Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Comodo, File Angels, Java Outdated Has Security Risks. Google Chrome H

Google COMODO Jave File Angels s.mjystw Trovi Astromenda

  • This topic is locked This topic is locked

#1
Quiqzal

Quiqzal

    Member

  • Member
  • PipPip
  • 57 posts

Good Morning everyone. Thank you in advance :-)

 

I made a mistake last night and accepted and UPDATE thinking it was a real update for Java. *hangs head in shame*C

 

It only appears when I am using Google Chrome Websearch.

 

 

A pop up comes everytime I go to a webpage or even click it off it will return.

        S.mjystw.com

        Warning: Your Java Version is outdated Has Security Risks, Please Update Now.

 

 

If you hit Ok it takes you to a webpage S6.mobaea.com

 

 

Then it downloads a dl setup ex which info is           

          File Angels

          COMODO Code signing CA2

((there is a lot more under info within the Certificate and such not under more information)

 

 

Another message that keeps reappearing.

      www.x9pbuoz.com

     Recommend

     Your current Google Chrome needs an updated video player to the fastest version

 

 

In addition these pages pop up when I start Google Chrome up.

      Trovi.com      Astromenda Search

 

 

 

 

 

 

Also partion drives me nuts lol but not part of the problem.LOL

 

OTL Log Below.

 

 

 

OTL logfile created on: 10/25/2014 9:07:23 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nanette\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
23.95 Gb Total Physical Memory | 19.88 Gb Available Physical Memory | 82.99% Memory free
27.83 Gb Paging File | 22.92 Gb Available in Paging File | 82.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94.95 Gb Total Space | 28.09 Gb Free Space | 29.58% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 291.47 Gb Free Space | 62.58% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 427.45 Gb Free Space | 91.78% Space Free | Partition Type: NTFS
Drive F: | 121.98 Gb Total Space | 121.83 Gb Free Space | 99.88% Space Free | Partition Type: NTFS
 
Computer Name: STITCH | User Name: Nanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/25 09:07:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nanette\Downloads\OTL.exe
PRC - [2014/10/24 15:21:49 | 005,748,224 | ---- | M] () -- C:\Program Files (x86)\Search Extensions\Client.exe
PRC - [2014/10/22 02:27:10 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/09/22 15:47:32 | 000,741,408 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/09/16 21:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 21:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/09/13 15:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/09/12 04:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/09/04 14:03:30 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
PRC - [2013/08/19 20:35:26 | 000,055,368 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2013/08/16 17:29:08 | 000,183,408 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2013/07/23 12:54:34 | 000,602,936 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe
PRC - [2013/07/23 12:54:34 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe
PRC - [2013/06/13 15:04:12 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/05/30 17:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/05/29 20:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/05/21 12:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/05/15 17:39:12 | 000,463,872 | ---- | M] () -- C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
PRC - [2013/04/24 04:44:20 | 000,181,208 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2013/03/14 04:46:12 | 000,040,960 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
PRC - [2013/03/08 18:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2013/01/15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/09/18 15:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/05/28 13:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/24 15:21:49 | 005,748,224 | ---- | M] () -- C:\Program Files (x86)\Search Extensions\Client.exe
MOD - [2014/10/24 13:02:02 | 005,467,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/10/24 12:54:48 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/10/24 12:54:44 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/10/24 12:54:26 | 007,995,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/10/24 12:54:24 | 011,500,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/10/24 12:54:19 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2014/10/24 12:54:16 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll
MOD - [2014/10/24 12:54:00 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll
MOD - [2014/10/24 12:53:56 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll
MOD - [2014/10/24 12:53:42 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\483443985708dc5439abe7fd6350abe4\System.Core.ni.dll
MOD - [2014/10/24 12:53:39 | 010,030,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014/09/24 02:24:28 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2014/05/26 23:39:19 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/09/04 14:03:30 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
MOD - [2013/08/19 20:16:48 | 000,015,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
MOD - [2013/08/16 13:03:12 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
MOD - [2013/05/15 17:39:12 | 000,463,872 | ---- | M] () -- C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
MOD - [2013/03/14 04:46:12 | 000,040,960 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/24 03:38:43 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/24 03:16:43 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/09/24 03:16:43 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/24 03:03:47 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/24 03:03:47 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/09/24 02:50:29 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/09/24 02:50:27 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/09/24 02:33:15 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/09/24 02:24:03 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/09/24 02:24:02 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/09/24 02:23:54 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/09/24 02:23:52 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/09/24 02:23:51 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/09/24 02:23:47 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/09/16 21:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 21:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 15:09:54 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014/06/20 10:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/20 10:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/06/12 16:10:46 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2014/04/25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/04 14:03:42 | 000,342,016 | ---- | M] (Qualcomm Atheros) [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe -- (Qualcomm Atheros Killer Service V2)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/23 12:54:34 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\P4G\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2014/09/24 03:16:42 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/09/16 21:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/13 15:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/09/12 04:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/06/13 15:47:02 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/06/13 15:04:12 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/04/24 20:44:20 | 000,247,768 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2013/01/15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/12/19 01:10:38 | 000,072,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/09/24 03:46:53 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/09/24 03:03:47 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/24 03:03:47 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/24 03:03:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/24 02:50:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/09/24 02:50:30 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/09/24 02:50:28 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/09/24 02:33:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/09/24 02:32:54 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/09/24 02:32:54 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/09/24 02:23:53 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/09/24 02:23:48 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/09/24 02:23:32 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/09/24 02:23:31 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/09/24 02:23:31 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/09/24 02:23:31 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/09/24 02:23:31 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/09/24 02:23:31 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/09/24 02:23:31 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/09/24 02:23:30 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/09/24 02:23:30 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/09/24 02:23:30 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/09/24 01:53:14 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/24 01:53:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/09/16 23:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/09/16 21:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 14:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 14:32:30 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/07/24 14:31:56 | 000,444,720 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/06/20 10:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/06/20 10:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/20 10:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/20 10:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/06/20 10:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/20 10:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/06/20 10:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/04/28 06:33:30 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 21:31:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/06 04:29:56 | 000,019,256 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 12:54:34 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Program Files\ASUS\P4G\PLCTRL.sys -- (plctrl)
DRV:64bit: - [2013/06/23 23:05:26 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/06/13 15:26:44 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/06/13 15:26:42 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/06/13 15:26:42 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/06/13 15:26:42 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/06/13 15:26:42 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/06/13 15:26:42 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/06/13 15:26:40 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/30 19:57:42 | 003,812,048 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akw8x64.sys -- (akw8x64)
DRV:64bit: - [2013/04/26 03:46:02 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/04/11 01:53:22 | 000,363,920 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/13 18:11:24 | 000,075,056 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\bwcW8x64.sys -- (BfLwf)
DRV:64bit: - [2012/09/18 15:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012/08/01 22:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011/09/07 12:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 20:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearc...&cr=64052401=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://xfinity.comcast.net/?cid=wn [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {9AA97128-9101-4195-A4FE-8CD6B7A36797}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...NewSP218A_sp_ie
IE - HKCU\..\SearchScopes\{020F3A18-4782-4AEF-9E8C-08846C9DE968}: "URL" = http://astromenda.co...r=1242180888=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearc...&cr=64052401=
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{9AA97128-9101-4195-A4FE-8CD6B7A36797}: "URL" = https://search.yahoo...&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53945;https=127.0.0.1:53945
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: D:\Program Files (x86)\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: D:\Program Files (x86)\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/10/18 19:42:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/10/05 11:22:48 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.xfinity.com/
CHR - plugin: Error reading preferences file
CHR - Extension: SiteAdvisor = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_1\
CHR - Extension: Cocktail Maker = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiacbhfnlfebjddbeigkkajdpeichne\222\
CHR - Extension: HTTP Headers = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhbpoeinkhpajikalhfpjjafpfgjnmgk\216\
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime File not found
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROGNB] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe ()
O4 - HKCU..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatch.exe (Weather Protector LLC)
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatchApp.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63F51D66-BE30-48A9-8AEC-D1A33B4C3B12}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/24 22:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/10/24 15:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ORBTR
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Weather_Protector_LLC
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\StormWatch
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Extensions
[2014/10/24 12:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/10/24 12:20:07 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/24 12:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/10/24 12:19:47 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/10/24 12:19:47 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/10/24 12:19:47 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/10/24 12:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/10/23 11:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/10/23 11:48:01 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2014/10/23 11:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/10/23 11:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/10/23 11:34:21 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\EmieUserList
[2014/10/23 11:34:21 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\EmieSiteList
[2014/10/23 01:51:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/10/22 23:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros
[2014/10/22 23:13:50 | 000,000,000 | ---D | C] -- C:\Users\Nanette\OneDrive
[2014/10/22 23:12:41 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Identities
[2014/10/22 22:56:28 | 000,000,000 | --SD | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Favorites
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Documents
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Desktop
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\Temporary Internet Files
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Templates
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Start Menu
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\SendTo
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Recent
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\PrintHood
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\NetHood
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Videos
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Pictures
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Music
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\My Documents
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Local Settings
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\History
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Cookies
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Application Data
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\Application Data
[2014/10/22 22:56:28 | 000,000,000 | -H-D | C] -- C:\Users\Nanette\AppData
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Temp
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Microsoft
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/10/22 22:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/10/22 22:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/10/22 22:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/10/22 22:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2014/10/22 22:51:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/10/22 22:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/10/22 22:51:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/10/22 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/10/22 22:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/22 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/22 22:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/10/22 22:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Interenet Optimizer
[2014/10/22 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wEEbsaverr
[2014/10/22 14:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\wEEbsaverr
[2014/10/22 08:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\LizardSales
[2014/10/22 04:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\71b842e80ccd339
[2014/10/01 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Astromenda
[2014/10/01 20:17:35 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\FileZilla
[2014/10/01 20:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2014/10/01 17:36:36 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\OpenOffice
[2014/10/01 17:35:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
[2014/10/01 17:35:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2014/10/01 16:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/25 08:32:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98.job
[2014/10/25 08:23:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/24 15:21:47 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\WSE_Astromenda.job
[2014/10/24 15:21:46 | 000,001,120 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
[2014/10/24 15:21:45 | 000,001,117 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
[2014/10/24 15:19:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/24 15:18:39 | 000,000,075 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\sp_data.sys
[2014/10/24 15:17:08 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/24 15:17:07 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 13:25:14 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/24 13:25:14 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/24 13:25:14 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/24 13:17:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/24 13:17:49 | 3393,605,628 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/24 12:19:52 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/24 12:16:01 | 000,000,110 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\WB.CFG
[2014/10/23 11:48:06 | 000,001,397 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/10/22 23:09:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/10/22 23:09:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/10/22 23:06:35 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/22 23:00:46 | 000,362,544 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/10/22 22:52:04 | 000,001,316 | ---- | M] () -- C:\Users\Public\Desktop\AudioWizard.lnk
[2014/10/22 22:52:03 | 000,316,934 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2014/10/22 22:52:03 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/10/22 22:51:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/10/22 20:02:01 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
[2014/10/21 17:52:13 | 000,035,877 | ---- | M] () -- C:\Users\Nanette\Desktop\6b993cfd-3f0d-47cb-a5cc-aac190e2ef85.jpg
[2014/10/21 17:50:32 | 000,026,829 | ---- | M] () -- C:\Users\Nanette\Desktop\402850_399438636789150_1364588454_n.jpg
[2014/10/21 16:04:06 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\The Sims 4.lnk
[2014/10/20 10:01:20 | 000,022,214 | ---- | M] () -- C:\Users\Nanette\Desktop\BenefitVerificationLetter.do
[2014/10/20 08:27:22 | 000,104,920 | ---- | M] () -- C:\Users\Nanette\Desktop\$_57 (3).JPG
[2014/10/20 08:27:16 | 000,612,888 | ---- | M] () -- C:\Users\Nanette\Desktop\$_57 (2).JPG
[2014/10/17 13:20:30 | 000,185,511 | ---- | M] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank (1).pdf
[2014/10/17 13:15:33 | 000,185,511 | ---- | M] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank.pdf
[2014/10/01 20:16:12 | 000,000,270 | ---- | M] () -- C:\Users\Nanette\Desktop\Cut the Rope.url
[2014/10/01 17:35:55 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
[2014/10/01 11:11:30 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/09/28 00:57:02 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014/09/28 00:56:46 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\WebStorage.lnk
 
========== Files Created - No Company Name ==========
 
[2014/10/24 15:21:47 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\WSE_Astromenda.job
[2014/10/24 15:21:46 | 000,001,120 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
[2014/10/24 15:21:45 | 000,001,117 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
[2014/10/24 12:42:04 | 000,388,729 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/10/24 12:41:22 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/10/24 12:19:52 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/23 11:48:06 | 000,001,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/10/23 11:48:06 | 000,001,397 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/10/22 23:12:42 | 000,001,448 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/10/22 23:06:35 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/22 22:59:58 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/10/22 22:56:28 | 000,000,369 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/10/22 22:56:28 | 000,000,369 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/10/22 22:56:28 | 000,000,352 | ---- | C] () -- C:\Users\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/10/22 22:56:28 | 000,000,334 | ---- | C] () -- C:\Users\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/10/22 22:54:30 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/10/22 22:54:30 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/10/22 22:52:23 | 003,961,833 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014/10/22 22:52:04 | 000,001,328 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
[2014/10/22 22:52:04 | 000,001,316 | ---- | C] () -- C:\Users\Public\Desktop\AudioWizard.lnk
[2014/10/22 22:52:03 | 000,316,934 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2014/10/22 22:52:03 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/10/22 22:51:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/10/21 17:52:13 | 000,035,877 | ---- | C] () -- C:\Users\Nanette\Desktop\6b993cfd-3f0d-47cb-a5cc-aac190e2ef85.jpg
[2014/10/21 17:50:32 | 000,026,829 | ---- | C] () -- C:\Users\Nanette\Desktop\402850_399438636789150_1364588454_n.jpg
[2014/10/20 10:01:20 | 000,022,214 | ---- | C] () -- C:\Users\Nanette\Desktop\BenefitVerificationLetter.do
[2014/10/20 08:27:22 | 000,104,920 | ---- | C] () -- C:\Users\Nanette\Desktop\$_57 (3).JPG
[2014/10/20 08:27:16 | 000,612,888 | ---- | C] () -- C:\Users\Nanette\Desktop\$_57 (2).JPG
[2014/10/17 13:20:30 | 000,185,511 | ---- | C] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank (1).pdf
[2014/10/17 13:15:32 | 000,185,511 | ---- | C] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank.pdf
[2014/10/01 20:16:12 | 000,000,270 | ---- | C] () -- C:\Users\Nanette\Desktop\Cut the Rope.url
[2014/10/01 17:35:55 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
[2014/10/01 16:32:05 | 000,026,956 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014/09/25 14:07:45 | 000,010,450 | ---- | C] () -- C:\WINDOWS\SysNative\autoconfig.cab
[2014/09/24 02:24:06 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/09/24 02:23:34 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/05/08 11:40:54 | 000,000,110 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\WB.CFG
[2014/03/12 09:57:45 | 000,000,110 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/11 17:31:46 | 000,000,075 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\sp_data.sys
[2013/11/13 18:35:33 | 000,172,097 | ---- | C] () -- C:\WINDOWS\SysWow64\NoMSGuninstall.exe
[2013/11/13 18:35:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\UMonit64.exe
[2013/11/13 18:35:33 | 000,001,519 | ---- | C] () -- C:\WINDOWS\SysWow64\_IconCfg0.ini
[2013/11/13 18:35:33 | 000,000,911 | ---- | C] () -- C:\WINDOWS\SysWow64\ProductName.ini
[2013/11/13 18:35:33 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SysWow64\IconCfg0.ini
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/11 20:17:52 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2013/05/01 04:34:24 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013/05/01 04:34:24 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2013/05/01 04:34:24 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
 
========== ZeroAccess Check ==========
 
[2014/10/23 11:59:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/15 23:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/15 22:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/03/11 17:33:20 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\ASUS
[2014/03/11 17:33:19 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\ASUS WebStorage
[2014/09/14 01:37:59 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Awesomium
[2014/03/14 02:05:02 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Battle.net
[2014/04/23 02:36:29 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\CompuClever
[2014/10/01 22:29:40 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\FileZilla
[2014/09/09 15:47:09 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\MMFApplications
[2014/10/01 17:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\OpenOffice
[2014/03/15 02:10:58 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Origin
[2014/10/24 15:21:46 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\UpdaterEX
[2014/09/21 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Virtual Mechanics
[2014/04/04 20:03:02 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\WebStorage
[2014/05/08 10:50:48 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Windows
[2014/10/24 15:21:48 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Nanette\OneDrive:ms-properties

< End of report >


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, lets see if we can get you sorted out

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...NewSP218A_sp_ie
IE - HKCU\..\SearchScopes\{020F3A18-4782-4AEF-9E8C-08846C9DE968}: "URL" = http://astromenda.co...r=1242180888=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53945;https=127.0.0.1:53945
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatch.exe (Weather Protector LLC)
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatchApp.exe ()
[2014/10/24 15:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ORBTR
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Weather_Protector_LLC
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\StormWatch
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Extensions
[2014/10/22 22:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Interenet Optimizer
[2014/10/22 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wEEbsaverr
[2014/10/22 14:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\wEEbsaverr
[2014/10/22 08:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\LizardSales
[2014/10/22 04:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\71b842e80ccd339
[2014/10/01 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Astromenda
[2014/10/24 15:21:47 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\WSE_Astromenda.job
[2014/10/24 15:21:46 | 000,001,120 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
[2014/10/24 15:21:45 | 000,001,117 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
[2014/10/24 15:18:39 | 000,000,075 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\sp_data.sys
[2014/09/14 01:37:59 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Awesomium
[2014/10/24 15:21:48 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda

:Files
C:\Program Files (x86)\Search Extensions
C:\Program Files (x86)\Mobogenie
C:\Users\Nanette\AppData\Local\StormWatch

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Nanette (administrator) on STITCH on 25-10-2014 18:53:45
Running from C:\Users\Nanette\Downloads
Loaded Profile: Nanette (Available profiles: Nanette)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Electronic Arts) D:\Origin\Origin.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSPanel.exe
() C:\Program Files (x86)\Converter Free Online\ConverterFreeOnlineUpdt.exe
() C:\Program Files (x86)\Converter Free Online\Taskbar.exe
(Xportsoft Technologies) C:\Program Files\PC Optimizer Pro\StartApps.exe
() C:\Users\Nanette\AppData\Local\Microsoft\Windows\INetCache\IE\1BUSWR0L\AdwCleaner.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-24] (cyberlink)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3038067407-3065117882-2368412793-1002\...\Run: [EADM] => D:\Origin\Origin.exe [3600216 2014-09-17] (Electronic Arts)
HKU\S-1-5-21-3038067407-3065117882-2368412793-1002\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3038067407-3065117882-2368412793-1002\...\Run: [CFO] => C:\Program Files (x86)\Converter Free Online\Taskbar.exe [56952 2014-09-02] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{B42E4545-2F62-45AB-9B28-E255454CB425}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://xfinity.comca...id=mtmh03132014
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...&cr=64052401=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...&cr=64052401=
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {9AA97128-9101-4195-A4FE-8CD6B7A36797} URL = https://search.yahoo...&p={SearchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...&cr=64052401=
SearchScopes: HKCU - {9AA97128-9101-4195-A4FE-8CD6B7A36797} URL = https://search.yahoo...&p={SearchTerms}
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: ConverterFreeOnline -> {C37441D1-E3E2-4733-BA49-FB8C35629E5B} -> C:\Program Files (x86)\Converter Free Online\ConverterFreeOnline_x64.dll ()
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: ArcadeParlor Games -> {39AD0726-986D-40F9-972B-E3BFA24B7745} -> C:\Users\Nanette\AppData\Local\ArcadeParlor\Arcadeparlor.dll ()
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: ConverterFreeOnline -> {C37441D1-E3E2-4733-BA49-FB8C35629E5B} -> C:\Program Files (x86)\Converter Free Online\ConverterFreeOnline.dll ()
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Program Files (x86)\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Program Files (x86)\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: ArcadeParlor - C:\Users\Nanette\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2014-10-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-05-11]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-11]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2014-10-25]
CHR Extension: (No Name) - C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2014-10-25]
CHR Extension: (SiteAdvisor) - C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-22]
CHR Extension: (Cocktail Maker) - C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiacbhfnlfebjddbeigkkajdpeichne [2014-10-22]
CHR Extension: (HTTP Headers) - C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhbpoeinkhpajikalhfpjjafpfgjnmgk [2014-10-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows ® Win 7 DDK provider)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-04-24] (CyberLink)
R2 ConverterFreeOnlineUpdt; C:\Program Files (x86)\Converter Free Online\ConverterFreeOnlineUpdt.exe [256512 2014-09-02] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [342016 2013-09-04] (Qualcomm Atheros) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]
S2 jhi_service; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3812048 2013-05-30] (Qualcomm Atheros, Inc.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-25] (Symantec Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 18:53 - 2014-10-25 18:54 - 00025516 _____ () C:\Users\Nanette\Downloads\FRST.txt
2014-10-25 18:53 - 2014-10-25 18:53 - 02112512 _____ (Farbar) C:\Users\Nanette\Downloads\FRST64.exe
2014-10-25 18:53 - 2014-10-25 18:53 - 00000000 ____D () C:\FRST
2014-10-25 18:22 - 2014-10-25 18:24 - 00000000 ____D () C:\AdwCleaner
2014-10-25 17:16 - 2014-10-25 18:45 - 00000454 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00003612 _____ () C:\WINDOWS\System32\Tasks\Norton Security Scan for Nanette
2014-10-25 17:16 - 2014-10-25 17:16 - 00003446 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Updates
2014-10-25 17:16 - 2014-10-25 17:16 - 00003136 _____ () C:\WINDOWS\System32\Tasks\ArcadeParlor
2014-10-25 17:16 - 2014-10-25 17:16 - 00002860 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Idle
2014-10-25 17:16 - 2014-10-25 17:16 - 00002836 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro startups
2014-10-25 17:16 - 2014-10-25 17:16 - 00001479 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-10-25 17:16 - 2014-10-25 17:16 - 00000922 _____ () C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2014-10-25 17:16 - 2014-10-25 17:16 - 00000470 ____H () C:\WINDOWS\Tasks\Norton Security Scan for Nanette.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000456 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000428 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro startups.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000294 _____ () C:\WINDOWS\Tasks\ArcadeParlor.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Mozilla
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\Users\Nanette\AppData\Local\ArcadeParlor
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
2014-10-25 17:16 - 2014-02-19 00:52 - 00159032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ATL90.dll
2014-10-25 17:15 - 2014-10-25 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-10-25 17:15 - 2014-10-25 17:16 - 00000000 ____D () C:\Program Files\PC Optimizer Pro
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSSx64
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\ProgramData\Norton
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\Program Files (x86)\File Type Helper
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\Program Files (x86)\Converter Free Online
2014-10-25 16:45 - 2014-10-25 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-25 16:40 - 2014-10-25 16:42 - 00000075 _____ () C:\Users\Nanette\AppData\Roaming\sp_data.sys
2014-10-25 16:25 - 2014-10-25 16:25 - 00000000 ____D () C:\_OTL
2014-10-25 09:56 - 2014-10-25 09:56 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (11).exe
2014-10-25 09:55 - 2014-10-25 09:55 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (10).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (9).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (3).exe
2014-10-25 09:40 - 2014-10-25 09:40 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (2).exe
2014-10-25 09:18 - 2014-10-25 09:18 - 00083104 _____ () C:\Users\Nanette\Downloads\Extras.Txt
2014-10-25 09:17 - 2014-10-25 16:09 - 00197120 _____ () C:\Users\Nanette\Downloads\OTL.Txt
2014-10-25 09:07 - 2014-10-25 09:07 - 00602112 _____ (OldTimer Tools) C:\Users\Nanette\Downloads\OTL.exe
2014-10-24 15:34 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (1).exe
2014-10-24 15:33 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup.exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (8).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (7).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (6).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (5).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (4).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00004324 _____ () C:\WINDOWS\System32\Tasks\RocketTab Update Task
2014-10-24 15:21 - 2014-10-24 15:21 - 00003536 _____ () C:\WINDOWS\System32\Tasks\RocketTab
2014-10-24 15:21 - 2014-10-24 15:21 - 00002652 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-10-24 12:46 - 2014-09-29 17:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-24 12:46 - 2014-09-29 17:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-24 12:43 - 2014-10-24 12:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-24 12:42 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-24 12:42 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-24 12:42 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-24 12:42 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-24 12:42 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-24 12:42 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-24 12:42 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-24 12:42 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-24 12:42 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-24 12:42 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-24 12:42 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-24 12:42 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-24 12:42 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-24 12:42 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-24 12:42 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-24 12:42 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-24 12:42 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-24 12:42 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-24 12:42 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-24 12:42 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 12:42 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-24 12:42 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-24 12:42 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-24 12:42 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 12:42 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-24 12:42 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-24 12:42 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-24 12:42 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-24 12:42 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-24 12:42 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-24 12:42 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-24 12:42 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-24 12:42 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-24 12:42 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-24 12:42 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-24 12:42 - 2014-07-31 18:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-24 12:42 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-24 12:42 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-24 12:41 - 2014-05-03 00:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-24 12:41 - 2014-05-03 00:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-24 12:41 - 2014-05-03 00:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-24 12:41 - 2014-05-03 00:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-24 12:41 - 2014-05-02 23:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-24 12:41 - 2014-05-02 23:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-24 12:41 - 2014-05-02 23:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-24 12:41 - 2014-05-02 18:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-24 12:41 - 2014-04-30 01:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-24 12:41 - 2014-04-30 01:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-24 12:41 - 2014-04-30 01:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-24 12:41 - 2014-04-30 01:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-24 12:41 - 2014-04-30 00:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-24 12:41 - 2014-04-29 23:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-24 12:41 - 2014-04-29 23:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-24 12:41 - 2014-04-29 23:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-24 12:41 - 2014-04-29 23:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-24 12:41 - 2014-04-29 23:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-24 12:41 - 2014-04-29 23:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-24 12:41 - 2014-04-29 22:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-24 12:41 - 2014-04-29 22:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-24 12:41 - 2014-04-29 22:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-24 12:41 - 2014-04-29 22:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-24 12:41 - 2014-04-29 22:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-24 12:41 - 2014-04-29 22:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-24 12:41 - 2014-04-28 17:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-24 12:41 - 2014-04-26 11:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-24 12:41 - 2014-04-14 04:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-24 12:41 - 2014-04-14 03:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-24 12:41 - 2014-04-14 00:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-24 12:39 - 2014-10-25 12:00 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-10-24 12:39 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-24 12:39 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-24 12:39 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-24 12:39 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-24 12:39 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-24 12:39 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-24 12:39 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-24 12:39 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-24 12:39 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-24 12:39 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-24 12:39 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-24 12:39 - 2014-07-11 23:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-24 12:39 - 2014-07-09 23:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-24 12:39 - 2014-06-01 21:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-24 12:39 - 2014-05-31 01:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-24 12:39 - 2014-05-31 01:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-24 12:39 - 2014-05-30 23:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-24 12:39 - 2014-05-30 23:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-24 12:39 - 2014-05-30 23:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-24 12:39 - 2014-05-27 04:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-24 12:39 - 2014-05-27 04:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-24 12:38 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-24 12:38 - 2014-07-15 13:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-24 12:38 - 2014-07-15 03:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-24 12:38 - 2014-07-15 03:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-24 12:38 - 2014-07-15 03:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-24 12:20 - 2014-10-24 15:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 12:19 - 2014-10-24 12:19 - 00000824 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 12:19 - 2014-10-24 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 12:19 - 2014-10-24 12:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 12:19 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-24 12:19 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-24 12:19 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-24 12:18 - 2014-10-24 12:18 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Nanette\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-10-24 12:16 - 2014-10-24 12:16 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Nanette\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-23 12:00 - 2014-10-23 12:00 - 00004026 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-10-23 11:51 - 2014-10-23 11:51 - 00873768 _____ ( ) C:\Users\Nanette\Downloads\adobe_flash_setup.exe
2014-10-23 11:48 - 2014-10-23 11:48 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-23 11:48 - 2014-10-23 11:48 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-23 11:48 - 2014-10-23 11:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-10-23 11:48 - 2014-10-23 11:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-23 11:48 - 2014-10-23 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-23 11:48 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-10-23 11:47 - 2014-10-23 11:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-23 11:34 - 2014-10-25 15:27 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{85F7B79A-9547-43A4-BD96-AB826802D23C}
2014-10-23 11:34 - 2014-10-23 11:34 - 00000000 __SHD () C:\Users\Nanette\AppData\Local\EmieUserList
2014-10-23 11:34 - 2014-10-23 11:34 - 00000000 __SHD () C:\Users\Nanette\AppData\Local\EmieSiteList
2014-10-23 01:51 - 2014-10-22 23:12 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 01:50 - 2014-10-23 01:50 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-23 01:50 - 2014-10-23 01:50 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-23 01:50 - 2014-10-23 01:50 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-23 01:50 - 2014-10-23 01:50 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-23 01:50 - 2014-10-23 01:50 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-23 01:50 - 2014-10-23 01:50 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-23 01:50 - 2014-10-23 01:50 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 01:50 - 2014-10-23 01:50 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-23 01:50 - 2014-10-23 01:50 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-23 01:49 - 2014-10-23 01:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 01:45 - 2014-10-23 01:45 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-23 01:45 - 2014-10-23 01:45 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-23 01:45 - 2014-10-23 01:45 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-23 01:45 - 2014-10-23 01:45 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-23 01:45 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-23 01:45 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 01:45 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-23 01:45 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-22 23:14 - 2014-10-22 23:14 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-10-22 23:13 - 2014-10-25 16:41 - 00000000 ____D () C:\Users\Nanette\OneDrive
2014-10-22 23:12 - 2014-10-22 23:12 - 00001448 _____ () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-22 23:12 - 2014-10-22 23:12 - 00000020 ___SH () C:\Users\Nanette\ntuser.ini
2014-10-22 23:06 - 2014-10-22 23:06 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-22 22:59 - 2014-10-22 22:59 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-22 22:56 - 2014-10-22 23:13 - 00000000 ____D () C:\Users\Nanette
2014-10-22 22:56 - 2014-10-22 22:56 - 00000000 ___RD () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-22 22:56 - 2014-10-22 22:56 - 00000000 ___RD () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-22 22:56 - 2014-10-22 22:56 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-22 22:56 - 2014-09-24 02:23 - 00000369 _____ () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-22 22:56 - 2014-09-24 02:23 - 00000369 _____ () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-22 22:56 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-22 22:56 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-22 22:54 - 2014-10-22 23:09 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-10-22 22:54 - 2014-10-22 23:09 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-10-22 22:52 - 2014-10-25 16:51 - 01484881 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-22 22:52 - 2014-10-25 16:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-22 22:52 - 2014-10-22 22:57 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-22 22:52 - 2014-10-22 22:57 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-22 22:52 - 2014-10-22 22:52 - 00316934 _____ () C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2014-10-22 22:52 - 2014-10-22 22:52 - 00001328 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2014-10-22 22:52 - 2014-10-22 22:52 - 00001316 _____ () C:\Users\Public\Desktop\AudioWizard.lnk
2014-10-22 22:52 - 2014-10-22 22:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-22 22:52 - 2014-10-22 22:52 - 00000000 ____D () C:\Program Files\Elantech
2014-10-22 22:52 - 2014-09-13 16:53 - 06890696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-22 22:52 - 2014-09-13 16:53 - 03529872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-22 22:52 - 2014-09-13 16:53 - 02557640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-22 22:52 - 2014-09-13 16:53 - 00934216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-22 22:52 - 2014-09-13 16:53 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-22 22:52 - 2014-09-13 16:53 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-22 22:52 - 2014-09-11 10:37 - 03961833 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-10-22 22:51 - 2014-10-22 22:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-22 22:51 - 2014-10-22 22:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-22 22:51 - 2014-10-22 22:51 - 00000000 ____D () C:\Program Files\Realtek
2014-10-22 22:42 - 2014-10-22 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 22:42 - 2014-10-22 22:42 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 22:42 - 2014-10-22 22:42 - 00000000 ____D () C:\ProgramData\Sun
2014-10-22 22:42 - 2014-10-22 22:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-22 22:39 - 2014-10-22 22:39 - 00638888 _____ (Oracle Corporation) C:\Users\Nanette\Downloads\chromeinstall-8u25.exe
2014-10-21 16:17 - 2014-10-22 23:09 - 00011315 _____ () C:\WINDOWS\comsetup.log
2014-10-20 10:01 - 2014-10-20 10:01 - 00022214 _____ () C:\Users\Nanette\Desktop\BenefitVerificationLetter.do
2014-10-15 14:44 - 2014-10-09 23:47 - 00275968 ____N (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-01 20:50 - 2014-10-01 20:50 - 00000072 _____ () C:\Users\Nanette\Downloads\#LA`BY`NIGHT.20090302.log
2014-10-01 20:17 - 2014-10-01 22:29 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\FileZilla
2014-10-01 20:16 - 2014-10-22 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-10-01 20:16 - 2014-10-01 20:16 - 00000270 _____ () C:\Users\Nanette\Desktop\Cut the Rope.url
2014-10-01 20:15 - 2014-10-01 20:14 - 06057862 _____ (Tim Kosse) C:\Users\Nanette\Downloads\FileZilla_3.9.0.5_win32-setup [1].exe
2014-10-01 20:14 - 2014-10-01 20:14 - 00764040 _____ ( ) C:\Users\Nanette\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-10-01 18:07 - 2014-10-01 18:07 - 00059298 _____ () C:\Users\Nanette\Downloads\#Bloodties.20090125.log
2014-10-01 17:36 - 2014-10-01 17:36 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\OpenOffice
2014-10-01 17:35 - 2014-10-22 23:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-01 17:35 - 2014-10-01 17:35 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-10-01 17:35 - 2014-10-01 17:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-01 17:32 - 2014-10-01 17:33 - 140852175 _____ () C:\Users\Nanette\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US (1).exe
2014-10-01 16:33 - 2014-10-01 16:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-01 16:33 - 2014-09-13 15:13 - 00613696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-10-01 16:32 - 2014-09-16 23:51 - 01538880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2014-10-01 16:32 - 2014-09-16 23:51 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-10-01 16:32 - 2014-09-16 23:51 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 31887680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 24552592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 20922512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 20589536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 19954520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 18106152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 17259664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 16875856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 14026304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 13939272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 13157696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-10-01 16:32 - 2014-09-13 18:48 - 11392576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 11330776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 04287296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 04008592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 03223120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 02838424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434411.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 01539272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434411.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00957584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00925896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00919240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00894096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00501064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00417096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00393024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00348304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-10-01 16:32 - 2014-09-13 18:48 - 00026956 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-10-01 16:30 - 2014-09-16 21:13 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-10-01 16:30 - 2014-09-16 21:12 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-10-01 16:30 - 2014-09-04 14:14 - 00038048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-10-01 16:30 - 2014-09-04 14:14 - 00034976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-10-01 16:30 - 2014-09-04 14:14 - 00032416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-09-28 00:52 - 2014-09-28 00:52 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Nanette\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-25 14:07 - 2014-06-24 02:35 - 00010450 ____N () C:\WINDOWS\system32\autoconfig.cab

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 18:32 - 2014-06-19 03:22 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98.job
2014-10-25 18:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-25 17:25 - 2014-03-11 17:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3038067407-3065117882-2368412793-1002
2014-10-25 16:42 - 2014-09-24 02:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-25 16:40 - 2014-03-27 03:07 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-25 16:40 - 2014-03-27 03:07 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-25 16:35 - 2014-09-24 02:03 - 00029364 _____ () C:\WINDOWS\PFRO.log
2014-10-25 16:35 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-25 16:35 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-25 12:00 - 2013-11-13 18:39 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-10-25 09:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-25 09:12 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-24 15:33 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-24 15:22 - 2014-03-12 10:04 - 00000000 ____D () C:\ProgramData\Origin
2014-10-24 15:21 - 2014-05-08 11:40 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\UpdaterEX
2014-10-24 13:17 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-24 13:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-24 12:42 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-24 12:32 - 2012-08-01 20:36 - 00000000 ____D () C:\WINDOWS\ASUS
2014-10-24 12:22 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-24 12:16 - 2014-05-08 11:40 - 00000110 _____ () C:\Users\Nanette\AppData\Roaming\WB.CFG
2014-10-23 12:05 - 2013-11-13 18:24 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-23 12:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-23 01:50 - 2013-08-22 10:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 01:50 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-23 01:50 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-23 01:50 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-22 23:14 - 2014-04-18 06:21 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-22 23:14 - 2014-03-11 17:33 - 00000000 ____D () C:\Users\Nanette\Documents\Bluetooth Folder
2014-10-22 23:14 - 2013-11-13 18:32 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-10-22 23:14 - 2013-08-22 09:46 - 00291032 _____ () C:\WINDOWS\setupact.log
2014-10-22 23:14 - 2013-08-22 09:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-10-22 23:13 - 2014-03-11 17:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-22 23:13 - 2014-03-11 17:31 - 00000000 ____D () C:\Users\Nanette\AppData\Local\Packages
2014-10-22 23:05 - 2013-08-22 10:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-22 23:05 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-22 23:00 - 2014-09-24 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-10-22 23:00 - 2014-09-18 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled 3
2014-10-22 23:00 - 2014-09-02 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2014-10-22 23:00 - 2014-06-22 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-10-22 23:00 - 2014-06-19 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-10-22 23:00 - 2014-06-16 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2014-10-22 23:00 - 2014-05-15 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies
2014-10-22 23:00 - 2014-05-07 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space
2014-10-22 23:00 - 2014-04-23 16:12 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-22 23:00 - 2014-04-23 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-22 23:00 - 2014-04-15 19:37 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2014-10-22 23:00 - 2014-04-13 13:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-22 23:00 - 2014-03-27 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-22 23:00 - 2014-03-13 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-10-22 23:00 - 2013-11-13 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Gaming Mouse
2014-10-22 23:00 - 2013-11-13 18:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\Atheros_L1e
2014-10-22 23:00 - 2013-11-13 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-22 23:00 - 2013-08-22 09:44 - 00362544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-22 23:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-22 23:00 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-22 23:00 - 2013-05-01 04:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-22 23:00 - 2013-05-01 04:37 - 00000000 ____D () C:\WINDOWS\fr
2014-10-22 23:00 - 2013-05-01 04:37 - 00000000 ____D () C:\WINDOWS\es
2014-10-22 23:00 - 2013-05-01 04:37 - 00000000 ____D () C:\WINDOWS\en
2014-10-22 23:00 - 2013-05-01 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-10-22 22:59 - 2014-09-24 01:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-22 22:59 - 2014-09-24 01:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-22 22:59 - 2014-09-24 01:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-22 22:59 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-22 22:59 - 2013-08-22 10:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-22 22:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-22 22:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-22 22:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-22 22:59 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-22 22:57 - 2014-03-15 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-10-22 22:57 - 2014-03-14 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-10-22 22:57 - 2014-03-14 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-10-22 22:57 - 2014-03-14 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-10-22 22:57 - 2013-11-13 18:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2014-10-22 22:57 - 2013-11-13 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2014-10-22 22:57 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-22 22:57 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-22 22:57 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-22 22:57 - 2012-08-01 20:24 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-22 22:56 - 2014-04-04 21:30 - 00000000 ____D () C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-10-22 22:56 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-22 22:51 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Default
2014-10-22 22:43 - 2013-11-13 18:25 - 01958202 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-22 20:02 - 2014-05-11 10:43 - 00001860 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-10-22 02:27 - 2014-06-19 03:22 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98
2014-10-22 02:27 - 2014-03-27 03:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-21 16:12 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-21 16:04 - 2014-09-02 15:43 - 00001026 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-10-18 19:43 - 2014-05-11 10:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-18 14:39 - 2014-03-14 01:57 - 00000000 ____D () C:\Users\Nanette\AppData\Local\Battle.net
2014-10-15 14:54 - 2014-03-20 03:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 14:53 - 2014-03-20 03:12 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-01 18:49 - 2014-03-13 02:25 - 00000000 ____D () C:\Users\Nanette\AppData\Local\CrashDumps
2014-10-01 16:33 - 2013-11-13 18:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-01 16:30 - 2014-03-15 01:54 - 00000000 ____D () C:\Users\Nanette\AppData\Local\NVIDIA Corporation
2014-09-28 00:57 - 2014-06-16 14:09 - 00000872 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-09-28 00:56 - 2014-04-04 20:02 - 00001288 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-09-28 00:56 - 2013-05-01 04:36 - 00275512 _____ () C:\WINDOWS\DirectX.log

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some content of TEMP:
====================
C:\Users\Nanette\AppData\Local\Temp\Quarantine.exe
C:\Users\Nanette\AppData\Local\Temp\sqlite3.dll
C:\Users\Nanette\AppData\Local\Temp\SymCCIS.dll
C:\Users\Nanette\AppData\Local\Temp\SymInstallStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-22 22:51

==================== End Of Log ============================


  • 0

#4
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

# AdwCleaner v4.001 - Report created 25/10/2014 at 18:24:10
# Updated 20/10/2014 by Xplode
# Database : 2014-10-23.2
# Operating System : Windows 8.1  (64 bits)
# Username : Nanette - STITCH
# Running from : C:\Users\Nanette\AppData\Local\Microsoft\Windows\INetCache\IE\1BUSWR0L\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
File Found : C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
File Found : C:\Users\Nanette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk
File Found : C:\Users\Nanette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC Optimizer Pro.lnk
File Found : C:\Users\Nanette\daemonprocess.txt
File Found : C:\Users\Public\Desktop\PC Optimizer Pro.lnk
Folder Found : C:\Program Files (x86)\File Type Helper
Folder Found : C:\Program Files\PC Optimizer Pro
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
Folder Found : C:\Users\Nanette\AppData\Local\Mobogenie
Folder Found : C:\Users\Nanette\AppData\Roaming\UpdaterEX
Folder Found : C:\Users\Nanette\Documents\Mobogenie
Folder Found : C:\Users\Nanette\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****

Task Found : LaunchSignup
Task Found : PC Optimizer Pro Updates
Task Found : RocketTab Update Task
Task Found : RocketTab
Task Found : UpdaterEX

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\RocketTabInstalled
Key Found : HKCU\Software\Search Extensions
Key Found : HKCU\Software\UpdaterEX
Key Found : HKCU\Software\usyndication.com
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\pc optimizer pro
Key Found : [x64] HKCU\Software\RocketTabInstalled
Key Found : [x64] HKCU\Software\Search Extensions
Key Found : [x64] HKCU\Software\UpdaterEX
Key Found : [x64] HKCU\Software\usyndication.com
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\.
Key Found : HKLM\SOFTWARE\Classes\..9
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0b0e53c3-422c-46ec-b7d2-6173c7ace5b9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Found : HKLM\SOFTWARE\RocketTab
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0b0e53c3-422c-46ec-b7d2-6173c7ace5b9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pc optimizer pro
Key Found : [x64] HKLM\SOFTWARE\pc optimizer pro
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [7940 octets] - [25/10/2014 18:24:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8000 octets] ##########


  • 0

#5
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2014

 

Ran by Nanette at 2014-10-25 18:54:14

 

Running from C:\Users\Nanette\Downloads

 

Boot Mode: Normal

 

==========================================================

 

 

 

==================== Security Center ========================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

 

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

 

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

 

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

 

 

==================== Installed Programs ======================

 

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

 

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

 

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

 

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

 

ArcadeParlor (HKCU\...\{B74443DB-5A88-4583-860A-F0D06EF399E3}) (Version:  - ArcadeParlor)

 

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.6 - ASUS)

 

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)

 

ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.025 - ASUS)

 

ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)

 

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)

 

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)

 

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)

 

ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden

 

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)

 

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)

 

Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden

 

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

 

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

 

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

 

Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)

 

BrowserSafeguard with RocketTab (HKLM-x32\...\RocketTab) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION

 

Converter Free Online version 9.17 (HKLM-x32\...\Converter Free Online_is1) (Version: 9.17 - Converter Free Online)

 

Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden

 

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

 

Daggerfall (HKLM-x32\...\{75118CF3-44B5-411A-B3DD-C10432217693}) (Version: 1.00.0000 - Bethesda Softworks)

 

Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)

 

ETDWare PS/2-X64 11.5.9.1_WHQL (HKLM\...\Elantech) (Version: 11.5.9.1 - ELAN Microelectronic Corp.)

 

FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)

 

Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)

 

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)

 

Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden

 

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

 

InfiniteCrisis_FDC009D508D4 (HKLM-x32\...\InfiniteCrisis_FDC009D508D4) (Version:  - Turbine, Inc)

 

Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version:  - BullPoint) <==== ATTENTION

 

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

 

Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden

 

LizardSales (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - LizardSales) <==== ATTENTION

 

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

 

McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)

 

McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)

 

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

 

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

 

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

 

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

 

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

 

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

 

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

 

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

 

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

 

MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)

 

Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.31 - Symantec Corporation)

 

NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)

 

NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden

 

NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)

 

NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden

 

NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)

 

NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)

 

NVIDIA Install Application (Version: 2.1002.158.1212 - NVIDIA Corporation) Hidden

 

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

 

NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden

 

NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden

 

NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

 

NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden

 

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

 

NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden

 

NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden

 

NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden

 

OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)

 

Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)

 

PC Optimizer Pro (HKLM\...\PC Optimizer Pro) (Version: 7.0.6.2 - Xportsoft Technologies) <==== ATTENTION

 

Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)

 

Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

 

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)

 

Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.33.1267 - Qualcomm Atheros) Hidden

 

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.229 - Qualcomm Atheros Communications)

 

Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.17 - Qualcomm Atheros Inc.)

 

Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.33.1267 - Qualcomm Atheros) Hidden

 

Qualcomm Atheros Killer Wireless-N Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.0.33.1267 - Qualcomm Atheros)

 

Qualcomm Atheros Network Manager (Version: 1.0.33.1267 - Qualcomm Atheros) Hidden

 

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

 

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)

 

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

 

SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden

 

SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden

 

SiteSpinner (HKLM-x32\...\{826C3E36-A1C6-4183-B220-34A113E0CE9F}) (Version: 2.70.6 - Virtual Mechanics)

 

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

 

StormWatch (HKCU\...\StormWatch) (Version: 1.0.1.27 - StormWatch)

 

Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden

 

The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)

 

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)

 

The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)

 

The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)

 

The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)

 

The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)

 

The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)

 

The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)

 

The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)

 

The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)

 

The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)

 

The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)

 

The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)

 

The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)

 

The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

 

The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

 

The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)

 

The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)

 

The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)

 

The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)

 

The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

 

The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts Inc.)

 

Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.7.2 - Electronic Arts)

 

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

 

WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.10.398 - ASUS Cloud Corporation)

 

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)

 

WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

 

Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

 

Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

 

WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

 

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

 

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

 

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

 

Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

 

影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

 

 

==================== Custom CLSID (selected items): ==========================

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

 

==================== Restore Points  =========================

 

 

24-10-2014 17:42:48 Windows Update

 

25-10-2014 21:25:51 OTL Restore Point - 10/25/2014 4:25:51 PM

 

 

==================== Hosts content: ==========================

 

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

 

2013-08-22 08:25 - 2014-10-25 16:26 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

::1       localhost

 

 

==================== Scheduled Tasks (whitelisted) =============

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

 

Task: {01F92009-B512-42AC-8B41-B3CE65C92D62} - System32\Tasks\Norton Security Scan for Nanette => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.31\Nss.exe [2014-08-21] (Symantec Corporation)

 

Task: {035D7BDB-585B-49EC-964C-7A96EA7D987A} - System32\Tasks\UpdaterEX => C:\Users\Nanette\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

 

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

 

Task: {0FB39C8A-3B30-4784-BB7B-DB3F54C0562B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)

 

Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

 

Task: {1946A46A-215C-4D51-BB8D-D732DF22A61F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)

 

Task: {1D75BF02-B1DD-4216-B0D1-F5109394CBE6} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION

 

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

 

Task: {2BDCD2CF-510F-4E89-871E-28B072E725B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe

 

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

 

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

 

Task: {37708282-8E36-43EB-A771-BE49A6ED466E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

 

Task: {3854DB0A-8B3A-4C69-97DE-5995D4D75B30} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe

 

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

 

Task: {3BE678DE-27F5-4ECD-A80C-A79DA5AA26B1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)

 

Task: {3D7353D1-DB1F-4E9B-8511-3DD9935A9585} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION

 

Task: {3FC29312-3598-4A53-9E9C-6B76E98984DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

 

Task: {42D6EAB3-7BB0-4D79-A22C-3D6282EC8F19} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION

 

Task: {493B5C20-BA45-4A0F-A702-4EE517DD29BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-15] (Microsoft Corporation)

 

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

 

Task: {4A1772C9-99BB-4160-8A37-E89C5CA6B0C1} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)

 

Task: {5CFE9508-36B5-4498-9D8E-B790C013D7E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()

 

Task: {5DF01E07-7674-40EB-8421-BB2500953339} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)

 

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

 

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

 

Task: {6EAB6A98-6BF1-43D6-8F00-F08B27B4170C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)

 

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

 

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

 

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

 

Task: {8CABA961-24B0-45F0-9A6B-5A9952477962} - System32\Tasks\RocketTab => C:\WINDOWS\system32\cmd.exe [2013-08-22] (Microsoft Corporation) <==== ATTENTION

 

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

 

Task: {8EF8EFDF-66CA-448C-A72C-C2C9021ECC8E} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe

 

Task: {97089067-B7A4-420D-888C-87E98252E71A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

 

Task: {9A823740-E6AF-448A-B61C-3FB16097D69D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

 

Task: {9B8FF47A-3A2F-4CFF-89DF-D5307AD8A28A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)

 

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

 

Task: {B31635F8-8976-4327-9682-52A38C7418CE} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2013-08-22] (Microsoft Corporation)

 

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

 

Task: {D641DEF4-9B04-4C70-B2A8-8781994A693F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)

 

Task: {D6E6E288-AAE5-44E8-88D5-0A5F846E476D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

 

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

 

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

 

Task: {DB1A375D-1C9E-498F-A6F2-A430110AA9DB} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION

 

Task: {DC7F0D42-FB22-48BA-9B08-BF64A1D2D05B} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION

 

Task: {DFB561F3-8F77-4A46-BA8C-C91E2AE0F50E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe

 

Task: {DFC0A2BC-EA13-4905-8BF7-504C8BBECAEA} - System32\Tasks\ArcadeParlor => C:\Users\Nanette\AppData\Local\ArcadeParlor\versioncheck.exe [2014-10-25] ()

 

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

 

Task: {E97D4480-F704-4182-BD49-197159EAF3F5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)

 

Task: C:\WINDOWS\Tasks\ArcadeParlor.job => C:\Users\Nanette\AppData\Local\ArcadeParlor\versioncheck.exe

 

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

Task: C:\WINDOWS\Tasks\Norton Security Scan for Nanette.job => C:\PROGRA~2\NORTON~2\Engine\410~1.31\Nss.exe

 

Task: C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

 

Task: C:\WINDOWS\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

 

Task: C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

 

Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Nanette\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

 

 

==================== Loaded Modules (whitelisted) =============

 

 

2014-10-22 22:52 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

 

2012-12-19 01:10 - 2012-12-19 01:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe

 

2013-07-23 12:54 - 2013-07-23 12:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

 

2013-06-13 15:44 - 2013-06-13 15:44 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

 

2013-06-13 15:40 - 2013-06-13 15:40 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll

 

2013-06-13 15:47 - 2013-06-13 15:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

 

2013-11-13 18:35 - 2013-03-14 04:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe

 

2013-09-04 14:03 - 2013-09-04 14:03 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

 

2013-11-13 18:39 - 2013-05-15 17:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe

 

2014-10-25 17:15 - 2014-09-02 19:41 - 00256512 _____ () C:\Program Files (x86)\Converter Free Online\ConverterFreeOnlineUpdt.exe

 

2014-10-25 17:15 - 2014-09-02 19:41 - 00056952 _____ () C:\Program Files (x86)\Converter Free Online\Taskbar.exe

 

2014-10-25 18:22 - 2014-10-25 18:22 - 01962496 _____ () C:\Users\Nanette\AppData\Local\Microsoft\Windows\INetCache\IE\1BUSWR0L\AdwCleaner.exe

 

2014-10-23 11:47 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

 

2014-10-23 11:47 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

 

2014-10-23 11:47 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

 

2014-10-23 11:47 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

 

2014-10-23 11:47 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

 

2013-08-19 20:16 - 2013-08-19 20:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll

 

2013-08-16 13:03 - 2013-08-16 13:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00962560 _____ () D:\Origin\platforms\qwindows.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00024064 _____ () D:\Origin\imageformats\qgif.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00025088 _____ () D:\Origin\imageformats\qico.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00217088 _____ () D:\Origin\imageformats\qjpeg.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00261632 _____ () D:\Origin\imageformats\qmng.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00019968 _____ () D:\Origin\imageformats\qtga.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00302592 _____ () D:\Origin\imageformats\qtiff.dll

 

2014-09-17 15:57 - 2014-09-17 15:57 - 00018944 _____ () D:\Origin\imageformats\qwbmp.dll

 

2014-03-14 10:08 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

 

2014-10-25 17:16 - 2014-10-25 17:16 - 00188536 _____ () C:\Users\Nanette\AppData\Local\ArcadeParlor\Arcadeparlor.dll

 

2014-10-25 17:15 - 2014-09-02 19:41 - 00116856 _____ () C:\Program Files (x86)\Converter Free Online\ConverterFreeOnline.dll

 

 

==================== Alternate Data Streams (whitelisted) =========

 

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

AlternateDataStreams: C:\Users\Nanette\OneDrive:ms-properties

 

 

==================== Safe Mode (whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

 

 

==================== EXE Association (whitelisted) =============

 

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

(Currently there is no automatic fix for this section.)

 

 

 

========================= Accounts: ==========================

 

 

Administrator (S-1-5-21-3038067407-3065117882-2368412793-500 - Administrator - Disabled)

 

Guest (S-1-5-21-3038067407-3065117882-2368412793-501 - Limited - Disabled)

 

Nanette (S-1-5-21-3038067407-3065117882-2368412793-1002 - Administrator - Enabled) => C:\Users\Nanette

 

 

==================== Faulty Device Manager Devices =============

 

 

Name:

 

Description:

 

Class Guid:

 

Manufacturer:

 

Service:

 

Problem: : The drivers for this device are not installed. (Code 28)

 

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

 

==================== Event log errors: =========================

 

 

Application errors:

 

==================

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the app_id registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the app_id registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the ext_params registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the ext_params registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Name registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Name registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Version registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Version registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Url registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Url registry value, code: 6

 

 

 

System errors:

 

=============

 

Error: (10/25/2014 04:37:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

 

Description: The Intel® Dynamic Application Loader Host Interface Service service failed to start due to the following error:

 

%%2

 

 

Error: (10/25/2014 04:25:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

 

Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

Error: (10/25/2014 03:54:54 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 03:54:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 02:37:07 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 02:17:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 11:45:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 09:58:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 09:18:07 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

Error: (10/25/2014 08:57:45 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

 

Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

 

 

 

Microsoft Office Sessions:

 

=========================

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the app_id registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the app_id registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the ext_params registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the ext_params registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Name registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Name registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Version registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Version registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a value of the Url registry value, code: 6

 

 

Error: (10/25/2014 06:54:08 PM) (Source: ConverterFreeOnline) (EventID: 2) (User: )

 

Description: Can't query a buffer size for the Url registry value, code: 6

 

 

 

==================== Memory info ===========================

 

 

Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz

 

Percentage of memory in use: 10%

 

Total physical RAM: 24525.5 MB

 

Available physical RAM: 22039.86 MB

 

Total Pagefile: 28493.5 MB

 

Available Pagefile: 25669.96 MB

 

Total Virtual: 131072 MB

 

Available Virtual: 131071.8 MB

 

 

==================== Drives ================================

 

 

Drive c: (OS) (Fixed) (Total:94.95 GB) (Free:27.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]

 

Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:291.47 GB) NTFS

 

Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:427.45 GB) NTFS

 

Drive f: (DATA) (Fixed) (Total:121.98 GB) (Free:121.83 GB) NTFS

 

 

==================== MBR & Partition Table ==================

 

 

========================================================

 

Disk: 0 (Size: 931.5 GB) (Disk ID: 89743CC4)

 

 

Partition: GPT Partition Type.

 

 

========================================================

 

Disk: 1 (Size: 238.5 GB) (Disk ID: 5B98F280)

 

 

Partition: GPT Partition Type.

 

 

==================== End Of Log ============================


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
After this run could you let me know what problems remain

You will need to uninstall and then re-install Chrome as it has been changed to the developer build which is very insecure

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-10-25 17:16 - 2014-10-25 18:45 - 00000454 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00003446 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Updates
2014-10-25 17:16 - 2014-10-25 17:16 - 00002860 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Idle
2014-10-25 17:16 - 2014-10-25 17:16 - 00002836 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro startups
2014-10-25 17:16 - 2014-10-25 17:16 - 00001479 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-10-25 17:16 - 2014-10-25 17:16 - 00000922 _____ () C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2014-10-25 17:16 - 2014-10-25 17:16 - 00000456 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000428 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro startups.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
2014-10-25 17:15 - 2014-10-25 17:16 - 00000000 ____D () C:\Program Files\PC Optimizer Pro
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\Program Files (x86)\File Type Helper
2014-10-25 09:56 - 2014-10-25 09:56 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (11).exe
2014-10-25 09:55 - 2014-10-25 09:55 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (10).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (9).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (3).exe
2014-10-25 09:40 - 2014-10-25 09:40 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (2).exe
2014-10-24 15:34 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (1).exe
2014-10-24 15:33 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup.exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (8).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (7).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (6).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (5).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (4).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00004324 _____ () C:\WINDOWS\System32\Tasks\RocketTab Update Task
2014-10-24 15:21 - 2014-10-24 15:21 - 00003536 _____ () C:\WINDOWS\System32\Tasks\RocketTab
2014-10-24 15:21 - 2014-10-24 15:21 - 00002652 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Task: {3D7353D1-DB1F-4E9B-8511-3DD9935A9585} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {42D6EAB3-7BB0-4D79-A22C-3D6282EC8F19} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION
Task: {8CABA961-24B0-45F0-9A6B-5A9952477962} - System32\Tasks\RocketTab => C:\WINDOWS\system32\cmd.exe [2013-08-22] (Microsoft Corporation) <==== ATTENTION
Task: {DB1A375D-1C9E-498F-A6F2-A430110AA9DB} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION
Task: {DC7F0D42-FB22-48BA-9B08-BF64A1D2D05B} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Nanette\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#7
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I have a FRST64.exe but no FRST.exe alone.

 

 

I uninstalled and reinstalled Google Chrome. When I pull it up the following is still popping up un start up of Chrome.

 

http://www.trovi.com...NewSP218A_sp_ch

 

http://astromenda.co...r=1242180888=


Edited by Quiqzal, 26 October 2014 - 07:26 PM.

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Have you run the FRST and AdwCleaner yet ?
  • 0

#9
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I don't have a FRST as noted right above...lol or does the FRST64.exe count as it?


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Your version is FRST64 that is correct :)
  • 0

#11
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

After this run could you let me know what problems remain

You will need to uninstall and then re-install Chrome as it has been changed to the developer build which is very insecure

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

 

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

 

 

Ok Great just wanted to be on the same page. I will get the above steps going and get the report back to you today.


  • 0

#12
Quiqzal

Quiqzal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-11-2014
Ran by Nanette at 2014-11-02 01:15:39 Run:2
Running from C:\FRST\FRST-OlderVersion
Loaded Profile: Nanette (Available profiles: Nanette)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-10-25 17:16 - 2014-10-25 18:45 - 00000454 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00003446 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Updates
2014-10-25 17:16 - 2014-10-25 17:16 - 00002860 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro Idle
2014-10-25 17:16 - 2014-10-25 17:16 - 00002836 _____ () C:\WINDOWS\System32\Tasks\PC Optimizer Pro startups
2014-10-25 17:16 - 2014-10-25 17:16 - 00001479 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-10-25 17:16 - 2014-10-25 17:16 - 00000922 _____ () C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2014-10-25 17:16 - 2014-10-25 17:16 - 00000456 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000428 _____ () C:\WINDOWS\Tasks\PC Optimizer Pro startups.job
2014-10-25 17:16 - 2014-10-25 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
2014-10-25 17:15 - 2014-10-25 17:16 - 00000000 ____D () C:\Program Files\PC Optimizer Pro
2014-10-25 17:15 - 2014-10-25 17:15 - 00000000 ____D () C:\Program Files (x86)\File Type Helper
2014-10-25 09:56 - 2014-10-25 09:56 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (11).exe
2014-10-25 09:55 - 2014-10-25 09:55 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (10).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (9).exe
2014-10-25 09:41 - 2014-10-25 09:41 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (3).exe
2014-10-25 09:40 - 2014-10-25 09:40 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (2).exe
2014-10-24 15:34 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (1).exe
2014-10-24 15:33 - 2014-10-24 15:34 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup.exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (8).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (7).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (6).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (5).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00071024 _____ (Premium Installer ) C:\Users\Nanette\Downloads\setup (4).exe
2014-10-24 15:21 - 2014-10-24 15:21 - 00004324 _____ () C:\WINDOWS\System32\Tasks\RocketTab Update Task
2014-10-24 15:21 - 2014-10-24 15:21 - 00003536 _____ () C:\WINDOWS\System32\Tasks\RocketTab
2014-10-24 15:21 - 2014-10-24 15:21 - 00002652 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Task: {3D7353D1-DB1F-4E9B-8511-3DD9935A9585} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {42D6EAB3-7BB0-4D79-A22C-3D6282EC8F19} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION
Task: {8CABA961-24B0-45F0-9A6B-5A9952477962} - System32\Tasks\RocketTab => C:\WINDOWS\system32\cmd.exe [2013-08-22] (Microsoft Corporation) <==== ATTENTION
Task: {DB1A375D-1C9E-498F-A6F2-A430110AA9DB} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe [2014-07-18] (Xportsoft Technologies) <==== ATTENTION
Task: {DC7F0D42-FB22-48BA-9B08-BF64A1D2D05B} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Nanette\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
*****************

"C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\PC Optimizer Pro Updates" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\PC Optimizer Pro Idle" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\PC Optimizer Pro startups" => File/Directory not found.
"C:\Users\Public\Desktop\Norton Security Scan.LNK" => File/Directory not found.
"C:\Users\Public\Desktop\PC Optimizer Pro.lnk" => File/Directory not found.
"C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job" => File/Directory not found.
"C:\WINDOWS\Tasks\PC Optimizer Pro startups.job" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro" => File/Directory not found.
"C:\Program Files\PC Optimizer Pro" => File/Directory not found.
"C:\Program Files (x86)\File Type Helper" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (11).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (10).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (9).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (3).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (2).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (1).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup.exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (8).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (7).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (6).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (5).exe" => File/Directory not found.
"C:\Users\Nanette\Downloads\setup (4).exe" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\RocketTab Update Task" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\RocketTab" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\WSE_Astromenda" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key not found.
"C:\ProgramData\SetStretch.exe" => File/Directory not found.
"C:\ProgramData\SetStretch.VBS" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D7353D1-DB1F-4E9B-8511-3DD9935A9585}" => Key not found.
C:\Windows\System32\Tasks\RocketTab Update Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42D6EAB3-7BB0-4D79-A22C-3D6282EC8F19}" => Key not found.
C:\Windows\System32\Tasks\PC Optimizer Pro Idle not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro Idle" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CABA961-24B0-45F0-9A6B-5A9952477962}" => Key not found.
C:\Windows\System32\Tasks\RocketTab not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB1A375D-1C9E-498F-A6F2-A430110AA9DB}" => Key not found.
C:\Windows\System32\Tasks\PC Optimizer Pro startups not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro startups" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC7F0D42-FB22-48BA-9B08-BF64A1D2D05B}" => Key not found.
C:\Windows\System32\Tasks\LaunchSignup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key not found.
C:\WINDOWS\Tasks\PC Optimizer Pro Idle.job not found.
C:\WINDOWS\Tasks\PC Optimizer Pro startups.job not found.
C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job not found.
C:\WINDOWS\Tasks\UpdaterEX.job not found.

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  netsh int ip reset c:\resetlog.txt =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.

========= End of CMD: =========

=========  ipconfig /release =========

Windows IP Configuration

No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::3d98:c787:79c5:d519%3
   Default Gateway . . . . . . . . . :

Tunnel adapter Local Area Connection* 3:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:385b:304d:b6df:8f37
   Link-local IPv6 Address . . . . . : fe80::385b:304d:b6df:8f37%10
   Default Gateway . . . . . . . . . : ::

========= End of CMD: =========

=========  ipconfig /renew =========

Windows IP Configuration

No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::3d98:c787:79c5:d519%3
   IPv4 Address. . . . . . . . . . . : 192.168.1.5
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

Tunnel adapter Local Area Connection* 3:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:414:7ae:3f57:fefa
   Link-local IPv6 Address . . . . . : fe80::414:7ae:3f57:fefa%10
   Default Gateway . . . . . . . . . : ::

Tunnel adapter isatap.{63F51D66-BE30-48A9-8AEC-D1A33B4C3B12}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

==== End of Fixlog ====


Edited by Quiqzal, 02 November 2014 - 12:24 AM.

  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now ?
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: Google, COMODO, Jave, File Angels, s.mjystw, Trovi, Astromenda

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP