Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Core dumps, problems loading web page, & media player issues


  • This topic is locked This topic is locked

#1
CZ2761

CZ2761

    Member

  • Member
  • PipPip
  • 95 posts

Core dumps have occurred 3 times over the past 6 days.  I cannot bring up Walmart.com---a blank windows appears.  Occasionally, Windows media player has to be restarted in order to come up.   I ran malwarebytes with no issues found.  I'm not sure any of this is related to each other or to malware but thought I'd start here.  Thanks for your help.  Here's my OTL:

 

OTL logfile created on: 10/16/2014 1:33:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Zlatoper\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.95 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 32.31% Memory free
7.90 Gb Paging File | 4.54 Gb Available in Paging File | 57.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.52 Gb Total Space | 384.28 Gb Free Space | 87.23% Space Free | Partition Type: NTFS
Drive D: | 21.08 Gb Total Space | 2.27 Gb Free Space | 10.78% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.07 Gb Free Space | 27.12% Space Free | Partition Type: FAT32
Drive F: | 7.40 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ZLATOPER-HP | User Name: Zlatoper | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/16 13:32:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zlatoper\Downloads\OTL.exe
PRC - [2014/09/04 05:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/06/17 14:19:06 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/13 21:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/11/05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/03/05 14:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 14:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/07 23:10:48 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/28 18:42:14 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/26 06:58:00 | 000,260,424 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
PRC - [2011/08/26 06:57:40 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
PRC - [2011/08/26 06:57:14 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
PRC - [2011/08/19 18:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/08/09 12:46:08 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/08/09 12:46:06 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/05/20 13:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 13:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/02/24 03:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/09 22:04:04 | 014,902,600 | ---- | M] () -- C:\Users\Zlatoper\AppData\Local\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014/10/09 22:04:02 | 008,910,664 | ---- | M] () -- C:\Users\Zlatoper\AppData\Local\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014/10/09 22:03:56 | 001,042,760 | ---- | M] () -- C:\Users\Zlatoper\AppData\Local\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014/10/09 22:03:54 | 000,211,272 | ---- | M] () -- C:\Users\Zlatoper\AppData\Local\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014/10/09 22:03:53 | 001,681,224 | ---- | M] () -- C:\Users\Zlatoper\AppData\Local\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014/09/11 20:15:00 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\07cf963400f1454398a79308cd9ba191\IAStorCommon.ni.dll
MOD - [2014/09/11 10:10:39 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\0483c93466914f3fbd5b44454b0c8a98\Accessibility.ni.dll
MOD - [2014/09/11 10:10:02 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/07/08 18:13:22 | 002,056,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014/07/08 18:13:21 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2014/03/20 18:49:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2014/03/20 18:49:19 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2014/03/20 18:49:19 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2014/03/04 01:57:21 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014/02/06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/04/15 18:56:17 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/11 15:45:27 | 000,311,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/11 15:45:25 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012/12/10 08:24:16 | 009,723,392 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV:64bit: - [2011/05/27 14:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/10/11 06:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/09/23 20:12:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/12 21:38:54 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/04 05:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/13 21:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/03/05 14:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/08/26 06:58:00 | 000,260,424 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe -- (FPLService)
SRV - [2011/08/09 12:46:08 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/08/09 12:46:06 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/06/28 21:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/05/20 13:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/02/24 03:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/12/11 15:45:27 | 000,535,552 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/09 13:16:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/09 13:16:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/10 03:32:04 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/18 20:11:10 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/06/09 22:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/30 20:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/05/27 14:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/27 14:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/20 12:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/02/16 22:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 11:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 20:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/07/28 12:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}
IE - HKCU\..\SearchScopes\{4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.hotmail.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\Zlatoper\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/03/26 16:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zlatoper\AppData\Roaming\Mozilla\Extensions
[2014/07/20 08:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zlatoper\AppData\Roaming\Mozilla\Firefox\Profiles\xw4jsq8x.default\extensions
[2014/09/12 21:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/12 21:38:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa\1.0_1\
CHR - Extension: No name found = C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A0007E2-C4AD-4D63-91BE-076B18151F73}: DhcpNameServer = 172.168.51.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A0007E2-C4AD-4D63-91BE-076B18151F73}: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27056DB1-52BF-4DC6-8372-1EBB099843C7}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27056DB1-52BF-4DC6-8372-1EBB099843C7}: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 75.126.206.18,184.173.169.186
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/15 21:19:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/09 19:02:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/06/15 21:28:30 | 002,162,416 | ---- | C] (Catalina Marketing Corp) -- C:\Users\Zlatoper\AppData\Local\BcsKtYcHW.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/16 13:24:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/16 13:21:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425876873-3771999699-2460655575-1001UA.job
[2014/10/16 13:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/16 13:10:37 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job
[2014/10/16 13:10:37 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/10/16 13:10:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/16 09:40:49 | 000,783,400 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/16 09:40:49 | 000,663,102 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/16 09:40:49 | 000,122,680 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/16 09:39:42 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/16 09:39:42 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/16 09:34:47 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/16 09:34:26 | 000,267,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/16 09:33:59 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/15 21:24:55 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/15 21:21:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425876873-3771999699-2460655575-1001Core.job
[2014/10/15 17:36:08 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZlatoper.job
[2014/10/12 19:59:33 | 000,000,233 | ---- | M] () -- C:\Windows\qwimp.ini
[2014/10/12 13:31:25 | 000,000,872 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2014/10/12 10:54:48 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/09/20 06:39:35 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/19 13:55:22 | 000,304,013 | ---- | C] () -- C:\Users\Zlatoper\Desktop\P1010041.JPG
[2014/09/19 13:55:19 | 000,349,633 | ---- | C] () -- C:\Users\Zlatoper\Desktop\P1010039.JPG
[2014/01/28 13:52:07 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2014/01/28 13:52:07 | 000,177,043 | ---- | C] () -- C:\Windows\unins000.dat
[2013/12/31 11:12:21 | 000,000,005 | ---- | C] () -- C:\Users\Zlatoper\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013/12/20 05:48:00 | 000,000,063 | ---- | C] () -- C:\Users\Zlatoper\.asadminpass
[2013/10/27 06:47:00 | 000,000,192 | ---- | C] () -- C:\Users\Zlatoper\AppData\Roaming\WB.CFG
[2013/10/27 06:47:00 | 000,000,005 | ---- | C] () -- C:\Users\Zlatoper\AppData\Roaming\WBPU-TTL.DAT
[2013/08/28 12:57:21 | 000,000,128 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/07/29 07:08:38 | 000,000,233 | ---- | C] () -- C:\Windows\qwimp.ini
[2013/07/29 07:07:26 | 000,000,022 | ---- | C] () -- C:\Windows\INTUPREM.DAT
[2013/07/29 07:06:55 | 000,000,052 | ---- | C] () -- C:\Windows\intuprof.ini
[2013/07/29 07:06:54 | 000,000,872 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2013/06/15 21:28:28 | 000,893,239 | ---- | C] () -- C:\Users\Zlatoper\AppData\Local\a.zip
[2013/06/12 09:20:40 | 000,776,014 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/02 15:29:04 | 000,000,317 | ---- | C] () -- C:\Users\Zlatoper\hsqlprefs.dat
[2012/12/11 22:02:38 | 000,000,145 | ---- | C] () -- C:\Users\Zlatoper\.appletviewer
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/26 20:47:10 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\0D0S1L2Z1P1B
[2014/02/14 10:31:26 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\AnvSoft
[2014/01/08 22:11:49 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\Blio
[2013/06/15 21:28:27 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\Catalina – Print Savings
[2014/02/21 07:45:17 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\DigitalSite
[2014/02/21 07:45:17 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\DigitalSites
[2013/12/20 06:03:44 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\NetBeans
[2013/06/07 20:41:10 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\OpenOffice.org
[2013/11/12 00:10:16 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\openvr
[2014/06/08 09:40:10 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\Oracle
[2014/08/17 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\SoftGrid Client
[2012/06/27 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\Synaptics
[2013/06/12 09:21:12 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\TP
[2014/01/02 12:19:20 | 000,000,000 | ---D | M] -- C:\Users\Zlatoper\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
 
< End of report >
 

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello CZ2761,

Welcome back to the Malware forum. :)

Now

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

After that

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.

  • When the scan is done Notepad will open with rKill log. Please copy and past that in your reply.

Note: rKill.txt log can also be found on your desktop.

So when you return please post
  • FRST.txt
  • Addition.txt
  • rKill.txt


  • 0

#3
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Thank you for your help!   Logs are included below.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Zlatoper (administrator) on ZLATOPER-HP on 21-10-2014 21:03:58
Running from C:\Users\Zlatoper\Downloads
Loaded Profile: Zlatoper (Available profiles: Zlatoper)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-12-11] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-425876873-3771999699-2460655575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billminder.lnk
ShortcutTarget: Billminder.lnk -> C:\Program Files (x86)\Quicken\billmind.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Startup.lnk
ShortcutTarget: Quicken Startup.lnk -> C:\Program Files (x86)\Quicken\QWDLLS.EXE (Intuit)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = 
SearchScopes: HKCU - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = 
SearchScopes: HKCU - {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = 
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\Parameters: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{1A0007E2-C4AD-4D63-91BE-076B18151F73}: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{27056DB1-52BF-4DC6-8372-1EBB099843C7}: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 75.126.206.18,184.173.169.186
 
FireFox:
========
FF ProfilePath: C:\Users\Zlatoper\AppData\Roaming\Mozilla\Firefox\Profiles\xw4jsq8x.default
FF Homepage: www.hotmail.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Zlatoper\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://hotmail.com/", "hxxp://facebook.com/"
CHR Profile: C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21]
CHR Extension: (Google Drive) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-21]
CHR Extension: (Google Search) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-21]
CHR Extension: (Website Logon) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-10-21]
CHR Extension: (Google Sheets) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-21]
CHR Extension: (Gmail) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-21]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
S3 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8961 2013-01-15] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 mrtRate; No ImagePath
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-21 21:03 - 2014-10-21 21:04 - 00018294 _____ () C:\Users\Zlatoper\Downloads\FRST.txt
2014-10-21 21:03 - 2014-10-21 21:04 - 00000000 ____D () C:\FRST
2014-10-21 21:02 - 2014-10-21 21:02 - 02110976 _____ (Farbar) C:\Users\Zlatoper\Downloads\FRST64.exe
2014-10-21 20:39 - 2014-10-21 20:39 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 20:39 - 2014-10-21 20:39 - 00002255 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-10-21 20:39 - 2014-10-21 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 13:51 - 2014-10-16 13:51 - 00087084 _____ () C:\Users\Zlatoper\Desktop\OTL.Txt
2014-10-16 13:43 - 2014-10-16 13:43 - 00083164 _____ () C:\Users\Zlatoper\Downloads\Extras.Txt
2014-10-16 13:42 - 2014-10-16 13:42 - 00087084 _____ () C:\Users\Zlatoper\Downloads\OTL.Txt
2014-10-16 13:32 - 2014-10-16 13:32 - 00602112 _____ (OldTimer Tools) C:\Users\Zlatoper\Downloads\OTL.exe
2014-10-15 21:19 - 2014-10-15 21:18 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-15 07:45 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:45 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:45 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:45 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:44 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:44 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:44 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:44 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:44 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:44 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:44 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:44 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:44 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:44 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:44 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:44 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:44 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:44 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:44 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:44 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:44 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:44 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:44 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:44 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:44 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:44 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:44 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:44 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:44 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:44 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:44 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:44 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:44 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:44 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:44 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:44 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:44 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:43 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:43 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:43 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:43 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:43 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:43 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:43 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:43 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:43 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:43 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:43 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:43 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:43 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:43 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:43 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:43 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:43 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:43 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:43 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:43 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:43 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:43 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:43 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:43 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:43 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:43 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:43 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:43 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:43 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:43 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:43 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:43 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:43 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:43 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:43 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:43 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:43 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:43 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:43 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:43 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:43 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:43 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:43 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:43 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:43 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:43 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:43 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:43 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:43 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:43 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:43 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:43 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:43 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:43 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:43 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:43 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 07:43 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:43 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:43 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:43 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:43 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:43 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 07:42 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:42 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 19:00 - 2014-10-21 07:13 - 00000952 _____ () C:\Windows\setupact.log
2014-10-14 19:00 - 2014-10-14 19:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-14 07:53 - 2014-10-14 07:53 - 00001764 _____ () C:\Users\Zlatoper\Downloads\FinalAppeal.acsm
2014-10-12 10:54 - 2014-10-12 10:54 - 04965896 _____ (Piriform Ltd) C:\Users\Zlatoper\Downloads\ccsetup418.exe
2014-10-11 12:13 - 2014-10-11 12:13 - 00000119 _____ () C:\Users\Zlatoper\Downloads\text_0 (7).txt
2014-10-11 09:27 - 2014-10-11 09:27 - 00000025 _____ () C:\Users\Zlatoper\Downloads\text_0 (6).txt
2014-10-11 09:27 - 2014-10-11 09:27 - 00000025 _____ () C:\Users\Zlatoper\Downloads\text_0 (5).txt
2014-10-11 09:26 - 2014-10-11 09:26 - 00000045 _____ () C:\Users\Zlatoper\Downloads\text_0 (4).txt
2014-10-11 09:25 - 2014-10-11 09:25 - 00000045 _____ () C:\Users\Zlatoper\Downloads\text_0 (3).txt
2014-10-11 09:25 - 2014-10-11 09:25 - 00000004 _____ () C:\Users\Zlatoper\Downloads\text_0 (2).txt
2014-10-11 09:23 - 2014-10-11 09:23 - 00000012 _____ () C:\Users\Zlatoper\Downloads\text_0 (1).txt
2014-10-09 19:02 - 2014-10-14 18:53 - 00000000 ____D () C:\Windows\Minidump
2014-10-07 12:19 - 2014-10-07 12:19 - 00005822 _____ () C:\Users\Zlatoper\Downloads\ordercon (1).htm
2014-10-02 19:48 - 2014-10-02 19:48 - 00000003 _____ () C:\Users\Zlatoper\Downloads\text_0.txt
2014-10-01 21:02 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 21:02 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 05:46 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 05:46 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-21 20:47 - 2014-02-04 07:47 - 00000304 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-21 20:47 - 2013-10-26 20:45 - 00000304 _____ () C:\Windows\Tasks\DigitalSite.job
2014-10-21 20:38 - 2013-12-24 14:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-21 20:34 - 2012-09-23 06:35 - 00000000 ____D () C:\Users\Zlatoper\AppData\Local\Google
2014-10-21 20:30 - 2013-12-24 14:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 20:30 - 2013-12-24 14:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 20:12 - 2012-08-31 21:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 20:04 - 2012-06-27 21:50 - 00000000 ____D () C:\Users\Zlatoper
2014-10-21 19:36 - 2014-05-06 05:32 - 01284295 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 12:41 - 2012-06-27 22:02 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{96A4FDF9-3CF8-4EAA-9862-DD7510AA0538}
2014-10-21 07:20 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 07:20 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 07:20 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 07:13 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 16:29 - 2013-07-29 07:08 - 00000233 _____ () C:\Windows\qwimp.ini
2014-10-20 16:29 - 2013-07-29 07:06 - 00000872 _____ () C:\Windows\QUICKEN.INI
2014-10-20 11:44 - 2014-02-07 20:36 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForZlatoper
2014-10-20 11:44 - 2014-02-07 20:36 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForZlatoper.job
2014-10-19 20:25 - 2013-12-24 14:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:25 - 2013-12-24 14:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 22:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-18 09:38 - 2013-06-18 21:01 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-18 09:38 - 2013-06-18 21:01 - 00000866 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-10-17 20:32 - 2013-06-12 09:21 - 00000000 ____D () C:\Users\Zlatoper\AppData\Roaming\SoftGrid Client
2014-10-17 18:14 - 2013-06-06 13:13 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-17 18:14 - 2012-07-08 06:34 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-17 07:43 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 21:06 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-16 09:34 - 2009-07-14 00:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 09:32 - 2014-05-07 07:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 09:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 09:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 21:24 - 2014-08-28 19:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 21:21 - 2013-10-25 09:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-15 21:18 - 2014-08-23 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-15 21:18 - 2014-08-23 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-15 21:18 - 2014-05-20 09:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 21:18 - 2013-10-25 09:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-14 07:54 - 2013-07-09 18:43 - 00000000 ____D () C:\Users\Zlatoper\Documents\My Digital Editions
2014-10-12 13:31 - 2013-07-29 07:06 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-10-12 10:54 - 2013-06-18 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-12 10:54 - 2013-06-18 21:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-02 15:53 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-23 20:12 - 2012-08-31 21:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:12 - 2012-08-31 21:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:12 - 2011-11-09 13:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 19:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
 
Files to move or delete:
====================
C:\Users\Zlatoper\hsqlprefs.dat
 
 
Some content of TEMP:
====================
C:\Users\Zlatoper\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 17:08
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Zlatoper at 2014-10-21 21:04:53
Running from C:\Users\Zlatoper\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.8) (Version: 5.0.0.8 - Coupons.com Incorporated)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Java™ 6 Update 35 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416035FF}) (Version: 6.0.350 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Installer (HKLM-x32\...\{236FF571-7197-40E9-921D-D5FDC752C697}) (Version: 1.1.5.0 - Oracle Corporation)
MySQL Server 5.5 (HKLM\...\{6150345A-1382-4713-B38B-482388DC7E7B}) (Version: 5.5.29 - Oracle Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
P@H-Protocol (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Quicken 2003 Premier (HKLM-x32\...\InstallShield_{359BF8A1-CB4C-4212-A174-BD63F052EE33}) (Version: 12.00.0000 - Intuit)
Quicken 2003 Premier (x32 Version: 12.00.0000 - Intuit) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-09-2014 00:07:16 Windows Update
30-09-2014 16:04:38 Windows Update
02-10-2014 10:36:29 Windows Update
07-10-2014 14:13:59 Windows Update
14-10-2014 11:54:35 Windows Update
16-10-2014 01:17:35 Installed Java 7 Update 71
16-10-2014 13:06:53 Windows Update
21-10-2014 11:18:11 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1F73D329-4F6F-4009-81EC-5C6384B1714A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {30851864-4B4E-4078-9D4C-DA415BD6A767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {38910804-B51B-48C5-ADDA-846CEB6D772D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {514FAFC7-89B4-4DFC-9022-178E40FCF0A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {5B1F8AF7-8699-4E69-9C72-9B8C73FB37B1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
Task: {952292B0-4975-4CD3-B319-71705BA47E7C} - System32\Tasks\DigitalSite => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {B638F55F-B15D-4CEC-87AC-36A4FC39F5FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {BB19AFB2-1455-43EE-9668-CE6A549E52FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {C8C4C16C-59BA-49E3-8400-24E32D7EEDA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {CADD2E1B-2D9A-47EB-8A6C-987B1EC448B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {CFDE738C-68AF-41D0-854A-2FE44A050B31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D2936602-0487-4747-B084-50C48A5B6C7E} - System32\Tasks\Digital Sites => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D85B06F5-494D-4883-827E-10F3C951DB24} - System32\Tasks\HPCeeScheduleForZlatoper => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForZlatoper.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-04-07 21:29 - 2011-08-10 02:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-30 14:40 - 2011-09-30 14:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-16 10:05 - 2014-10-16 10:05 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2012-04-07 21:29 - 2011-05-20 13:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-21 20:39 - 2014-10-09 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-425876873-3771999699-2460655575-500 - Administrator - Disabled)
Guest (S-1-5-21-425876873-3771999699-2460655575-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-425876873-3771999699-2460655575-1002 - Limited - Enabled)
Zlatoper (S-1-5-21-425876873-3771999699-2460655575-1001 - Administrator - Enabled) => C:\Users\Zlatoper
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/21/2014 07:13:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 05:59:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22869
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22869
 
 
System errors:
=============
Error: (10/21/2014 07:13:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/20/2014 05:59:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 06:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 03:14:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 10:07:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Error: (10/19/2014 07:58:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 11:02:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 08:42:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 03:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 01:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (10/21/2014 07:13:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 05:59:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22869
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22869
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 4043.86 MB
Available physical RAM: 2120.15 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5895.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:440.52 GB) (Free:383.36 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:21.08 GB) (Free:2.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A73C3CB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================
 
 
Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/21/2014 09:09:00 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Zlatoper\Downloads\FRST64.exe (PID: 4408) [UP-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 10/21/2014 09:10:27 PM
Execution time: 0 hours(s), 1 minute(s), and 26 seconds(s)

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again CZ2761,

Please post your logs in normal black colour. Very hard for me to analyse in the colour you have chosen.

Now

Bit to do in this post. :)

Firstly

There are two adware related programs that should be removed.

Please go to Control Panel > Uninstall a program and uninstall Catalina Savings Printer and Zip Extractor Packages

Next

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

Finally in this post

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When you return please post

  • Fixlog.txt
  • AdwCleaner log
  • JRT.txt

 


  • 0

#5
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

Sorry about the font color  :-/    Here's the next set of logs:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-10-2014
Ran by Zlatoper at 2014-10-23 19:24:11 Run:2
Running from C:\Users\Zlatoper\Downloads
Loaded Profile: Zlatoper (Available profiles: Zlatoper)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = 
SearchScopes: HKCU - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = 
SearchScopes: HKCU - {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = 
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
FF ProfilePath: C:\Users\Zlatoper\AppData\Roaming\Mozilla\Firefox\Profiles\xw4jsq8x.default
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
CHR Extension: (Google Slides) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (Google Search) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-21]
CHR Extension: (Website Logon) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-10-21]
CHR Extension: (Google Sheets) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-21]
CHR Extension: (Gmail) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-21]
C:\Users\Zlatoper\hsqlprefs.dat
C:\Users\Zlatoper\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
CustomCLSID: HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
C:\Users\Zlatoper
Task: {D2936602-0487-4747-B084-50C48A5B6C7E} - System32\Tasks\Digital Sites => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE
AlternateDataStreams: C:\ProgramData\Temp:373E1720
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
EmptyTemp:
*****************
 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\Wow6432Node\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\Wow6432Node\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}" => Key not found.
"HKCR\CLSID\{4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
 => Should not be moved.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
"C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll" => File/Directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia directory not found.
"C:\Users\Zlatoper\hsqlprefs.dat" => File/Directory not found.
"C:\Users\Zlatoper\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe" => File/Directory not found.
"HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key not found.
"C:\Users\Zlatoper" => Warning: FRST is scripted not to move this directory.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2936602-0487-4747-B084-50C48A5B6C7E}" => Key not found.
C:\Windows\System32\Tasks\Digital Sites not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key not found.
C:\Windows\Tasks\Digital Sites.job not found.
C:\Windows\Tasks\DigitalSite.job not found.
"C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE" => File/Directory not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\sndappv2" => Key not found.
EmptyTemp: => Removed 31.4 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
# AdwCleaner v4.001 - Report created 23/10/2014 at 19:36:37
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Zlatoper - ZLATOPER-HP
# Running from : C:\Users\Zlatoper\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
 
-\\ Mozilla Firefox v32.0.1 (x86 en-US)
 
 
-\\ Google Chrome v38.0.2125.104
 
 
*************************
 
AdwCleaner[R0].txt - [3748 octets] - [23/10/2014 17:47:45]
AdwCleaner[R1].txt - [914 octets] - [23/10/2014 19:29:41]
AdwCleaner[S0].txt - [3835 octets] - [23/10/2014 19:02:38]
AdwCleaner[S1].txt - [829 octets] - [23/10/2014 19:36:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [888 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Zlatoper on Thu 10/23/2014 at 19:42:05.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBatBrowse_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBatBrowse_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSecretSauce_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSecretSauce_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSecretSauce_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSecretSauce_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSecretSauce_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSecretSauce_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSecretSauce_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSecretSauce_RASMANCS
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{01B04691-CB56-493E-80B9-BADF0CC20675}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{03CBACF9-706B-4FCA-BB50-C9175A1F08B7}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{04D42FAD-C5C6-42F6-912B-3EE0DF03633A}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{0A1F08EF-0870-4FEC-ADBC-06D1F5A8779F}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{1037F45D-65BA-47BB-AFE1-EA2A5028C759}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{17CB4BB5-8F12-46FD-BE03-0A5266CCF2EC}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{2C03F4D8-D6D8-4D33-9E91-D6B2C6774910}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{3DDD57F1-D504-428D-B947-03B0795F6E91}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{4BE636F7-8004-4A09-82BC-6E8CA8D0963B}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{4D580E47-477E-487C-8AAC-64115511F9B5}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{56072B40-49B2-4D13-B72B-347BC43187EE}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{587809DD-FC77-464F-94D7-06137C19E01E}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{619DA7DC-9698-4BCB-A8B6-2FB09229A7B3}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{769C4857-1041-42B4-9C3E-722719AE51A7}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{7EBA65CE-7735-4F27-AA99-F3E0AF8E6626}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{7F346885-110C-41D5-BE19-78FC28157A31}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{87FA7459-65EA-40E7-982E-4FB211846EBB}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{A239BFE2-7D83-4AF9-896C-2115CBA21BBB}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{C62712C3-AB26-40F7-8BFC-C8A151B78132}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{C6D686E5-A3C3-427A-B359-79F414E95FE3}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{D94DA301-60C5-4E1E-AB79-28329DB8DD01}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{DD9A092B-FC53-4E0F-A500-6B53062B1902}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{EB4BABFB-6052-4492-95F1-ED7ED784CEE6}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{F687C943-25B8-4953-A343-8B06DB34B87B}
Successfully deleted: [Empty Folder] C:\Users\Zlatoper\appdata\local\{FF7740E0-B4E4-4785-B384-4586FAF509B3}
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\Zlatoper\AppData\Roaming\mozilla\firefox\profiles\xw4jsq8x.default\prefs.js
 
user_pref("extensions.toolbar.mindspark._4pMembers_.lastActivePing", "1398123430196");
user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
Emptied folder: C:\Users\Zlatoper\AppData\Roaming\mozilla\firefox\profiles\xw4jsq8x.default\minidumps [17 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/23/2014 at 19:45:07.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Oh dear, I inadvertently confused your computers name with a malware. Luckily though FRST didn't pursue it.

Your browser will be very clean lol.

Now

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 


  • 0

#7
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

I haven't had a core dump in over a week and Media Player seems to be working OK.  Walmart.com and Target.com still do not load.  I have a white screen.  Below is my ESET log. Thanks for your help!

 

C:\$RECYCLE.BIN\S-1-5-21-425876873-3771999699-2460655575-1001\$RNOBMMI.exe a variant of Win32/Systweak.H potentially unwanted application deleted - quarantined
C:\$RECYCLE.BIN\S-1-5-21-425876873-3771999699-2460655575-1001\$RY8ZT75.exe a variant of Win32/Systweak.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Zlatoper\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Zlatoper\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Zlatoper\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir Win32/NextLive.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Zlatoper\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined

  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again CZ2761,

 

 

  Walmart.com and Target.com still do not load.  I have a white screen.

 

Let's have another look. :)

 

Please download Security Check by screen317 from here .

  •    
  • Save it to your Desktop.
       
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
       
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

After that

 

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

 

So when you return please post

checkup.txt

FRST.txt

Additon.txt


  • 0

#9
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 71  
 Java 7 Update 51  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox 32.0.1 Firefox out of Date!  
 Google Chrome 38.0.2125.104  
````````Process Check: objlist.exe by Laurent````````  
 windows defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-10-2014
Ran by Zlatoper at 2014-10-24 16:08:45 Run:3
Running from C:\Users\Zlatoper\Downloads
Loaded Profile: Zlatoper (Available profiles: Zlatoper)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = 
SearchScopes: HKCU - {30ACCA69-9247-439E-82CF-6E6ACD31B74C} URL = 
SearchScopes: HKCU - {4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = 
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
FF ProfilePath: C:\Users\Zlatoper\AppData\Roaming\Mozilla\Firefox\Profiles\xw4jsq8x.default
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
CHR Extension: (Google Slides) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (Google Search) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-21]
CHR Extension: (Website Logon) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-10-21]
CHR Extension: (Google Sheets) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-21]
CHR Extension: (Gmail) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-21]
C:\Users\Zlatoper\hsqlprefs.dat
C:\Users\Zlatoper\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
CustomCLSID: HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
C:\Users\Zlatoper
Task: {D2936602-0487-4747-B084-50C48A5B6C7E} - System32\Tasks\Digital Sites => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE
AlternateDataStreams: C:\ProgramData\Temp:373E1720
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
EmptyTemp:
*****************
 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\Wow6432Node\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\Wow6432Node\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCR\CLSID\{30ACCA69-9247-439E-82CF-6E6ACD31B74C}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}" => Key not found.
"HKCR\CLSID\{4A06CDD1-961A-4BBB-8A72-7EEC7A6D2922}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
 => Should not be moved.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
"C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll" => File/Directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda directory not found.
C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia directory not found.
"C:\Users\Zlatoper\hsqlprefs.dat" => File/Directory not found.
"C:\Users\Zlatoper\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe" => File/Directory not found.
"HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key not found.
"C:\Users\Zlatoper" => Warning: FRST is scripted not to move this directory.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2936602-0487-4747-B084-50C48A5B6C7E}" => Key not found.
C:\Windows\System32\Tasks\Digital Sites not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key not found.
C:\Windows\Tasks\Digital Sites.job not found.
C:\Windows\Tasks\DigitalSite.job not found.
"C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE" => File/Directory not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\sndappv2" => Key not found.
EmptyTemp: => Removed 1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Zlatoper at 2014-10-21 21:04:53
Running from C:\Users\Zlatoper\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.8) (Version: 5.0.0.8 - Coupons.com Incorporated)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Java™ 6 Update 35 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416035FF}) (Version: 6.0.350 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Installer (HKLM-x32\...\{236FF571-7197-40E9-921D-D5FDC752C697}) (Version: 1.1.5.0 - Oracle Corporation)
MySQL Server 5.5 (HKLM\...\{6150345A-1382-4713-B38B-482388DC7E7B}) (Version: 5.5.29 - Oracle Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
P@H-Protocol (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Quicken 2003 Premier (HKLM-x32\...\InstallShield_{359BF8A1-CB4C-4212-A174-BD63F052EE33}) (Version: 12.00.0000 - Intuit)
Quicken 2003 Premier (x32 Version: 12.00.0000 - Intuit) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-425876873-3771999699-2460655575-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Zlatoper\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-09-2014 00:07:16 Windows Update
30-09-2014 16:04:38 Windows Update
02-10-2014 10:36:29 Windows Update
07-10-2014 14:13:59 Windows Update
14-10-2014 11:54:35 Windows Update
16-10-2014 01:17:35 Installed Java 7 Update 71
16-10-2014 13:06:53 Windows Update
21-10-2014 11:18:11 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1F73D329-4F6F-4009-81EC-5C6384B1714A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {30851864-4B4E-4078-9D4C-DA415BD6A767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {38910804-B51B-48C5-ADDA-846CEB6D772D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {514FAFC7-89B4-4DFC-9022-178E40FCF0A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {5B1F8AF7-8699-4E69-9C72-9B8C73FB37B1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
Task: {952292B0-4975-4CD3-B319-71705BA47E7C} - System32\Tasks\DigitalSite => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {B638F55F-B15D-4CEC-87AC-36A4FC39F5FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {BB19AFB2-1455-43EE-9668-CE6A549E52FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {C8C4C16C-59BA-49E3-8400-24E32D7EEDA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {CADD2E1B-2D9A-47EB-8A6C-987B1EC448B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {CFDE738C-68AF-41D0-854A-2FE44A050B31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D2936602-0487-4747-B084-50C48A5B6C7E} - System32\Tasks\Digital Sites => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D85B06F5-494D-4883-827E-10F3C951DB24} - System32\Tasks\HPCeeScheduleForZlatoper => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Zlatoper\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForZlatoper.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-04-07 21:29 - 2011-08-10 02:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-30 14:40 - 2011-09-30 14:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-16 10:05 - 2014-10-16 10:05 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2012-04-07 21:29 - 2011-05-20 13:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-21 20:39 - 2014-10-09 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-425876873-3771999699-2460655575-500 - Administrator - Disabled)
Guest (S-1-5-21-425876873-3771999699-2460655575-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-425876873-3771999699-2460655575-1002 - Limited - Enabled)
Zlatoper (S-1-5-21-425876873-3771999699-2460655575-1001 - Administrator - Enabled) => C:\Users\Zlatoper
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/21/2014 07:13:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 05:59:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Here you go.  I attached the fixlog.txt rather than the FRST.txt assuming the fixlog was the file you wanted.
 
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22869
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22869
 
 
System errors:
=============
Error: (10/21/2014 07:13:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/20/2014 05:59:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 06:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 03:14:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/19/2014 10:07:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Error: (10/19/2014 07:58:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 11:02:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 08:42:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 03:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/18/2014 01:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (10/21/2014 07:13:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 424791
 
Error: (10/20/2014 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
 
Error: (10/20/2014 11:47:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2014 05:59:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22869
 
Error: (10/19/2014 08:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22869
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 4043.86 MB
Available physical RAM: 2120.15 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5895.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:440.52 GB) (Free:383.36 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:21.08 GB) (Free:2.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A73C3CB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================

  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hmm... something funny going on there.

 

Looks like you ran the fix again rather than a scan. Also that Addition.txt is from the other day.

 

Please try the FRST one again.

 

Please click on FRST63.exe and check (tick) the box beside Addition.txt (bottom right) and then press scan. Post back the two logs generated - FRST.txt and Addition.txt.


  • 0

Advertisements


#11
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

These should be correct:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Zlatoper (administrator) on ZLATOPER-HP on 24-10-2014 16:38:22
Running from C:\Users\Zlatoper\Downloads
Loaded Profile: Zlatoper (Available profiles: Zlatoper)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-12-11] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-425876873-3771999699-2460655575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-425876873-3771999699-2460655575-1001\...\MountPoints2: {db3889d2-c0fd-11e1-aebe-806e6f6e6963} - F:\dvd_rom.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billminder.lnk
ShortcutTarget: Billminder.lnk -> C:\Program Files (x86)\Quicken\billmind.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Startup.lnk
ShortcutTarget: Quicken Startup.lnk -> C:\Program Files (x86)\Quicken\QWDLLS.EXE (Intuit)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\Parameters: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{1A0007E2-C4AD-4D63-91BE-076B18151F73}: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{27056DB1-52BF-4DC6-8372-1EBB099843C7}: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 75.126.206.18,184.173.169.186
 
FireFox:
========
FF ProfilePath: C:\Users\Zlatoper\AppData\Roaming\Mozilla\Firefox\Profiles\xw4jsq8x.default
FF Homepage: www.hotmail.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://hotmail.com/", "hxxp://facebook.com/"
CHR Profile: C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-21]
CHR Extension: (YouTube) - C:\Users\Zlatoper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-21]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
S3 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8961 2013-01-15] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 mrtRate; No ImagePath
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-24 16:38 - 2014-10-24 16:38 - 00014827 _____ () C:\Users\Zlatoper\Downloads\FRST.txt
2014-10-24 16:05 - 2014-10-24 16:19 - 00000000 ____D () C:\Users\Zlatoper\Downloads\FRST-OlderVersion
2014-10-24 16:01 - 2014-10-24 16:01 - 00854448 _____ () C:\Users\Zlatoper\Desktop\SecurityCheck.exe
2014-10-24 15:29 - 2014-10-24 15:29 - 00000003 _____ () C:\Users\Zlatoper\Downloads\Five Words.txt
2014-10-24 15:28 - 2014-10-24 15:28 - 00000003 _____ () C:\Users\Zlatoper\Desktop\Five Words.txt
2014-10-23 19:53 - 2014-10-23 19:54 - 01706144 _____ (Thisisu) C:\Users\Zlatoper\Downloads\JRT (1).exe
2014-10-23 19:45 - 2014-10-23 19:45 - 00005310 _____ () C:\Users\Zlatoper\Desktop\JRT.txt
2014-10-23 19:42 - 2014-10-23 19:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-23 19:40 - 2014-10-23 19:41 - 01706144 _____ (Thisisu) C:\Users\Zlatoper\Downloads\JRT.exe
2014-10-23 17:47 - 2014-10-23 19:36 - 00000000 ____D () C:\AdwCleaner
2014-10-23 17:46 - 2014-10-23 17:46 - 01962496 _____ () C:\Users\Zlatoper\Downloads\AdwCleaner.exe
2014-10-22 06:41 - 2014-10-23 19:37 - 00000952 _____ () C:\Windows\PFRO.log
2014-10-21 21:09 - 2014-10-21 21:10 - 00002142 _____ () C:\Users\Zlatoper\Desktop\Rkill.txt
2014-10-21 21:08 - 2014-10-21 21:08 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Zlatoper\Downloads\rkill.com
2014-10-21 21:04 - 2014-10-21 21:05 - 00030257 _____ () C:\Users\Zlatoper\Downloads\Addition.txt
2014-10-21 21:03 - 2014-10-24 16:38 - 00000000 ____D () C:\FRST
2014-10-21 21:02 - 2014-10-24 16:05 - 02112000 _____ (Farbar) C:\Users\Zlatoper\Downloads\FRST64.exe
2014-10-21 20:39 - 2014-10-21 20:39 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 20:39 - 2014-10-21 20:39 - 00002255 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-10-21 20:39 - 2014-10-21 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 13:51 - 2014-10-16 13:51 - 00087084 _____ () C:\Users\Zlatoper\Desktop\OTL.Txt
2014-10-16 13:43 - 2014-10-16 13:43 - 00083164 _____ () C:\Users\Zlatoper\Downloads\Extras.Txt
2014-10-16 13:42 - 2014-10-16 13:42 - 00087084 _____ () C:\Users\Zlatoper\Downloads\OTL.Txt
2014-10-16 13:32 - 2014-10-16 13:32 - 00602112 _____ (OldTimer Tools) C:\Users\Zlatoper\Downloads\OTL.exe
2014-10-15 21:19 - 2014-10-15 21:18 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-15 07:45 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:45 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:45 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:45 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:45 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:44 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:44 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:44 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:44 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:44 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:44 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:44 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:44 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:44 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:44 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:44 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:44 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:44 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:44 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:44 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:44 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:44 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:44 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:44 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:44 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:44 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:44 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:44 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:44 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:44 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:44 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:44 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:44 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:44 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:44 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:44 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:44 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:44 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:44 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:44 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:44 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:44 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:44 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:43 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:43 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:43 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:43 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:43 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:43 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:43 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:43 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:43 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:43 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:43 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:43 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:43 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:43 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:43 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:43 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:43 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:43 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:43 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:43 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:43 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:43 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:43 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:43 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:43 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:43 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:43 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:43 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:43 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:43 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:43 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:43 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:43 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:43 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:43 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:43 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:43 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:43 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:43 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:43 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:43 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:43 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:43 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:43 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:43 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:43 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:43 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:43 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:43 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:43 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:43 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:43 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:43 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:43 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:43 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:43 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 07:43 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:43 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:43 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:43 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:43 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:43 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:43 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:43 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 07:42 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:42 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 19:00 - 2014-10-24 16:15 - 00001512 _____ () C:\Windows\setupact.log
2014-10-14 19:00 - 2014-10-14 19:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 19:02 - 2014-10-14 18:53 - 00000000 ____D () C:\Windows\Minidump
2014-10-01 21:02 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 21:02 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 05:46 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 05:46 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-24 16:34 - 2014-05-06 05:32 - 01431364 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 16:30 - 2013-12-24 14:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 16:24 - 2012-06-27 22:02 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{96A4FDF9-3CF8-4EAA-9862-DD7510AA0538}
2014-10-24 16:23 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 16:23 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 16:21 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-24 16:15 - 2013-12-24 14:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 16:15 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 16:12 - 2012-08-31 21:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 15:29 - 2013-06-06 13:13 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-24 15:29 - 2012-07-08 06:34 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-24 11:44 - 2014-02-07 20:36 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForZlatoper
2014-10-24 11:44 - 2014-02-07 20:36 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForZlatoper.job
2014-10-24 11:11 - 2009-07-14 01:08 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-23 19:02 - 2012-06-27 21:50 - 00000000 ____D () C:\Users\Zlatoper
2014-10-22 14:27 - 2013-07-29 07:08 - 00000233 _____ () C:\Windows\qwimp.ini
2014-10-22 14:27 - 2013-07-29 07:06 - 00000872 _____ () C:\Windows\QUICKEN.INI
2014-10-21 20:38 - 2013-12-24 14:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-21 20:34 - 2012-09-23 06:35 - 00000000 ____D () C:\Users\Zlatoper\AppData\Local\Google
2014-10-19 20:25 - 2013-12-24 14:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:25 - 2013-12-24 14:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 22:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-18 09:38 - 2013-06-18 21:01 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-18 09:38 - 2013-06-18 21:01 - 00000866 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-10-17 20:32 - 2013-06-12 09:21 - 00000000 ____D () C:\Users\Zlatoper\AppData\Roaming\SoftGrid Client
2014-10-17 07:43 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 21:06 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-16 09:34 - 2009-07-14 00:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 09:32 - 2014-05-07 07:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 09:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 09:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 21:24 - 2014-08-28 19:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 21:21 - 2013-10-25 09:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-15 21:18 - 2014-08-23 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-15 21:18 - 2014-08-23 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-15 21:18 - 2014-05-20 09:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 21:18 - 2013-10-25 09:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-14 07:54 - 2013-07-09 18:43 - 00000000 ____D () C:\Users\Zlatoper\Documents\My Digital Editions
2014-10-12 13:31 - 2013-07-29 07:06 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-10-12 10:54 - 2013-06-18 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-12 10:54 - 2013-06-18 21:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-02 15:53 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 17:08
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Zlatoper at 2014-10-24 16:39:08
Running from C:\Users\Zlatoper\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Java™ 6 Update 35 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416035FF}) (Version: 6.0.350 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Installer (HKLM-x32\...\{236FF571-7197-40E9-921D-D5FDC752C697}) (Version: 1.1.5.0 - Oracle Corporation)
MySQL Server 5.5 (HKLM\...\{6150345A-1382-4713-B38B-482388DC7E7B}) (Version: 5.5.29 - Oracle Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
P@H-Protocol (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Quicken 2003 Premier (HKLM-x32\...\InstallShield_{359BF8A1-CB4C-4212-A174-BD63F052EE33}) (Version: 12.00.0000 - Intuit)
Quicken 2003 Premier (x32 Version: 12.00.0000 - Intuit) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
25-09-2014 00:07:16 Windows Update
30-09-2014 16:04:38 Windows Update
02-10-2014 10:36:29 Windows Update
07-10-2014 14:13:59 Windows Update
14-10-2014 11:54:35 Windows Update
16-10-2014 01:17:35 Installed Java 7 Update 71
16-10-2014 13:06:53 Windows Update
21-10-2014 11:18:11 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1F73D329-4F6F-4009-81EC-5C6384B1714A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {30851864-4B4E-4078-9D4C-DA415BD6A767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {38910804-B51B-48C5-ADDA-846CEB6D772D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {514FAFC7-89B4-4DFC-9022-178E40FCF0A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {5B1F8AF7-8699-4E69-9C72-9B8C73FB37B1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
Task: {B638F55F-B15D-4CEC-87AC-36A4FC39F5FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {BB19AFB2-1455-43EE-9668-CE6A549E52FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {C8C4C16C-59BA-49E3-8400-24E32D7EEDA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {CADD2E1B-2D9A-47EB-8A6C-987B1EC448B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)
Task: {CFDE738C-68AF-41D0-854A-2FE44A050B31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {D85B06F5-494D-4883-827E-10F3C951DB24} - System32\Tasks\HPCeeScheduleForZlatoper => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForZlatoper.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-04-07 21:29 - 2011-08-10 02:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-30 14:40 - 2011-09-30 14:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-21 20:39 - 2014-10-09 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-21 20:39 - 2014-10-09 22:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-16 10:05 - 2014-10-16 10:05 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2012-04-07 21:29 - 2011-05-20 13:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-10-21 20:39 - 2014-10-09 22:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-425876873-3771999699-2460655575-500 - Administrator - Disabled)
Guest (S-1-5-21-425876873-3771999699-2460655575-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-425876873-3771999699-2460655575-1002 - Limited - Enabled)
Zlatoper (S-1-5-21-425876873-3771999699-2460655575-1001 - Administrator - Enabled) => C:\Users\Zlatoper
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/24/2014 04:15:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1653
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1653
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/24/2014 00:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5678
 
Error: (10/24/2014 00:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5678
 
Error: (10/24/2014 11:47:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/24/2014 11:11:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 10:20:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 08:24:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15413
 
 
System errors:
=============
Error: (10/24/2014 04:15:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/24/2014 00:11:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
 
Error: (10/24/2014 11:11:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/24/2014 10:20:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
Error: (10/24/2014 06:13:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (10/24/2014 04:15:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1653
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1653
 
Error: (10/24/2014 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/24/2014 00:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5678
 
Error: (10/24/2014 00:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5678
 
Error: (10/24/2014 11:47:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/24/2014 11:11:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 10:20:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 08:24:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15413
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 4043.86 MB
Available physical RAM: 1899.85 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5606.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:440.52 GB) (Free:381.53 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:21.08 GB) (Free:2.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
Drive f: (Shield Season 4 Disc 1) (CDROM) (Total:7.16 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A73C3CB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================

  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello CZ2761,

Your Adobe Acrobat Reader is out of date. Older versions are vunerable to attack.

Please go to the link below to update.

Note: Before you download/install ensure you uncheck the "Yes install Chrome as default browser and Google Toolbar for Internet Explorer" or any other third party software option. That is foistware.

http://www.adobe.com.../readstep2.html

Note: From time to time software suppliers change the foistware options so it may not show the one quoted in the instructions above. Just take care to untick any boxes offering an option to download or install any other program.

Step 2

Your Java is out of date. Older versions are vulnerable to attack.

Please follow these steps:
 

  • Download and install Java for Windows

    Note: When installing make sure you untick any boxes that install any other program such as Ask Tool Bar, Ask Search Engine, McAfee site advisor, Chrome or some such. They are foistware and you don't need them.

    Reboot your computer.
    You also need to unininstall older versions of Java.
       
  • Click Start > Control Panel > Uninstall a program
       
  • Remove all Java updates except the latest one you have just installed.

Step 3

Your Firefox is out of date. If you use FF you should update it now.

Go to Firefox > Help > About Firefox and allow it to check and update your browser.

Unless I am mistaken your logs are not showing that you have a anti-virus program.

Without an anti-virus program you have no protection. You should consider installing one.

Here are two good anti-virus programs free for personal use:



Note: Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Next

Please download Farbar Service Scanner and run.
 

  • Make sure the following options are checked:

     
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services
  • Press Scan
  • A log (FSS.txt) will be created in the same directory the tool is run.
  • Copy and paste the log back here.

 

 


  • 0

#13
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

Thanks!

 

Farbar Service Scanner Version: 21-07-2014
Ran by Zlatoper (administrator) on 24-10-2014 at 17:42:01
Running from "C:\Users\Zlatoper\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again CZ2761,

 

Please try automatically resetting IE, see How to reset Internet Explorer and in particular click on Automatically open the Reset Internet Explorer Settings dialog box then click to download the automatic wizard. Click to run and follow the prompts.

 

After that

 

Please use the System File Checker tool (SFC.exe) to check your system and replace files where necessary.

The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.

To do this, follow these steps:

  • To do this, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  • If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
  • Type the following command, and then press ENTER:
    sfc /scannow Please note that there is a single space between sfc and /scannow.

 

Next

 

Please run Chkdsk:
 

  • Right click on the Start > Open Windows Explorer.
  • Find the hard drive letter (usually local disk C)  for which you want to run the Chkdsk utility.
  • Right-click on the driver letter and select Properties > Tools.
  • Under the Error-Checking section of the window, click the Check Now button. If you have User Account Controls enabled, a window will pop up asking permission to continue. Click Continue.
  • Click to have Chkdsk Automatically fix file system errors and to Scan for and attempt recovery of bad sectors.
  • Click Start.
  • Chkdsk might take a very long time to run, depending on the number of files and folders, the size of the volume, disk performance, and available system resources (such as processor and memory).

Chkdsk will not run if the drive you wish to check is in use. You will be requested to schedule Chkdsk. Click Schedule Check Disk, it then will run the next time you boot your computer. Shut down your computer and then turn it back on, Chkdsk will run.
 

 

When finished try your browser to see if anything has changed. Come back and tell me how things went. :)

 


  • 0

#15
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

I still cannot get to Walmart or Target websites.   Another issue:  On the Lowes.com website when I search for an item and click on "go to next page", I get an "error has occurred" message and the site freezes.  Other computers in my house can access all 3 of these sites with no issues.  This is strange.......... 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP