBmRwnoP26ul4nRdsGin+c8XELEs3Lh+zP7sioW/pKIWnYgR1kBDFYY4IhCmGtUgJywnV0+3DGihxcafXzL2ykBshvgmXi/ZJ7PvppYH3kXpag8Tm9MXKJTgKuMe+rAWoCqZyaSgb/pEabuUhkfX7iUNW2pa++7ldOAfRyu/QKyNqCYxwTfWjWWSDm0tIkhJSfOvFOuEXSqUQoe8iPREiwGcFTEiCk3R/WuPcFoQOgiQEUvvz3eSnR8D8JNNt1o6vxL4yhZLunJD18ZnaB1CfBu5Qy+XzeHsk0EjWYOzXi78B8aCO0B5SFhQtEMq5bNHb4fkTnAICs/2BjG2FWKfpvD3vQFj2CCCgUQn858C4FikGxJgvL0ZaoYuO4q0yshoXcSFjW172N7D3xUvXxXOS7JRAfE15pmHGvDaWMLVVifuSkhniWsMs2d6IdQ8iCVFfJj+g1w8AlGuH+FFug+5ecTn3DUIGYtPaQ3FjsS5oYm8yaBNVmHAq8iFtWu9kFhbIjF9mbfSXLtUCMVYM/QoSP6Fpg9Gknfm11IwphDtnvBJXyzzdJvTbIhAE4QNkL/hfWkDrVN+n4MqWw39RDFPuPKcKrQHti3MnnW62oNUhGonL1r8RqvBI34cQ+UPGyH3ZUiDoOdPKFy2QiTyVSPB7gWul68prtssXGJXXEPk94U78E6Kxk8bUzTuql+fd38eOnCMPK/fzMZDdkW1PGR5fk9P7kihg1BQnoK2a05gTC89hQpHNGV+sYNbGustdbZsafqYjmpX8vH1ytEGNknoOUX5LVxfPZ48OjWZp15HtLw8vr04A6z5yFQ3SFBCowPoEz8JcGRsFn6MpKunIJDnK1CDpwRljYCzanqMb3iRz7MtQADa18UcqIekZPXsOiOpcirymOa4tV9tGrZ/OHKoCphPsVCeSbLbjVd/uGnol+f+lZ30pjt0EosM+cz2vRhZIKSpKVZV1rrZnDEQB1ZbdVWSoG/cxw+QG5uUEr1XYNpkDHvFk6+PSJvdBUPVN5awO/+y44UhEa7Wl2OVa2HsJ3nDaP38By2ulZTbd8yr/J1ImOvDSoRLsuX8YTmfTNzjhAe/1SVSWExOqDJrfA8dAmLqHgkTp4RheSw2b/sl3qY&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OfflineInstallationId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;015000537741495032751074277954995741763093620426954425&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PackageFlavor&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PackageVersion&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;7.1.7600.16395&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PartnerId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProcessorArchitecture&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;x64&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1033&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductName&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows 7 Home Premium&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductUniquenessGroups&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;66c92734-d682-4d71-983e-d6ec3f16059f&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ServiceAvailable&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;true&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;SystemLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1033&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;UserLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1033&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_ComputerSystem:Manufacturer&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Dell Inc.&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_ComputerSystem:Model&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Inspiron M5040&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_OperatingSystem:InstallDate&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;20120528145328.000000-420&lt;/value&gt;&lt;/token&gt;&lt;/clienttoken&gt;</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE2, 20:37:21:557 - <NULL>)
00010003(0x80072EE2, 20:37:21:557)
 
Error: (10/07/2014 08:31:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files\nem's tools\VTFEdit\VTFEdit.exe
 
Error: (10/07/2014 07:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4client.dll_unloaded0.0.0.0542c4c27c00000055b83cc49390001cfe1be399c5175C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dll25e8c964-4e97-11e4-b1ed-24b6fd28d175
 
Error: (10/06/2014 04:10:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0542b71a4client.dll_unloaded0.0.0.0542c4c27c00000055b80cc4939f001cfe191c48c0d6cC:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.execlient.dllf11516c3-4dad-11e4-b1ed-24b6fd28d175
 
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 94%
Total physical RAM: 3692.02 MB
Available physical RAM: 186.5 MB
Total Pagefile: 7631.17 MB
Available Pagefile: 615.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:315.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EB6D7692)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#13
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi :)

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.
  • 0

#14
clayfaceboy

clayfaceboy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I ran out of time to do the AdwCleaner scan. Here's the JRT.txt file and I'll give you the next one as soon as possible.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sarabeth on Mon 10/20/2014 at 20:20:57.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2655447164-819488812-1400318288-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{37504C6E-2D7A-4B20-B421-54B25D89BF5D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Sarabeth\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Sarabeth\documents\optimizer pro"
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Sarabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/20/2014 at 20:38:09.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#15
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Fine, post when ready :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP