This topic is lockednothing came out on the ADW cleaner
have tried everything I know of and I am ready to give up [Solved]
Started by
nonosma
, Nov 23 2014 04:44 PM
#17
Posted 25 November 2014 - 03:38 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Myriam (administrator) on HOME-PC on 25-11-2014 13:31:41
Running from C:\Users\Myriam.home-PC.000\Downloads
Loaded Profiles: Noah & Brian & Myriam (Available profiles: Noah & Brian & nightmare feast & Myriam & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Speedbit Ltd.) C:\Program Files (x86)\DAP\dapxrpt.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-22] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify Web Helper] => C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [InstallIQUpdater] => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Easy Dock] => C:\Users\Nathalie\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify] => C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Spotify Web Helper] => C:\Users\Noah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-14] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Easy Dock] => C:\Users\Noah\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [GoogleChromeAutoLaunch_16A54A67327E5B6E5B974F30BB008FB7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Spotify] => C:\Users\Noah\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-14] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Easy Dock] => C:\Users\Brian\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [GoogleChromeAutoLaunch_3E5B50BD5627217D97848B0D8CBA68C2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {ccee5e71-c96b-11e3-8b6a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
AppInit_DLLs-x32: => "" File Not Found
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
Startup: C:\Users\myriam.home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (No File)
Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1006\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1012\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1004] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1004] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1005] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1012] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1012] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1078] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1078] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as..._9.0.8112.16470
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20B13CD7CB73CF01
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKLM-x32 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> DefaultScope {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...32-F5387A104933
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2144401C-9958-4B1F-B1C1-7F1E4498F860} URL = http://search.yahoo....=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2780EBEE-10BC-408d-94F7-0AA90B056FE8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...pe=W3i_IA,206,0
#18
Posted 25 November 2014 - 03:40 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Myriam at 2014-11-25 13:33:01
Running from C:\Users\Myriam.home-PC.000\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {C37D8F93-0602-E43C-40AA-47DAD597F308}
AS: avast! Antivirus (Enabled - Up to date) {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Amazon Cloud Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
appsmaker OptimalPC (HKLM-x32\...\appsmaker_optimalpc_is1) (Version: - appsmaker)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.25 - ArcSoft)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
Avast Premier (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
blinkx beat (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\blinkx beat) (Version: 1.5.0 - blinkx)
blinkx beat (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\blinkx beat) (Version: 1.5.0 - blinkx)
blinkx beat (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\blinkx beat) (Version: 1.5.0 - blinkx)
blinkx beat (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\blinkx beat) (Version: 1.5.0 - blinkx)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CC Magic (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\CC Magic) (Version: - )
CC Magic (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\CC Magic) (Version: - )
CC Magic (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\CC Magic) (Version: - )
CC Magic (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\CC Magic) (Version: - )
CC Magic (HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\CC Magic) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
City of Heroes (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\NCsoft-CityOfHeroes) (Version: - NCsoft)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Clone Wars (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\SOE-Clone Wars) (Version: - Sony Online Entertainment)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Create A Mall (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cubis Gold (HKLM-x32\...\110094687) (Version: - Oberon Media)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAP Plug-in for 64 Bit IE (HKLM\...\{E06AF9BE-E1D6-4867-8DBF-74E4BA32BBB3}) (Version: 9411.0.29 - SpeedBit)
DC Universe Online Live (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
Defraggler (HKLM\...\Defraggler) (Version: 2.12 - Piriform)
Digital Copy (HKLM-x32\...\Digital Copy) (Version: - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Disney Infinity Toy Box (HKLM-x32\...\{11CB229E-8A2B-40FD-8670-4EC92D3DDAD5}) (Version: 1.81.1602 - Disney Interactive)
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10035 (Build 2444) - Speedbit Ltd.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FormulaCartoon (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Kalydo App FormulaCartoon) (Version: 0.00.01.41 - )
FoxTab PDF Creator (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
Free Realms (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\SOE-Free Realms) (Version: - Sony Online Entertainment)
Frostwire Toolbar (HKLM-x32\...\{46575637-0076-A76A-76A7-A758B70C0202}) (Version: 12.2.2.638 - Ask Partner Network)
fTalk (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\fTalk) (Version: 4.0.0.4138 - Koyote-Lab Inc) <==== ATTENTION
GamersFirst LIVE! (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\GamersFirst LIVE!) (Version: - GamersFirst)
Genieo (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\genieo) (Version: 1.0.202 - Genieo Innovation Ltd.)
Genieo (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\genieo) (Version: 1.0.202 - Genieo Innovation Ltd.)
Genieo (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\genieo) (Version: 1.0.202 - Genieo Innovation Ltd.)
Genieo (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\genieo) (Version: 1.0.202 - Genieo Innovation Ltd.)
Genieo (HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\genieo) (Version: 1.0.202 - Genieo Innovation Ltd.)
Ghost Recon Online (NCSA-Live) (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\fc418bf9b18f76aa) (Version: 1.29.6478.1 - Ubisoft)
Ghost Recon Online (NCSA-Live) (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\fc418bf9b18f76aa) (Version: 1.29.6478.1 - Ubisoft)
Ghost Recon Online (NCSA-Live) (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\fc418bf9b18f76aa) (Version: 1.29.6478.1 - Ubisoft)
Ghost Recon Online (NCSA-Live) (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\fc418bf9b18f76aa) (Version: 1.29.6478.1 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Chrome (HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Google Chrome) (Version: 9.0.597.94 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{ADDF4B84-5D28-4EAE-8511-EF808C8BC81C}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3091677303-449996058-2394412518-1078\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalydo Player 4.10.01 (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\KalydoPlayer) (Version: 4.10.01 - Eximion B.V.)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Mah Jong Adventures (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}) (Version: 3.1.8.0 - Apple Inc.)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nancy Drew: Message in a Haunted Mansion (HKLM-x32\...\{78B55A60-5E51-11D4-A766-00C00C02EDEF}) (Version: - )
Nancy Drew: Secret of Shadow Ranch (HKLM-x32\...\{06874C62-EC70-4275-9F30-BD81969993A8}) (Version: - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paltalk Messenger 11.1 (HKLM-x32\...\Paltalk Messenger) (Version: 11.1.0 - AVM Software Inc.)
PDF Reader (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\PDF Reader) (Version: - )
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.1 - Nikon)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlanetSide 2 (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
ROBLOX Player for Noah (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio 2013 for Noah (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sally's Studio Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Pirates! (x32 Version: 1.00.0000 - Firaxis Games) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Spotify (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spotify (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Spotify (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
SpywareBlaster 4.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.6.0 - Javacool Software LLC)
SpywareGuard v2.2 (HKLM-x32\...\SpywareGuard_is1) (Version: 2.2 - Javacool Software LLC)
Square Enix Secure Launcher (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Square Enix Secure Launcher) (Version: 1.0.0.108 - Square Enix)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1148 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
The Movies™ (x32 Version: 1.0 - Activision) Hidden
The Movies™ Stunts & Effects (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.2 - Activision)
The Movies™ Stunts & Effects (x32 Version: 1.0 - Activision) Hidden
The Sims Medieval Pirates and Nobles (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Transformers™ - Le Jeu Demo (HKLM-x32\...\InstallShield_{52AC37AD-2435-4BD8-A28A-5AF1306EF69B}) (Version: 1.00.0000 - Activision)
Transformers™ - Le Jeu Demo (x32 Version: 1.00.0000 - Activision) Hidden
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - W3i, LLC)
Uninstall Helper (x32 Version: 2.0.1.0 - W3i, LLC) Hidden
Unity Web Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-5 - Wacom Technology Corp.)
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.1 - WebM Project)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3091677303-449996058-2394412518-1006_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3091677303-449996058-2394412518-1012_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
==================== Restore Points =========================
21-11-2014 14:27:26 Scheduled Checkpoint
21-11-2014 20:02:48 Installed The Sims 3 Late Night
21-11-2014 20:27:24 Installed The Sims 3 Late Night
21-11-2014 20:50:51 Installed The Sims 3 Late Night
21-11-2014 23:36:13 Removed WinZip 19.0
21-11-2014 23:47:53 Removed WinZip 19.0
22-11-2014 18:32:36 avast! antivirus system restore point
22-11-2014 18:36:41 MechWarrior Online
22-11-2014 18:37:52 Device Driver Package Install: Avast Network Service
22-11-2014 22:05:54 Removed File Association Helper
22-11-2014 22:40:55 Removed LogMeIn Hamachi
22-11-2014 22:51:51 Removed TSR RigFix
23-11-2014 19:55:15 avast! antivirus system restore point
24-11-2014 21:56:54 Removed Java 8 Update 25
25-11-2014 18:49:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:34 - 2014-11-21 20:42 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05D39416-4F1F-41A5-96F0-D7898235274B} - System32\Tasks\{EAD7312F-1CCA-41B8-9CDC-A7E845665447} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {088336E6-854A-49DB-A0CF-E6DE1DE7CCE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {0C582A3E-A6CA-4A05-A56A-40A2CB4215F1} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {105EC40E-87DE-48E1-B725-A862005116C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001UA => C:\Users\myriam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26] (Google Inc.)
Task: {1170D6E8-469C-4FB6-96E7-EAD6EEC62626} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3091677303-449996058-2394412518-1001
Task: {11B118C2-67D5-441D-8271-C223692E9258} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3091677303-449996058-2394412518-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {2209843B-4162-4FE9-B9AE-8A99DA3CD867} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {230600B3-1E4C-407E-AD92-02B03B5EB745} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {269952D7-CD7A-43F7-AB2F-FFFB6FAB886F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2714419B-7136-4DA7-B551-F6472B88B8D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3091677303-449996058-2394412518-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {2784B5B5-F025-4BB7-9A74-2090CB23B914} - System32\Tasks\OptimalPC => C:\Program Files (x86)\appsmaker\OptimalPC\automaticcare.exe [2010-11-11] (appsmaker)
Task: {2A5FF053-0E19-4FC8-A0A5-1DA24E151521} - System32\Tasks\{9B64EE5F-2593-47BA-8D05-BBD572B730DA} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {2C9C96D3-ECF7-4B13-AF1A-EEA9539234B5} - System32\Tasks\{9515769D-44DA-44A4-9C70-F71AA08BC84E} => C:\Program Files (x86)\FrostWire 5\FrostWire.exe
Task: {3C62B37C-A724-4E8B-B0FD-539EEA16E3CB} - System32\Tasks\{8231E83B-58B6-4B9A-B641-E4DE82FF16DF} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {3D264065-6E3A-4FA6-8FC3-E9002BAB7069} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4DE3CC6C-EC1A-48DC-9D64-F4597CE12E5A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3091677303-449996058-2394412518-1077 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {5009637C-098F-40D5-9D03-54BB79CD3CB8} - System32\Tasks\{CC885B09-318C-49E0-B8BA-49F2F7752AAA} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {526F620B-7BA1-4282-945E-5007D8DA76B0} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {54534014-040E-47DD-B213-51112ADE272C} - System32\Tasks\{671FC6B0-3D84-4122-933A-B1E2FCFFA4C5} => C:\Program Files (x86)\Lionhead Studios Ltd\The Movies\Movies.exe
Task: {54FD57B8-1ADA-44DE-BA46-702C0DFA0737} - System32\Tasks\{F6C731E8-4F8C-4424-B3E7-A2B12692737B} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {574972DE-6CAC-42DF-83E6-62E7784E9D37} - System32\Tasks\{19F9B00D-288E-40D0-967D-EC5DAB10972E} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {57965462-945B-43AD-8402-92BFD171C8A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5C3C66A6-0540-42F6-B05F-C7BF25CBF84F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001Core => C:\Users\myriam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26] (Google Inc.)
Task: {64A59263-1EFE-458F-9F28-339AD58BA9C6} - System32\Tasks\{EDAE4C4D-2DB2-4AC4-8BE9-4996F46C67F3} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {663B71E2-6D8A-4E46-89E2-B4CA9D4FAE05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {683AB2DE-ABE8-4892-897E-393FDB577E42} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-22] (AVAST Software)
Task: {76EBC34E-A17B-4F73-A77D-633A2244C952} - System32\Tasks\{2483A6F5-3CF5-459E-BE42-6C93713C9728} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {93B99CB7-42B0-4CA8-9F82-E99DD4A32C76} - System32\Tasks\{D88DA7F9-3A75-49D6-A070-3032FE54A636} => C:\Users\Noah\Desktop\Minecraft.exe
Task: {95D8DFE6-78B9-473C-B704-53D578EBE785} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9A327340-518B-43FF-9E14-F3487263E36A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {A594E7B7-3BA7-43A9-917C-ED43595A3142} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {AB777C54-F8CE-400A-979C-C6C1DA709973} - System32\Tasks\HPCeeScheduleForBrian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B39FEF83-35A1-46F2-B030-FF501FC073BF} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {B3F4FB3B-534D-4F9F-A990-E3F554CEBE05} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3091677303-449996058-2394412518-1077 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {BD0BC030-E643-4E85-BF2F-8D0B9C4AEB0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {C4529C41-C4D4-42A6-B128-C60625ED550F} - System32\Tasks\{CEEE7B27-E7B4-4B46-A48B-F7CACA627A2C} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {C57CAA2C-4BA8-4F34-A901-92EA1B92222B} - System32\Tasks\{4EA7C28E-A934-423C-AA03-ACA8C4271F38} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {D174EA9B-FDBB-4A56-B018-D46FEC3BBBC2} - System32\Tasks\{1DED7579-B170-43F0-85F4-79D35BD9BAE0} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {DB3D28D5-A91A-4FC8-BFDA-19020183BE17} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {E25E5BBC-ECDC-4CF9-A27D-3464598B69EF} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {E523826A-E169-42F6-9A80-F3B87965DD91} - System32\Tasks\{44B13C31-63A1-4B07-BCB7-7C8CEAED8848} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {EB3569FE-FAC8-4B11-81B0-A3550B9EA611} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {F049B96C-FE6D-42BB-A993-8020F9D7F66A} - System32\Tasks\HPCeeScheduleForsims only => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F33677D2-8E0C-4E0D-96BB-59ABF7F48992} - System32\Tasks\{5CE652F9-B41D-4E5F-BFD7-CCFDE881C83A} => C:\Program Files (x86)\Electronic Arts\The Sims 3 Late Night\Game\Bin\Sims3Launcher.exe [2010-09-21] (EA.com)
Task: {FB039D74-04EC-4F49-8A9A-F72601FFACFB} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-17] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001Core.job => C:\Users\myriam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001UA.job => C:\Users\myriam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForBrian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForsims only.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\OptimalPC.job => C:\Program Files (x86)\appsmaker\OptimalPC\automaticcare.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
==================== Loaded Modules (whitelisted) =============
2012-11-18 03:04 - 2014-05-19 17:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-21 11:56 - 2014-11-03 13:56 - 04377560 ___SH () C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
2014-11-21 11:56 - 2014-11-21 11:56 - 00160728 ____R () C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
2013-09-29 11:56 - 2014-01-13 08:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-10-21 13:42 - 2013-10-03 16:00 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2009-09-14 16:17 - 2009-09-14 16:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-11-23 10:42 - 2014-11-23 10:42 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112301\algo.dll
2014-11-25 10:34 - 2014-11-25 10:34 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112501\algo.dll
2014-11-21 11:56 - 2014-03-07 19:56 - 00117262 ___SH () C:\Program Files (x86)\FruidiadOepharbox\libgcc_s_dw2-1.dll
2014-11-21 11:56 - 2014-03-07 19:56 - 00970766 ___SH () C:\Program Files (x86)\FruidiadOepharbox\libstdc++-6.dll
2014-11-22 10:36 - 2014-11-22 10:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-11-02 19:22 - 2011-08-22 00:18 - 00925696 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-10-22 18:50 - 2009-10-22 18:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-11-19 22:56 - 2014-11-14 13:15 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-19 22:56 - 2014-11-14 13:15 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-19 22:56 - 2014-11-14 13:15 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-19 22:56 - 2014-11-14 13:15 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
2014-11-19 22:56 - 2014-11-14 13:15 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:00F3978A
AlternateDataStreams: C:\ProgramData\Temp:014BC3B4
AlternateDataStreams: C:\ProgramData\Temp:05582920
AlternateDataStreams: C:\ProgramData\Temp:05F547A9
AlternateDataStreams: C:\ProgramData\Temp:073139EC
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:0968E571
AlternateDataStreams: C:\ProgramData\Temp:0ACF1AF5
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:0DE96CF5
AlternateDataStreams: C:\ProgramData\Temp:0E22C5DB
AlternateDataStreams: C:\ProgramData\Temp:0FE0A03C
AlternateDataStreams: C:\ProgramData\Temp:10CFA7D4
AlternateDataStreams: C:\ProgramData\Temp:10D45FC3
AlternateDataStreams: C:\ProgramData\Temp:149327FE
AlternateDataStreams: C:\ProgramData\Temp:163B8B93
AlternateDataStreams: C:\ProgramData\Temp:1B3549F2
AlternateDataStreams: C:\ProgramData\Temp:1B389835
AlternateDataStreams: C:\ProgramData\Temp:1B7E2022
AlternateDataStreams: C:\ProgramData\Temp:1CF1FB36
AlternateDataStreams: C:\ProgramData\Temp:1E288DA3
AlternateDataStreams: C:\ProgramData\Temp:217A2A36
AlternateDataStreams: C:\ProgramData\Temp:2211E7A0
AlternateDataStreams: C:\ProgramData\Temp:2216A431
AlternateDataStreams: C:\ProgramData\Temp:24C072FF
AlternateDataStreams: C:\ProgramData\Temp:25BB767E
AlternateDataStreams: C:\ProgramData\Temp:2B11E0DF
AlternateDataStreams: C:\ProgramData\Temp:2B856118
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2F5A06FD
AlternateDataStreams: C:\ProgramData\Temp:2F8138B7
AlternateDataStreams: C:\ProgramData\Temp:32289BE8
AlternateDataStreams: C:\ProgramData\Temp:35629AE6
AlternateDataStreams: C:\ProgramData\Temp:3571475C
AlternateDataStreams: C:\ProgramData\Temp:36608448
AlternateDataStreams: C:\ProgramData\Temp:36A39835
AlternateDataStreams: C:\ProgramData\Temp:371A321E
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:384AA0FD
AlternateDataStreams: C:\ProgramData\Temp:39B53860
AlternateDataStreams: C:\ProgramData\Temp:3AC0ED43
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:3C0887BF
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4D551822
AlternateDataStreams: C:\ProgramData\Temp:4D729D61
AlternateDataStreams: C:\ProgramData\Temp:5520ED93
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA
AlternateDataStreams: C:\ProgramData\Temp:56C66609
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:571CCF8E
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:5A9F1AE5
AlternateDataStreams: C:\ProgramData\Temp:5C0940F1
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:5C4A588B
AlternateDataStreams: C:\ProgramData\Temp:5E8C18F1
AlternateDataStreams: C:\ProgramData\Temp:5ED7E575
AlternateDataStreams: C:\ProgramData\Temp:60E0AB2A
AlternateDataStreams: C:\ProgramData\Temp:6447E3B5
AlternateDataStreams: C:\ProgramData\Temp:67842DB7
AlternateDataStreams: C:\ProgramData\Temp:68B61847
AlternateDataStreams: C:\ProgramData\Temp:69FE2EE4
AlternateDataStreams: C:\ProgramData\Temp:6A0A47E7
AlternateDataStreams: C:\ProgramData\Temp:6A9EDD31
AlternateDataStreams: C:\ProgramData\Temp:6B2FBF73
AlternateDataStreams: C:\ProgramData\Temp:6BEADDC0
AlternateDataStreams: C:\ProgramData\Temp:6DA18708
AlternateDataStreams: C:\ProgramData\Temp:6E6A4F42
AlternateDataStreams: C:\ProgramData\Temp:6FD36C4B
AlternateDataStreams: C:\ProgramData\Temp:701B92FB
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:755BD5CD
AlternateDataStreams: C:\ProgramData\Temp:769DE8D6
AlternateDataStreams: C:\ProgramData\Temp:79C6A9CE
AlternateDataStreams: C:\ProgramData\Temp:7BB584AA
AlternateDataStreams: C:\ProgramData\Temp:7C44248C
AlternateDataStreams: C:\ProgramData\Temp:7D288858
AlternateDataStreams: C:\ProgramData\Temp:7EC01D6D
AlternateDataStreams: C:\ProgramData\Temp:7FA0D639
AlternateDataStreams: C:\ProgramData\Temp:834DD57E
AlternateDataStreams: C:\ProgramData\Temp:86B7FDDB
AlternateDataStreams: C:\ProgramData\Temp:87A3A233
AlternateDataStreams: C:\ProgramData\Temp:88AE8AB0
AlternateDataStreams: C:\ProgramData\Temp:8967C154
AlternateDataStreams: C:\ProgramData\Temp:8E11CC80
AlternateDataStreams: C:\ProgramData\Temp:8EE351C8
AlternateDataStreams: C:\ProgramData\Temp:902C848D
AlternateDataStreams: C:\ProgramData\Temp:90C320E1
AlternateDataStreams: C:\ProgramData\Temp:96838F8A
AlternateDataStreams: C:\ProgramData\Temp:983B4DC0
AlternateDataStreams: C:\ProgramData\Temp:993185CB
AlternateDataStreams: C:\ProgramData\Temp:9A8F071F
AlternateDataStreams: C:\ProgramData\Temp:9B2BD056
AlternateDataStreams: C:\ProgramData\Temp:9DB67071
AlternateDataStreams: C:\ProgramData\Temp:A039EDF9
AlternateDataStreams: C:\ProgramData\Temp:A0921B2C
AlternateDataStreams: C:\ProgramData\Temp:A1128200
AlternateDataStreams: C:\ProgramData\Temp:A17CCD03
AlternateDataStreams: C:\ProgramData\Temp:A6B07419
AlternateDataStreams: C:\ProgramData\Temp:A8606E6E
AlternateDataStreams: C:\ProgramData\Temp:AE9351E0
AlternateDataStreams: C:\ProgramData\Temp:AF9538BC
AlternateDataStreams: C:\ProgramData\Temp:B1E64E47
AlternateDataStreams: C:\ProgramData\Temp:B34A7CD6
AlternateDataStreams: C:\ProgramData\Temp:B38BEEEE
AlternateDataStreams: C:\ProgramData\Temp:B6AF2226
AlternateDataStreams: C:\ProgramData\Temp:BAFAD1DF
AlternateDataStreams: C:\ProgramData\Temp:BB718C46
AlternateDataStreams: C:\ProgramData\Temp:BD34FFC5
AlternateDataStreams: C:\ProgramData\Temp:BD8010FE
AlternateDataStreams: C:\ProgramData\Temp:BE40C8A2
AlternateDataStreams: C:\ProgramData\Temp:BF640EE5
AlternateDataStreams: C:\ProgramData\Temp:C370B84F
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:C4A88D6B
AlternateDataStreams: C:\ProgramData\Temp:CAEDBDA6
AlternateDataStreams: C:\ProgramData\Temp:CE8A42A3
AlternateDataStreams: C:\ProgramData\Temp:D01ACC06
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D576A536
AlternateDataStreams: C:\ProgramData\Temp:D6D084A5
AlternateDataStreams: C:\ProgramData\Temp:D987CB43
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:E326D1D1
AlternateDataStreams: C:\ProgramData\Temp:E6537A16
AlternateDataStreams: C:\ProgramData\Temp:E6EC5C2A
AlternateDataStreams: C:\ProgramData\Temp:E9900C74
AlternateDataStreams: C:\ProgramData\Temp:E99D1D3C
AlternateDataStreams: C:\ProgramData\Temp:EB2D2CC5
AlternateDataStreams: C:\ProgramData\Temp:EB5BDBB0
AlternateDataStreams: C:\ProgramData\Temp:ED6B6C83
AlternateDataStreams: C:\ProgramData\Temp:ED9B661E
AlternateDataStreams: C:\ProgramData\Temp:F1C8B957
AlternateDataStreams: C:\ProgramData\Temp:F2327E82
AlternateDataStreams: C:\ProgramData\Temp:F2E92DCD
AlternateDataStreams: C:\ProgramData\Temp:F36BFA23
AlternateDataStreams: C:\ProgramData\Temp:F53B274A
AlternateDataStreams: C:\ProgramData\Temp:F5FC5DCE
AlternateDataStreams: C:\ProgramData\Temp:F888E36D
AlternateDataStreams: C:\ProgramData\Temp:F942EC78
AlternateDataStreams: C:\ProgramData\Temp:F98E6C67
AlternateDataStreams: C:\ProgramData\Temp:FBD274CF
AlternateDataStreams: C:\ProgramData\Temp:FD786DCA
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TabletServicePen => 2
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Fliptoast.lnk => C:\Windows\pss\Fliptoast.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Marketsplash Print Software.lnk => C:\Windows\pss\Marketsplash Print Software.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^sims only^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\mom\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\sims only\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AvgUninstallURL => cmd.exe /c start http://www.avg.com/w...0f8878bd60d3578
MSCONFIG\startupreg: BambooCore => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: DAP10 => "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Easy Dock =>
MSCONFIG\startupreg: Exetender => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
MSCONFIG\startupreg: fTalk => "C:\Users\mom\AppData\Local\fTalk\ftalk.exe" -autorun
MSCONFIG\startupreg: GenieoSystemTray => "C:\Users\mom\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"
MSCONFIG\startupreg: GenieoUpdaterService => "C:\Users\mom\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5
MSCONFIG\startupreg: Google Update => "C:\Users\myriam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_3E5B50BD5627217D97848B0D8CBA68C2 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
MSCONFIG\startupreg: Messenger => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: NCPluginUpdater => "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PC-Doctor for Windows localizer => C:\Program Files\PC-Doctor for Windows\localizer.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RegistryKit Reminder v2.0 => "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe"
MSCONFIG\startupreg: RegistryKit v2.0 => "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe"
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe
MSCONFIG\startupreg: SearchProtect => C:\Users\mom\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SelectRebates => C:\Program Files (x86)\SelectRebates\SelectRebates.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SpeedBitVideoAccelerator => "C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup
MSCONFIG\startupreg: SpeetItUpFree => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Nathalie\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: TrayIcRun => C:\Program Files (x86)\ArcadeWeb\tray.exe
MSCONFIG\startupreg: uTorrent => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
========================= Accounts: ==========================
Administrator (S-1-5-21-3091677303-449996058-2394412518-500 - Administrator - Disabled)
Brian (S-1-5-21-3091677303-449996058-2394412518-1005 - Limited - Enabled) => C:\Users\Brian
Guest (S-1-5-21-3091677303-449996058-2394412518-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3091677303-449996058-2394412518-1008 - Limited - Enabled)
Myriam (S-1-5-21-3091677303-449996058-2394412518-1078 - Administrator - Enabled) => C:\Users\Myriam.home-PC.000
nightmare feast (S-1-5-21-3091677303-449996058-2394412518-1077 - Limited - Enabled) => C:\Users\nightmare feast
Noah (S-1-5-21-3091677303-449996058-2394412518-1004 - Limited - Enabled) => C:\Users\Noah
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-29 16:23:06.263
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:23:05.855
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:12:33.849
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:12:33.438
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:12:20.492
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:12:20.083
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:09:14.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:09:14.583
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:09:14.165
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-05-29 16:09:13.759
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon™ II X4 630 Processor
Percentage of memory in use: 42%
Total physical RAM: 6143.24 MB
Available physical RAM: 3544.17 MB
Total Pagefile: 7433.82 MB
Available Pagefile: 4273.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:920.64 GB) (Free:93.59 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.77 GB) (Free:1.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Sims3SP05) (CDROM) (Total:2.32 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
#19
Posted 25 November 2014 - 03:45 PM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
Thanks for the information. It's highly unusual for AdwCleaner not to have logged anything. When you go to C:\AdwCleaner
..is there any log files in there? If so can you post the contents of them?
If not, would you mind following the instructions for AdwCleaner one more time to see if it produces a log?
Let me know.
#20
Posted 25 November 2014 - 04:24 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
# AdwCleaner v4.102 - Report created 25/11/2014 at 14:19:09
# Updated 23/11/2014 by Xplode
# Database : 2014-11-25.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Myriam - HOME-PC
# Running from : C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner (1).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt - [43520 octets] - [21/11/2014 20:40:52]
AdwCleaner[R1].txt - [43393 octets] - [23/11/2014 10:34:09]
AdwCleaner[R2].txt - [942 octets] - [25/11/2014 13:24:57]
AdwCleaner[R3].txt - [806 octets] - [25/11/2014 14:19:09]
AdwCleaner[S0].txt - [43023 octets] - [23/11/2014 10:39:07]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [926 octets] ##########
#21
Posted 25 November 2014 - 06:50 PM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
I received your Addition.txt log however your FRST.txt file is cut off. Can you go to C:\Users\Myriam.home-PC.000\Downloads and open up the FRST.txt file and paste the log in it's entirety?
Thank you.
#22
Posted 25 November 2014 - 07:00 PM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
Also it appears you may have forgotten to disable Windows Defender. I'll repeat the steps here.
Disable Windows Defender
We need to disable Windows Defender to avoid conflicts with your Avast Premier AV. Having both enabled at the same time can cause undesirable effects. Please do the following to disable.
1. Open Windows Defender by clicking the Start button. In the search box, type Defender, and then, in the list of results, click Windows Defender.
2.Click Tools, and then click Options.
3.Click Administrator, clear the Use this program check box, and then click Save. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
#23
Posted 25 November 2014 - 07:36 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
according to my computer Defender is turned off.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Myriam (administrator) on HOME-PC on 25-11-2014 13:31:41
Running from C:\Users\Myriam.home-PC.000\Downloads
Loaded Profiles: Noah & Brian & Myriam (Available profiles: Noah & Brian & nightmare feast & Myriam & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Speedbit Ltd.) C:\Program Files (x86)\DAP\dapxrpt.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-22] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify Web Helper] => C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [InstallIQUpdater] => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Easy Dock] => C:\Users\Nathalie\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify] => C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Spotify Web Helper] => C:\Users\Noah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-14] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Easy Dock] => C:\Users\Noah\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [GoogleChromeAutoLaunch_16A54A67327E5B6E5B974F30BB008FB7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Spotify] => C:\Users\Noah\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-14] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Easy Dock] => C:\Users\Brian\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [GoogleChromeAutoLaunch_3E5B50BD5627217D97848B0D8CBA68C2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {ccee5e71-c96b-11e3-8b6a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
AppInit_DLLs-x32: => "" File Not Found
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
Startup: C:\Users\myriam.home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (No File)
Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1006\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1012\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1004] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1004] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1005] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1012] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1012] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1078] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1078] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as..._9.0.8112.16470
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20B13CD7CB73CF01
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKLM-x32 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> DefaultScope {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...32-F5387A104933
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2144401C-9958-4B1F-B1C1-7F1E4498F860} URL = http://search.yahoo....=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2780EBEE-10BC-408d-94F7-0AA90B056FE8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {E9CE0F89-9D8F-46D5-AE20-D94C93DE6976} URL = http://searchya.com/...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {53C15A03-DFB4-4519-96F3-4433FDE6FC21} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {951F3306-3CE1-404B-BBBC-0A86E724CDAB} URL = http://search.yahoo....14,17841,0,18,0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {82F58046-0F99-4D37-BAC0-9BE126EB66B6} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {4A1B17F1-16A3-4CF6-8BF6-A39CD79E49A1} URL = http://search.condui...3221141119&UM=2
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Frostwire Toolbar - {46575637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FWV7\Passport.dll" No File
Toolbar: HKLM-x32 - No Name - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/...O1.cab60096.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab
DPF: HKLM-x32 {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
ShellExecuteHooks-x32: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll [126976 2003-08-02] ()
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @tools.google.com/Google Update;version=8 -> C:\Users\myriam\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1003: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @coreonline.com/run3d,version=1.0 -> C:\Users\Noah\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @eximion.com/KalydoPlayer -> C:\Users\Noah\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @nsroblox.roblox.com/launcher -> C:\Users\Noah\AppData\Local\Roblox\Versions\version-3789d377c3ab4ee1\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Noah\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll No File
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Noah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1005: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\sims only\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1078: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: ArcadeWeb - C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2014-11-25]
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-03]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DAP\daplinkchecker
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-03]
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Firefox\Extensions: [{ED76C299-85BC-4891-9237-74A140C28832}] - C:\Program Files (x86)\RebateInformer\Firefox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-25]
CHR Extension: (Google Docs) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-25]
CHR Extension: (Google Drive) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-25]
CHR Extension: (YouTube) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-25]
CHR Extension: (DAP Link Checker) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2014-11-25]
CHR Extension: (Google Search) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-25]
CHR Extension: (Google Sheets) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-25]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-11-25]
CHR Extension: (Google Wallet) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-25]
CHR Extension: (Gmail) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-25]
CHR HKLM-x32\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Program Files (x86)\DAP\daplinkchecker.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\mom\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-03]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\mom\AppData\Local\Temp\ccex.crx [2012-03-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5203824 2010-11-11] (appsmaker)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-22] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-05-21] (Macrovision Europe Ltd.) [File not signed]
R2 FruidiadOepharbox; C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe [4377560 2014-11-03] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-05] (Electronic Arts)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2078576 2010-11-11] (appsmaker)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-10-03] (Wacom Technology, Corp.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-09-01] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-22] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-22] ()
S3 dfg; C:\Windows\SysWOW64\DRIVERS\dfg.sys [23552 2008-12-10] (defrag Development Team) [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 poqdoehy; C:\Windows\SysWOW64\drivers\fubilq.sys [61440 2011-11-27] () [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S0 tiwdxqvx; C:\Windows\SysWOW64\drivers\livkaoag.sys [61440 2011-03-02] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-21] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 cpuz134; \??\C:\Users\SIMSON~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 13:31 - 2014-11-25 13:32 - 00073404 _____ () C:\Users\Myriam.home-PC.000\Downloads\FRST.txt
2014-11-25 13:31 - 2014-11-25 13:31 - 02118144 _____ (Farbar) C:\Users\Myriam.home-PC.000\Downloads\FRST64.exe
2014-11-25 13:31 - 2014-11-25 13:31 - 02118144 _____ (Farbar) C:\Users\Myriam.home-PC.000\Downloads\FRST64 (1).exe
2014-11-25 13:25 - 2014-11-25 13:25 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner (1).exe
2014-11-25 13:24 - 2014-11-25 13:24 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner.exe
2014-11-25 13:22 - 2014-11-25 13:22 - 00002084 _____ () C:\Users\Myriam.home-PC.000\Desktop\JRT.txt
2014-11-25 12:41 - 2014-11-25 12:41 - 00000000 ____D () C:\Windows\ERUNT
2014-11-25 12:40 - 2014-11-25 12:40 - 01707532 _____ (Thisisu) C:\Users\Myriam.home-PC.000\Downloads\JRT.exe
2014-11-25 12:36 - 2014-11-25 12:36 - 00088824 _____ () C:\Users\Myriam.home-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-25 10:35 - 2014-11-25 10:38 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Hewlett-Packard
2014-11-25 10:35 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\AVAST Software
2014-11-25 10:34 - 2014-11-25 10:36 - 00002217 _____ () C:\Users\Myriam.home-PC.000\Desktop\Google Chrome.lnk
2014-11-25 10:34 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Hewlett-Packard
2014-11-25 10:34 - 2014-11-25 10:34 - 00001375 _____ () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Adobe
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\VirtualStore
2014-11-25 10:33 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA Corporation
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Google
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000
2014-11-25 10:33 - 2014-11-25 10:33 - 00000020 ___SH () C:\Users\Myriam.home-PC.000\ntuser.ini
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\WTablet
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA
2014-11-25 10:33 - 2012-04-07 08:44 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla
2014-11-25 10:33 - 2011-06-03 02:02 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Microsoft Help
2014-11-25 10:33 - 2011-02-01 09:30 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Macromedia
2014-11-25 10:33 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-25 10:33 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-24 15:12 - 2014-11-24 15:13 - 00759488 _____ ( ) C:\Users\Brian\Desktop\adobe_flash_setup.exe.dap
2014-11-24 14:02 - 2014-11-24 14:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-24 14:01 - 2014-11-24 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-24 13:56 - 2014-11-24 13:56 - 00638888 _____ (Oracle Corporation) C:\Users\Brian\Desktop\javadl.sun.com
2014-11-24 09:53 - 2014-11-24 09:53 - 00050705 _____ () C:\Users\Brian\Desktop\Addition.txt
2014-11-24 09:51 - 2014-11-24 10:03 - 00060377 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-11-24 09:50 - 2014-11-24 09:50 - 02118144 _____ (Farbar) C:\Users\Brian\Desktop\FRST64_1.exe
2014-11-24 09:45 - 2014-11-25 13:31 - 00000000 ____D () C:\FRST
2014-11-23 17:09 - 2014-11-23 17:09 - 00000000 ____D () C:\Users\mom\AppData\Local\NVIDIA
2014-11-23 14:33 - 2014-11-23 14:33 - 04745544 _____ (Google) C:\Users\sims only\Downloads\314.22-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-11-23 13:34 - 2014-11-23 13:34 - 02291025 _____ () C:\Users\sims only\Downloads\CCMagic_2920_Setup.zip
2014-11-23 12:09 - 2014-11-23 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 12:07 - 2014-11-23 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-23 11:57 - 2014-11-23 11:57 - 00001912 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-11-23 11:57 - 2014-11-22 10:36 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1 (1).exe
2014-11-23 11:03 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-23 11:02 - 2014-11-23 11:03 - 36480824 _____ () C:\Users\sims only\Downloads\Firefox_Setup_33.1.1.exe
2014-11-22 19:00 - 2014-11-23 14:35 - 00000000 ____D () C:\Users\sims only\Desktop\stuff to convert
2014-11-22 17:22 - 2014-11-23 15:39 - 00000000 ____D () C:\Users\sims only\AppData\Local\CrashDumps
2014-11-22 16:39 - 2014-11-22 19:27 - 00000000 ____D () C:\Users\sims only\Desktop\converted files
2014-11-22 16:07 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\CC Magic
2014-11-22 16:07 - 2014-11-22 16:07 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CC Magic
2014-11-22 15:31 - 2014-11-22 15:31 - 02068215 _____ () C:\Users\sims only\Downloads\MTS_granthes_1308731_CCMagic_2942_Setup.zip
2014-11-22 15:16 - 2014-11-22 15:16 - 00157098 _____ () C:\Users\sims only\AppData\Local\ars.cache
2014-11-22 15:16 - 2014-11-22 15:16 - 00084165 _____ () C:\Users\sims only\AppData\Local\census.cache
2014-11-22 15:12 - 2014-11-22 15:12 - 00000010 _____ () C:\Users\sims only\AppData\Local\sponge.last.runtime.cache
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:10 - 2014-11-22 15:10 - 01745624 _____ () C:\Users\sims only\Downloads\wrar511.exe
2014-11-22 15:05 - 2014-11-22 15:08 - 00000000 ____D () C:\Users\sims only\Downloads\TMRBLog
2014-11-22 15:05 - 2014-11-22 15:05 - 00000000 ____D () C:\Users\sims only\Downloads\log
2014-11-22 15:04 - 2014-11-22 15:04 - 00000036 _____ () C:\Users\sims only\AppData\Local\housecall.guid.cache
2014-11-22 15:03 - 2014-11-22 15:04 - 02064880 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HousecallLauncher.exe
2014-11-22 15:03 - 2014-11-22 15:03 - 14861360 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\RootkitBusterV5.0-1180x64.exe
2014-11-22 15:02 - 2014-11-22 15:02 - 00296536 _____ () C:\Users\sims only\Downloads\HousecallLauncher64.exe
2014-11-22 14:52 - 2014-11-22 14:52 - 00000000 _____ () C:\Users\sims only\AppData\Roaming\Light Machine
2014-11-22 14:27 - 2014-11-22 14:27 - 00000247 _____ () C:\Windows\system32\2014-11-22-22-27-27.058-aswFe.exe-6600.log
2014-11-22 14:27 - 2014-11-22 14:27 - 00000197 _____ () C:\Windows\system32\2014-11-22-22-27-11.075-AvastVBoxSVC.exe-164.log
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-22 13:49 - 2014-11-23 19:00 - 00001288 _____ () C:\Windows\setupact.log
2014-11-22 13:49 - 2014-11-23 18:56 - 00927942 _____ () C:\Windows\PFRO.log
2014-11-22 13:49 - 2014-11-22 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-22 10:38 - 2014-11-22 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-22 10:36 - 2014-11-22 10:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-22 10:36 - 2014-11-22 10:35 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-22 10:27 - 2014-11-22 10:27 - 00000000 __SHD () C:\Users\sims only\AppData\Local\EmieBrowserModeList
2014-11-21 20:42 - 2014-11-21 20:42 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(8).exe
2014-11-21 20:40 - 2014-11-25 13:26 - 00000000 ____D () C:\AdwCleaner
2014-11-21 20:40 - 2014-11-21 20:40 - 02140160 _____ () C:\Users\sims only\Downloads\AdwCleaner.exe
2014-11-21 20:36 - 2014-11-21 20:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\phch.sys
2014-11-21 16:52 - 2014-11-21 16:52 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-21 16:51 - 2014-11-21 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis(1).exe
2014-11-21 16:51 - 2014-11-21 16:51 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-21 16:50 - 2014-11-21 16:51 - 15196248 _____ () C:\Users\sims only\Downloads\RogueKiller.exe
2014-11-21 13:07 - 2014-11-21 13:07 - 00002210 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-11-21 12:37 - 2014-11-21 12:37 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(7).exe
2014-11-21 11:55 - 2014-11-21 11:56 - 00000000 __SHD () C:\Program Files (x86)\FruidiadOepharbox
2014-11-21 11:40 - 2014-11-21 15:49 - 00000000 ____D () C:\ProgramData\WinZip
2014-11-21 10:03 - 2014-11-21 10:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-20 15:58 - 2014-11-20 15:58 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
2014-11-20 13:31 - 2014-11-20 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis.exe
2014-11-19 19:20 - 2014-11-19 19:20 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\DJS Sims
2014-11-19 11:11 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:11 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:11 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 11:10 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 12:05 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 12:05 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:05 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 12:05 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:05 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:05 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:04 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:04 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:04 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:04 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 12:04 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:04 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:04 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 12:04 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:04 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:04 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:04 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:04 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:04 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:04 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:04 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:04 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:04 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 12:04 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:04 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 12:04 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 12:04 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:04 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 12:04 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 12:04 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 12:04 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 12:04 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:03 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 12:03 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 12:03 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:03 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:03 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:03 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 12:03 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-08 13:16 - 2014-11-08 13:16 - 00000000 _____ () C:\dummy.wav
2014-11-04 17:01 - 2014-11-04 17:01 - 00021324 _____ () C:\Users\Noah\Documents\Dpss2.odt
2014-11-01 12:02 - 2014-11-01 12:02 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(6).exe
2014-11-01 08:10 - 2014-11-02 08:30 - 00000000 ____D () C:\Users\TEMP.home-PC
2014-10-29 11:58 - 2014-10-29 11:58 - 07764691 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1469958_springbunny_lolita_blouses_longsleeves.rar
2014-10-29 11:58 - 2014-10-29 11:58 - 00903027 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1442004_springbunny_lolita_skirt.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00316239 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111591_LadyFrontbum_Cheeky_v2.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00300605 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111590_LadyFrontbum_Cheeky_v1.rar
2014-10-29 11:56 - 2014-10-29 11:56 - 00739389 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1112855_LadyFrontbum_Swoop.rar
2014-10-29 11:54 - 2014-10-29 11:54 - 00012383 _____ () C:\Users\sims only\Downloads\MTS_Papercat_967520_Papercatcatliner.rar
2014-10-29 11:52 - 2014-10-29 11:53 - 03616846 _____ () C:\Users\sims only\Downloads\MTS_imey1997_1449052_PerfectPigtailsPF.rar
2014-10-29 11:48 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\sims only\Desktop\sims stuff
2014-10-29 11:45 - 2014-10-29 11:45 - 00188321 _____ () C:\Users\sims only\Downloads\MTS_Sakura4_1319330_Sims3PackFileGenerateToolv1.4.1.36.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 13:32 - 2011-01-26 13:25 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001UA.job
2014-11-25 13:31 - 2011-01-26 13:25 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001Core.job
2014-11-25 12:51 - 2013-03-02 18:18 - 00000000 ____D () C:\ProgramData\Strongvault Online Backup
2014-11-25 12:49 - 2012-04-03 17:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 12:49 - 2012-04-03 17:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 12:49 - 2012-04-03 17:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-25 12:49 - 2011-07-18 12:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 12:17 - 2013-09-30 07:54 - 01518215 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 12:03 - 2014-10-18 09:45 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForsims only.job
2014-11-25 10:33 - 2011-01-26 13:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 14:03 - 2013-09-29 15:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-24 13:35 - 2011-12-23 22:14 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F7EFA6C6-6AB5-447A-918D-D71C8F6A218E}
2014-11-24 09:50 - 2009-11-23 15:41 - 00000000 ____D () C:\ProgramData\Temp
2014-11-24 09:32 - 2014-05-02 11:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 18:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 18:58 - 2009-11-23 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-23 13:43 - 2011-03-02 09:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-23 13:16 - 2014-04-15 13:00 - 00000000 ____D () C:\Users\sims only\Desktop\New folder (2)
2014-11-23 12:07 - 2014-08-20 18:00 - 00000000 ____D () C:\Users\sims only\AppData\Local\Adobe
2014-11-23 12:07 - 2013-05-31 07:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-23 10:56 - 2012-07-03 15:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1990C256-0994-4952-831B-22E45AEA3D91}
2014-11-23 06:41 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Roaming\Spotify
2014-11-23 06:37 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Local\Spotify
2014-11-23 06:36 - 2014-05-28 16:13 - 00000000 ___RD () C:\Users\Noah\Google Drive
2014-11-22 16:08 - 2013-01-07 14:03 - 00000000 ___DC () C:\Users\sims only\Documents\Electronic Arts
2014-11-22 16:02 - 2013-04-04 14:35 - 00000000 ___HD () C:\Users\sims only\Documents\backup
2014-11-22 16:01 - 2012-09-27 15:03 - 00121856 ___SH () C:\Users\sims only\Documents\Thumbs.db
2014-11-22 15:11 - 2011-01-27 09:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Updater
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Detective
2014-11-22 14:50 - 2013-02-16 20:57 - 00000000 ____D () C:\Users\mom\Documents\RCA easyRip
2014-11-22 14:47 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-22 14:41 - 2014-09-22 10:42 - 00000000 ____D () C:\Users\sims only\AppData\Local\LogMeIn Hamachi
2014-11-22 10:37 - 2013-05-29 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piranha Games
2014-11-22 10:37 - 2012-03-03 19:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 10:36 - 2014-05-02 11:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-22 10:36 - 2014-01-02 21:07 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-21 20:36 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\addins
2014-11-21 18:00 - 2011-02-09 15:20 - 00000482 _____ () C:\Windows\Tasks\OptimalPC.job
2014-11-21 15:57 - 2014-07-26 13:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 12:26 - 2011-02-12 16:53 - 00000000 ____D () C:\Users\mom
2014-11-21 12:26 - 2011-01-29 07:02 - 00000000 ____D () C:\Users\Noah
2014-11-21 12:26 - 2011-01-26 20:18 - 00000000 ____D () C:\Users\Brian
2014-11-21 12:26 - 2011-01-26 17:23 - 00000000 ____D () C:\Users\Nathalie
2014-11-21 12:26 - 2011-01-26 13:16 - 00000000 ____D () C:\Users\myriam
2014-11-21 12:04 - 2011-01-26 14:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-21 12:04 - 2009-11-23 15:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-20 17:58 - 2011-02-11 14:47 - 00003182 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBrian
2014-11-20 17:58 - 2011-02-11 14:47 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForBrian.job
2014-11-19 10:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-16 13:48 - 2011-01-26 13:50 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 13:48 - 2011-01-26 13:50 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 13:48 - 2011-01-26 13:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 12:54 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-16 08:42 - 2014-09-20 15:37 - 00000000 ____D () C:\Users\Noah\AppData\Local\LogMeIn Hamachi
2014-11-16 07:59 - 2011-01-26 14:03 - 00000448 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-11-15 17:17 - 2009-07-13 20:45 - 02292160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 17:15 - 2014-05-07 02:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-15 12:03 - 2014-10-18 09:45 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForsims only
2014-11-15 12:02 - 2011-11-12 15:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-15 12:02 - 2011-02-11 14:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-14 09:20 - 2014-09-21 11:19 - 00000000 ____D () C:\Users\Brian\AppData\Local\LogMeIn Hamachi
2014-11-13 03:26 - 2011-06-01 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:20 - 2013-08-15 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:05 - 2011-01-27 08:56 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 13:07 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-06 12:03 - 2014-05-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-05 18:17 - 2011-07-04 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-04 14:30 - 2011-01-26 13:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 11:08 - 2009-07-13 21:13 - 00878250 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 10:55 - 2014-05-30 08:39 - 00019279 _____ () C:\Users\sims only\Documents\GROCERY LIST.ods
2014-11-01 12:04 - 2014-08-24 17:27 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-01 12:03 - 2011-01-26 14:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 12:39 - 2014-07-26 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-31 12:39 - 2013-01-21 13:33 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-31 12:39 - 2012-02-09 14:16 - 00000000 ____D () C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-10-31 06:42 - 2012-07-03 15:16 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Adobe
2014-10-30 05:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-29 11:01 - 2013-10-09 12:36 - 00000000 ____D () C:\Users\sims only\Documents\New folder
2014-10-26 14:28 - 2011-07-04 18:39 - 00000000 ____D () C:\ProgramData\Origin
Files to move or delete:
====================
C:\Users\Nathalie\PenTablet_5.2.4-6.exe
C:\Users\Nathalie\zynga_6362.exe
C:\Users\Noah\jagex_cl_runescape_LIVE.dat
C:\Users\Noah\random.dat
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\ars0xeqw.dll
C:\Users\Brian\AppData\Local\Temp\ce6-yz4m.dll
C:\Users\Brian\AppData\Local\Temp\chhkyp5m.dll
C:\Users\Brian\AppData\Local\Temp\ibcveaib.dll
C:\Users\Brian\AppData\Local\Temp\lpuninstall.exe
C:\Users\Brian\AppData\Local\Temp\m78druqf.dll
C:\Users\Brian\AppData\Local\Temp\p9z9uzc3.dll
C:\Users\Brian\AppData\Local\Temp\qtnz05-p.dll
C:\Users\Brian\AppData\Local\Temp\v-qstvaf.dll
C:\Users\mom\AppData\Local\Temp\BRSVC_37382831_hlp.exe
C:\Users\mom\AppData\Local\Temp\HssInstaller.exe
C:\Users\mom\AppData\Local\Temp\lpuninstall.exe
C:\Users\mom\AppData\Local\Temp\SIntf16.dll
C:\Users\mom\AppData\Local\Temp\SIntf32.dll
C:\Users\mom\AppData\Local\Temp\SIntfNT.dll
C:\Users\mom\AppData\Local\Temp\tbinst.exe
C:\Users\Nathalie\AppData\Local\Temp\lpuninstall.exe
C:\Users\Nathalie\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Noah\AppData\Local\Temp\lpuninstall.exe
C:\Users\Noah\AppData\Local\Temp\SIntf16.dll
C:\Users\Noah\AppData\Local\Temp\SIntf32.dll
C:\Users\Noah\AppData\Local\Temp\SIntfNT.dll
C:\Users\sims only\AppData\Local\Temp\Quarantine.exe
C:\Users\sims only\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 07:53
==================== End Of Log ============================
#24
Posted 26 November 2014 - 07:06 AM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. 
fixlist.txt 28.94KB
281 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
Step#2 - Uninstalls
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.
fTalk
Frostwire Toolbar (Let me know if this one uninstalls this time)
Step#3- Rootkit Scan
1. Download aswMBR to your desktop.
2. Right-click on aswMBR.exe and select Run as administrator to run it.
3. If you get a question about Virtualization Technology, answer Yes.
4. If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
5. Click the "Scan" button to start scan.
6. On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Step#4 - Malwarebytes Scan
- Download Malwarebytes to your desktop from here.
- Right-click on the file that is downloaded to your desktop and select Run as administrator.
- Select the appropriate language and click OK.
- Click Next.
- Select "I accept the agreement" and click Next.
- Click Next
- Change the install path if desired. Normally you will keep this as is. Click Next.
- Click Next again.
- Click Next again.
- Click Install.
- Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
- Click Finish
- If an update is found you will be prompted to download and install. Go ahead.
- Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
- Click the Scan button at the top of the form and then click Scan Now.
- If anything is detected, there will be an Apply Actions button. Please click this.
- Once the scan completes click the View detailed log link.
- Then click the Copy to clipboard button and paste into your next post.
Items for your next post
1. FRST Fix log
2. AswMBR log
3. Malwarebytes log
#25
Posted 26 November 2014 - 12:14 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Myriam (administrator) on HOME-PC on 26-11-2014 10:10:15
Running from C:\Users\Myriam.home-PC.000\Desktop\FRST-OlderVersion
Loaded Profiles: Brian & Myriam (Available profiles: Noah & Brian & nightmare feast & Myriam & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Speedbit Ltd.) C:\Program Files (x86)\DAP\dapxrpt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-22] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify Web Helper] => C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [InstallIQUpdater] => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Easy Dock] => C:\Users\Nathalie\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify] => C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Easy Dock] => C:\Users\Brian\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [GoogleChromeAutoLaunch_3E5B50BD5627217D97848B0D8CBA68C2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {ccee5e71-c96b-11e3-8b6a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
AppInit_DLLs-x32: => "" File Not Found
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
Startup: C:\Users\myriam.home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (No File)
Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1006\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1012\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1005] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1012] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1012] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1078] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1078] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20B13CD7CB73CF01
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKLM-x32 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> DefaultScope {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...32-F5387A104933
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2144401C-9958-4B1F-B1C1-7F1E4498F860} URL = http://search.yahoo....=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2780EBEE-10BC-408d-94F7-0AA90B056FE8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {E9CE0F89-9D8F-46D5-AE20-D94C93DE6976} URL = http://searchya.com/...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {82F58046-0F99-4D37-BAC0-9BE126EB66B6} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {4A1B17F1-16A3-4CF6-8BF6-A39CD79E49A1} URL = http://search.condui...3221141119&UM=2
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Frostwire Toolbar - {46575637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FWV7\Passport.dll" No File
Toolbar: HKLM-x32 - No Name - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/...O1.cab60096.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab
DPF: HKLM-x32 {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
ShellExecuteHooks-x32: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll [126976 2003-08-02] ()
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @tools.google.com/Google Update;version=8 -> C:\Users\myriam\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1003: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1005: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\sims only\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1078: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: ArcadeWeb - C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2014-11-25]
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-03]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DAP\daplinkchecker
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-03]
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-25]
CHR Extension: (Google Docs) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-25]
CHR Extension: (Google Drive) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-25]
CHR Extension: (YouTube) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-25]
CHR Extension: (DAP Link Checker) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2014-11-25]
CHR Extension: (Google Search) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-25]
CHR Extension: (Google Sheets) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-25]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-11-25]
CHR Extension: (Google Wallet) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-25]
CHR Extension: (Gmail) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-25]
CHR HKLM-x32\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Program Files (x86)\DAP\daplinkchecker.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\mom\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-03]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\mom\AppData\Local\Temp\ccex.crx [2012-03-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5203824 2010-11-11] (appsmaker)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-22] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-05-21] (Macrovision Europe Ltd.) [File not signed]
R2 FruidiadOepharbox; C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe [4377560 2014-11-03] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-05] (Electronic Arts)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2078576 2010-11-11] (appsmaker)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-10-03] (Wacom Technology, Corp.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-09-01] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-22] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-22] ()
S3 dfg; C:\Windows\SysWOW64\DRIVERS\dfg.sys [23552 2008-12-10] (defrag Development Team) [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 poqdoehy; C:\Windows\SysWOW64\drivers\fubilq.sys [61440 2011-11-27] () [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S0 tiwdxqvx; C:\Windows\SysWOW64\drivers\livkaoag.sys [61440 2011-03-02] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-21] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 cpuz134; \??\C:\Users\SIMSON~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 10:08 - 2014-11-26 10:10 - 00000000 ____D () C:\Users\Myriam.home-PC.000\Desktop\FRST-OlderVersion
2014-11-26 10:08 - 2014-11-26 10:08 - 02117632 _____ (Farbar) C:\Users\Myriam.home-PC.000\Desktop\FRST64.exe
2014-11-26 10:07 - 2014-11-26 10:07 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Desktop\fixlist (1).txt
2014-11-26 10:06 - 2014-11-26 10:06 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Downloads\fixlist (1).txt
2014-11-26 10:04 - 2014-11-26 10:04 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Downloads\fixlist.txt
2014-11-25 13:36 - 2014-11-25 13:36 - 00108857 _____ () C:\Users\Myriam.home-PC.000\Desktop\FRST.txt
2014-11-25 13:36 - 2014-11-25 13:36 - 00064116 _____ () C:\Users\Myriam.home-PC.000\Desktop\Addition.txt
2014-11-25 13:33 - 2014-11-25 13:33 - 00064116 _____ () C:\Users\Myriam.home-PC.000\Downloads\Addition.txt
2014-11-25 13:31 - 2014-11-25 13:33 - 00108857 _____ () C:\Users\Myriam.home-PC.000\Downloads\FRST.txt
2014-11-25 13:31 - 2014-11-25 13:31 - 02118144 _____ (Farbar) C:\Users\Myriam.home-PC.000\Downloads\FRST64.exe
2014-11-25 13:25 - 2014-11-25 13:25 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner (1).exe
2014-11-25 13:24 - 2014-11-25 13:24 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner.exe
2014-11-25 13:22 - 2014-11-25 13:22 - 00002084 _____ () C:\Users\Myriam.home-PC.000\Desktop\JRT.txt
2014-11-25 12:41 - 2014-11-25 12:41 - 00000000 ____D () C:\Windows\ERUNT
2014-11-25 12:40 - 2014-11-25 12:40 - 01707532 _____ (Thisisu) C:\Users\Myriam.home-PC.000\Downloads\JRT.exe
2014-11-25 12:36 - 2014-11-25 12:36 - 00088824 _____ () C:\Users\Myriam.home-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-25 10:35 - 2014-11-25 10:38 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Hewlett-Packard
2014-11-25 10:35 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\AVAST Software
2014-11-25 10:34 - 2014-11-25 10:36 - 00002217 _____ () C:\Users\Myriam.home-PC.000\Desktop\Google Chrome.lnk
2014-11-25 10:34 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Hewlett-Packard
2014-11-25 10:34 - 2014-11-25 10:34 - 00001375 _____ () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Adobe
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\VirtualStore
2014-11-25 10:33 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA Corporation
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Google
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000
2014-11-25 10:33 - 2014-11-25 10:33 - 00000020 ___SH () C:\Users\Myriam.home-PC.000\ntuser.ini
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\WTablet
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA
2014-11-25 10:33 - 2012-04-07 08:44 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla
2014-11-25 10:33 - 2011-06-03 02:02 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Microsoft Help
2014-11-25 10:33 - 2011-02-01 09:30 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Macromedia
2014-11-25 10:33 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-25 10:33 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-24 15:12 - 2014-11-24 15:13 - 00759488 _____ ( ) C:\Users\Brian\Desktop\adobe_flash_setup.exe.dap
2014-11-24 14:02 - 2014-11-24 14:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-24 14:01 - 2014-11-24 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-24 13:56 - 2014-11-24 13:56 - 00638888 _____ (Oracle Corporation) C:\Users\Brian\Desktop\javadl.sun.com
2014-11-24 09:53 - 2014-11-24 09:53 - 00050705 _____ () C:\Users\Brian\Desktop\Addition.txt
2014-11-24 09:51 - 2014-11-24 10:03 - 00060377 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-11-24 09:50 - 2014-11-24 09:50 - 02118144 _____ (Farbar) C:\Users\Brian\Desktop\FRST64_1.exe
2014-11-24 09:45 - 2014-11-26 10:10 - 00000000 ____D () C:\FRST
2014-11-23 17:09 - 2014-11-23 17:09 - 00000000 ____D () C:\Users\mom\AppData\Local\NVIDIA
2014-11-23 14:33 - 2014-11-23 14:33 - 04745544 _____ (Google) C:\Users\sims only\Downloads\314.22-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-11-23 13:34 - 2014-11-23 13:34 - 02291025 _____ () C:\Users\sims only\Downloads\CCMagic_2920_Setup.zip
2014-11-23 12:09 - 2014-11-23 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 12:07 - 2014-11-23 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-23 11:57 - 2014-11-23 11:57 - 00001912 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-11-23 11:57 - 2014-11-22 10:36 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1 (1).exe
2014-11-23 11:03 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-23 11:02 - 2014-11-23 11:03 - 36480824 _____ () C:\Users\sims only\Downloads\Firefox_Setup_33.1.1.exe
2014-11-22 19:00 - 2014-11-23 14:35 - 00000000 ____D () C:\Users\sims only\Desktop\stuff to convert
2014-11-22 17:22 - 2014-11-23 15:39 - 00000000 ____D () C:\Users\sims only\AppData\Local\CrashDumps
2014-11-22 16:39 - 2014-11-22 19:27 - 00000000 ____D () C:\Users\sims only\Desktop\converted files
2014-11-22 16:07 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\CC Magic
2014-11-22 16:07 - 2014-11-22 16:07 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CC Magic
2014-11-22 15:31 - 2014-11-22 15:31 - 02068215 _____ () C:\Users\sims only\Downloads\MTS_granthes_1308731_CCMagic_2942_Setup.zip
2014-11-22 15:16 - 2014-11-22 15:16 - 00157098 _____ () C:\Users\sims only\AppData\Local\ars.cache
2014-11-22 15:16 - 2014-11-22 15:16 - 00084165 _____ () C:\Users\sims only\AppData\Local\census.cache
2014-11-22 15:12 - 2014-11-22 15:12 - 00000010 _____ () C:\Users\sims only\AppData\Local\sponge.last.runtime.cache
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:10 - 2014-11-22 15:10 - 01745624 _____ () C:\Users\sims only\Downloads\wrar511.exe
2014-11-22 15:05 - 2014-11-22 15:08 - 00000000 ____D () C:\Users\sims only\Downloads\TMRBLog
2014-11-22 15:05 - 2014-11-22 15:05 - 00000000 ____D () C:\Users\sims only\Downloads\log
2014-11-22 15:04 - 2014-11-22 15:04 - 00000036 _____ () C:\Users\sims only\AppData\Local\housecall.guid.cache
2014-11-22 15:03 - 2014-11-22 15:04 - 02064880 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HousecallLauncher.exe
2014-11-22 15:03 - 2014-11-22 15:03 - 14861360 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\RootkitBusterV5.0-1180x64.exe
2014-11-22 15:02 - 2014-11-22 15:02 - 00296536 _____ () C:\Users\sims only\Downloads\HousecallLauncher64.exe
2014-11-22 14:52 - 2014-11-22 14:52 - 00000000 _____ () C:\Users\sims only\AppData\Roaming\Light Machine
2014-11-22 14:27 - 2014-11-22 14:27 - 00000247 _____ () C:\Windows\system32\2014-11-22-22-27-27.058-aswFe.exe-6600.log
2014-11-22 14:27 - 2014-11-22 14:27 - 00000197 _____ () C:\Windows\system32\2014-11-22-22-27-11.075-AvastVBoxSVC.exe-164.log
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-22 13:49 - 2014-11-23 19:00 - 00001288 _____ () C:\Windows\setupact.log
2014-11-22 13:49 - 2014-11-23 18:56 - 00927942 _____ () C:\Windows\PFRO.log
2014-11-22 13:49 - 2014-11-22 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-22 10:38 - 2014-11-22 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-22 10:36 - 2014-11-22 10:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-22 10:36 - 2014-11-22 10:35 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-22 10:27 - 2014-11-22 10:27 - 00000000 __SHD () C:\Users\sims only\AppData\Local\EmieBrowserModeList
2014-11-21 20:42 - 2014-11-21 20:42 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(8).exe
2014-11-21 20:40 - 2014-11-25 14:20 - 00000000 ____D () C:\AdwCleaner
2014-11-21 20:40 - 2014-11-21 20:40 - 02140160 _____ () C:\Users\sims only\Downloads\AdwCleaner.exe
2014-11-21 20:36 - 2014-11-21 20:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\phch.sys
2014-11-21 16:52 - 2014-11-21 16:52 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-21 16:51 - 2014-11-21 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis(1).exe
2014-11-21 16:51 - 2014-11-21 16:51 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-21 16:50 - 2014-11-21 16:51 - 15196248 _____ () C:\Users\sims only\Downloads\RogueKiller.exe
2014-11-21 13:07 - 2014-11-21 13:07 - 00002210 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-11-21 12:37 - 2014-11-21 12:37 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(7).exe
2014-11-21 11:55 - 2014-11-21 11:56 - 00000000 __SHD () C:\Program Files (x86)\FruidiadOepharbox
2014-11-21 11:40 - 2014-11-21 15:49 - 00000000 ____D () C:\ProgramData\WinZip
2014-11-21 10:03 - 2014-11-21 10:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-20 15:58 - 2014-11-20 15:58 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
2014-11-20 13:31 - 2014-11-20 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis.exe
2014-11-19 19:20 - 2014-11-19 19:20 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\DJS Sims
2014-11-19 11:11 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:11 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:11 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 11:10 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 12:05 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 12:05 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:05 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 12:05 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:05 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:05 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:04 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:04 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:04 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:04 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 12:04 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:04 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:04 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 12:04 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:04 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:04 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:04 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:04 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:04 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:04 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:04 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:04 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:04 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 12:04 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:04 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 12:04 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 12:04 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:04 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 12:04 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 12:04 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 12:04 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 12:04 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:03 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 12:03 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 12:03 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:03 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:03 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:03 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 12:03 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-08 13:16 - 2014-11-08 13:16 - 00000000 _____ () C:\dummy.wav
2014-11-04 17:01 - 2014-11-04 17:01 - 00021324 _____ () C:\Users\Noah\Documents\Dpss2.odt
2014-11-01 12:02 - 2014-11-01 12:02 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(6).exe
2014-11-01 08:10 - 2014-11-02 08:30 - 00000000 ____D () C:\Users\TEMP.home-PC
2014-10-29 11:58 - 2014-10-29 11:58 - 07764691 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1469958_springbunny_lolita_blouses_longsleeves.rar
2014-10-29 11:58 - 2014-10-29 11:58 - 00903027 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1442004_springbunny_lolita_skirt.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00316239 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111591_LadyFrontbum_Cheeky_v2.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00300605 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111590_LadyFrontbum_Cheeky_v1.rar
2014-10-29 11:56 - 2014-10-29 11:56 - 00739389 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1112855_LadyFrontbum_Swoop.rar
2014-10-29 11:54 - 2014-10-29 11:54 - 00012383 _____ () C:\Users\sims only\Downloads\MTS_Papercat_967520_Papercatcatliner.rar
2014-10-29 11:52 - 2014-10-29 11:53 - 03616846 _____ () C:\Users\sims only\Downloads\MTS_imey1997_1449052_PerfectPigtailsPF.rar
2014-10-29 11:48 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\sims only\Desktop\sims stuff
2014-10-29 11:45 - 2014-10-29 11:45 - 00188321 _____ () C:\Users\sims only\Downloads\MTS_Sakura4_1319330_Sims3PackFileGenerateToolv1.4.1.36.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 10:03 - 2013-09-30 07:54 - 01535523 _____ () C:\Windows\WindowsUpdate.log
2014-11-26 10:03 - 2012-04-03 17:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-26 10:03 - 2011-01-26 13:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 10:03 - 2011-01-26 13:25 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001UA.job
2014-11-26 07:31 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Roaming\Spotify
2014-11-26 07:29 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Local\Spotify
2014-11-26 07:27 - 2014-05-28 16:13 - 00000000 ___RD () C:\Users\Noah\Google Drive
2014-11-26 07:27 - 2014-05-02 11:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-26 07:27 - 2011-03-02 09:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-26 07:26 - 2014-10-18 09:45 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForsims only.job
2014-11-26 07:26 - 2009-11-23 15:41 - 00000000 ____D () C:\ProgramData\Temp
2014-11-25 13:49 - 2012-04-03 17:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 13:49 - 2012-04-03 17:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 13:49 - 2011-07-18 12:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 13:31 - 2011-01-26 13:25 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001Core.job
2014-11-25 12:51 - 2013-03-02 18:18 - 00000000 ____D () C:\ProgramData\Strongvault Online Backup
2014-11-24 14:03 - 2013-09-29 15:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-24 13:35 - 2011-12-23 22:14 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F7EFA6C6-6AB5-447A-918D-D71C8F6A218E}
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 18:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 18:58 - 2009-11-23 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-23 13:16 - 2014-04-15 13:00 - 00000000 ____D () C:\Users\sims only\Desktop\New folder (2)
2014-11-23 12:07 - 2014-08-20 18:00 - 00000000 ____D () C:\Users\sims only\AppData\Local\Adobe
2014-11-23 12:07 - 2013-05-31 07:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-23 10:56 - 2012-07-03 15:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1990C256-0994-4952-831B-22E45AEA3D91}
2014-11-22 16:08 - 2013-01-07 14:03 - 00000000 ___DC () C:\Users\sims only\Documents\Electronic Arts
2014-11-22 16:02 - 2013-04-04 14:35 - 00000000 ___HD () C:\Users\sims only\Documents\backup
2014-11-22 16:01 - 2012-09-27 15:03 - 00121856 ___SH () C:\Users\sims only\Documents\Thumbs.db
2014-11-22 15:11 - 2011-01-27 09:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Updater
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Detective
2014-11-22 14:50 - 2013-02-16 20:57 - 00000000 ____D () C:\Users\mom\Documents\RCA easyRip
2014-11-22 14:47 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-22 14:41 - 2014-09-22 10:42 - 00000000 ____D () C:\Users\sims only\AppData\Local\LogMeIn Hamachi
2014-11-22 10:37 - 2013-05-29 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piranha Games
2014-11-22 10:37 - 2012-03-03 19:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 10:36 - 2014-05-02 11:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-22 10:36 - 2014-01-02 21:07 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-21 20:36 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\addins
2014-11-21 18:00 - 2011-02-09 15:20 - 00000482 _____ () C:\Windows\Tasks\OptimalPC.job
2014-11-21 15:57 - 2014-07-26 13:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 12:26 - 2011-02-12 16:53 - 00000000 ____D () C:\Users\mom
2014-11-21 12:26 - 2011-01-29 07:02 - 00000000 ____D () C:\Users\Noah
2014-11-21 12:26 - 2011-01-26 20:18 - 00000000 ____D () C:\Users\Brian
2014-11-21 12:26 - 2011-01-26 17:23 - 00000000 ____D () C:\Users\Nathalie
2014-11-21 12:26 - 2011-01-26 13:16 - 00000000 ____D () C:\Users\myriam
2014-11-21 12:04 - 2011-01-26 14:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-21 12:04 - 2009-11-23 15:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-20 17:58 - 2011-02-11 14:47 - 00003182 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBrian
2014-11-20 17:58 - 2011-02-11 14:47 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForBrian.job
2014-11-19 10:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-16 13:48 - 2011-01-26 13:50 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 13:48 - 2011-01-26 13:50 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 13:48 - 2011-01-26 13:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 12:54 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-16 08:42 - 2014-09-20 15:37 - 00000000 ____D () C:\Users\Noah\AppData\Local\LogMeIn Hamachi
2014-11-16 07:59 - 2011-01-26 14:03 - 00000448 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-11-15 17:17 - 2009-07-13 20:45 - 02292160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 17:15 - 2014-05-07 02:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-15 12:03 - 2014-10-18 09:45 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForsims only
2014-11-15 12:02 - 2011-11-12 15:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-15 12:02 - 2011-02-11 14:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-14 09:20 - 2014-09-21 11:19 - 00000000 ____D () C:\Users\Brian\AppData\Local\LogMeIn Hamachi
2014-11-13 03:26 - 2011-06-01 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:20 - 2013-08-15 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:05 - 2011-01-27 08:56 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 13:07 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-06 12:03 - 2014-05-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-05 18:17 - 2011-07-04 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-04 14:30 - 2011-01-26 13:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 11:08 - 2009-07-13 21:13 - 00878250 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 10:55 - 2014-05-30 08:39 - 00019279 _____ () C:\Users\sims only\Documents\GROCERY LIST.ods
2014-11-01 12:04 - 2014-08-24 17:27 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-01 12:03 - 2011-01-26 14:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 12:39 - 2014-07-26 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-31 12:39 - 2013-01-21 13:33 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-31 12:39 - 2012-02-09 14:16 - 00000000 ____D () C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-10-31 06:42 - 2012-07-03 15:16 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Adobe
2014-10-30 05:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-29 11:01 - 2013-10-09 12:36 - 00000000 ____D () C:\Users\sims only\Documents\New folder
Files to move or delete:
====================
C:\Users\Nathalie\PenTablet_5.2.4-6.exe
C:\Users\Nathalie\zynga_6362.exe
C:\Users\Noah\jagex_cl_runescape_LIVE.dat
C:\Users\Noah\random.dat
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\ars0xeqw.dll
C:\Users\Brian\AppData\Local\Temp\ce6-yz4m.dll
C:\Users\Brian\AppData\Local\Temp\chhkyp5m.dll
C:\Users\Brian\AppData\Local\Temp\ibcveaib.dll
C:\Users\Brian\AppData\Local\Temp\lpuninstall.exe
C:\Users\Brian\AppData\Local\Temp\m78druqf.dll
C:\Users\Brian\AppData\Local\Temp\p9z9uzc3.dll
C:\Users\Brian\AppData\Local\Temp\qtnz05-p.dll
C:\Users\Brian\AppData\Local\Temp\v-qstvaf.dll
C:\Users\mom\AppData\Local\Temp\BRSVC_37382831_hlp.exe
C:\Users\mom\AppData\Local\Temp\HssInstaller.exe
C:\Users\mom\AppData\Local\Temp\lpuninstall.exe
C:\Users\mom\AppData\Local\Temp\SIntf16.dll
C:\Users\mom\AppData\Local\Temp\SIntf32.dll
C:\Users\mom\AppData\Local\Temp\SIntfNT.dll
C:\Users\mom\AppData\Local\Temp\tbinst.exe
C:\Users\Nathalie\AppData\Local\Temp\lpuninstall.exe
C:\Users\Nathalie\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Noah\AppData\Local\Temp\lpuninstall.exe
C:\Users\Noah\AppData\Local\Temp\SIntf16.dll
C:\Users\Noah\AppData\Local\Temp\SIntf32.dll
C:\Users\Noah\AppData\Local\Temp\SIntfNT.dll
C:\Users\sims only\AppData\Local\Temp\Quarantine.exe
C:\Users\sims only\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 07:53
==================== End Of Log ============================
#26
Posted 26 November 2014 - 12:17 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Myriam (administrator) on HOME-PC on 26-11-2014 10:15:17
Running from C:\Users\Myriam.home-PC.000\Desktop
Loaded Profiles: Brian & Myriam (Available profiles: Noah & Brian & nightmare feast & Myriam & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Speedbit Ltd.) C:\Program Files (x86)\DAP\dapxrpt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-22] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify Web Helper] => C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [InstallIQUpdater] => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Easy Dock] => C:\Users\Nathalie\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Spotify] => C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Easy Dock] => C:\Users\Brian\Documents\RCA easyRip\EZDock.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [GoogleChromeAutoLaunch_3E5B50BD5627217D97848B0D8CBA68C2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-03] (Speedbit Ltd.)
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {ccee5e71-c96b-11e3-8b6a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
AppInit_DLLs-x32: => "" File Not Found
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
Startup: C:\Users\myriam.home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (No File)
Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1006\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1012\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1005] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1012] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1012] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1078] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1078] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://hp-desktop.us.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704334B35427CE01
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20B13CD7CB73CF01
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3091677303-449996058-2394412518-1078\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKLM-x32 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> DefaultScope {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {07A3A2FB-3BFC-4A7C-9359-14EFC4234521} URL = http://www.google.co...&rlz=1I7GZAZ_en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...32-F5387A104933
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2144401C-9958-4B1F-B1C1-7F1E4498F860} URL = http://search.yahoo....=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2780EBEE-10BC-408d-94F7-0AA90B056FE8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {E9CE0F89-9D8F-46D5-AE20-D94C93DE6976} URL = http://searchya.com/...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {82F58046-0F99-4D37-BAC0-9BE126EB66B6} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F81C1852-73D4-469E-BA5F-729F57E42FB7}&mid=5814c2a8274d47d18bdf41affc415bdf-58f1bd7e76fc1c7a418b227210f8878bd60d3578&lang=en&ds=AVG&pr=fr&d=2011-10-07 15:52:50&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {4A1B17F1-16A3-4CF6-8BF6-A39CD79E49A1} URL = http://search.condui...3221141119&UM=2
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Frostwire Toolbar - {46575637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FWV7\Passport.dll" No File
Toolbar: HKLM-x32 - No Name - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/...O1.cab60096.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab
DPF: HKLM-x32 {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
ShellExecuteHooks-x32: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll [126976 2003-08-02] ()
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1001: @tools.google.com/Google Update;version=8 -> C:\Users\myriam\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1003: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1005: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\sims only\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1012: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1078: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: ArcadeWeb - C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2014-11-25]
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-03]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DAP\daplinkchecker
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-03]
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-25]
CHR Extension: (Google Docs) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-25]
CHR Extension: (Google Drive) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-25]
CHR Extension: (YouTube) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-25]
CHR Extension: (DAP Link Checker) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2014-11-25]
CHR Extension: (Google Search) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-25]
CHR Extension: (Google Sheets) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-25]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-11-25]
CHR Extension: (Google Wallet) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-25]
CHR Extension: (Gmail) - C:\Users\Myriam.home-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-25]
CHR HKLM-x32\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Program Files (x86)\DAP\daplinkchecker.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\mom\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-03]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\mom\AppData\Local\Temp\ccex.crx [2012-03-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5203824 2010-11-11] (appsmaker)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-22] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-05-21] (Macrovision Europe Ltd.) [File not signed]
R2 FruidiadOepharbox; C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe [4377560 2014-11-03] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-05] (Electronic Arts)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2078576 2010-11-11] (appsmaker)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-10-03] (Wacom Technology, Corp.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-09-01] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-22] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-22] ()
S3 dfg; C:\Windows\SysWOW64\DRIVERS\dfg.sys [23552 2008-12-10] (defrag Development Team) [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 poqdoehy; C:\Windows\SysWOW64\drivers\fubilq.sys [61440 2011-11-27] () [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S0 tiwdxqvx; C:\Windows\SysWOW64\drivers\livkaoag.sys [61440 2011-03-02] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-21] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 cpuz134; \??\C:\Users\SIMSON~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 10:08 - 2014-11-26 10:11 - 00000000 ____D () C:\Users\Myriam.home-PC.000\Desktop\FRST-OlderVersion
2014-11-26 10:08 - 2014-11-26 10:08 - 02117632 _____ (Farbar) C:\Users\Myriam.home-PC.000\Desktop\FRST64.exe
2014-11-26 10:07 - 2014-11-26 10:07 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Desktop\fixlist (1).txt
2014-11-26 10:06 - 2014-11-26 10:06 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Downloads\fixlist (1).txt
2014-11-26 10:04 - 2014-11-26 10:04 - 00029638 _____ () C:\Users\Myriam.home-PC.000\Downloads\fixlist.txt
2014-11-25 13:36 - 2014-11-26 10:15 - 00062026 _____ () C:\Users\Myriam.home-PC.000\Desktop\FRST.txt
2014-11-25 13:36 - 2014-11-25 13:36 - 00064116 _____ () C:\Users\Myriam.home-PC.000\Desktop\Addition.txt
2014-11-25 13:33 - 2014-11-25 13:33 - 00064116 _____ () C:\Users\Myriam.home-PC.000\Downloads\Addition.txt
2014-11-25 13:31 - 2014-11-25 13:33 - 00108857 _____ () C:\Users\Myriam.home-PC.000\Downloads\FRST.txt
2014-11-25 13:31 - 2014-11-25 13:31 - 02118144 _____ (Farbar) C:\Users\Myriam.home-PC.000\Downloads\FRST64.exe
2014-11-25 13:25 - 2014-11-25 13:25 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner (1).exe
2014-11-25 13:24 - 2014-11-25 13:24 - 02148864 _____ () C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner.exe
2014-11-25 13:22 - 2014-11-25 13:22 - 00002084 _____ () C:\Users\Myriam.home-PC.000\Desktop\JRT.txt
2014-11-25 12:41 - 2014-11-25 12:41 - 00000000 ____D () C:\Windows\ERUNT
2014-11-25 12:40 - 2014-11-25 12:40 - 01707532 _____ (Thisisu) C:\Users\Myriam.home-PC.000\Downloads\JRT.exe
2014-11-25 12:36 - 2014-11-25 12:36 - 00088824 _____ () C:\Users\Myriam.home-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-25 10:35 - 2014-11-25 10:38 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Hewlett-Packard
2014-11-25 10:35 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\AVAST Software
2014-11-25 10:34 - 2014-11-25 10:36 - 00002217 _____ () C:\Users\Myriam.home-PC.000\Desktop\Google Chrome.lnk
2014-11-25 10:34 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Hewlett-Packard
2014-11-25 10:34 - 2014-11-25 10:34 - 00001375 _____ () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Adobe
2014-11-25 10:34 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\VirtualStore
2014-11-25 10:33 - 2014-11-25 10:35 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA Corporation
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Google
2014-11-25 10:33 - 2014-11-25 10:34 - 00000000 ____D () C:\Users\Myriam.home-PC.000
2014-11-25 10:33 - 2014-11-25 10:33 - 00000020 ___SH () C:\Users\Myriam.home-PC.000\ntuser.ini
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\WTablet
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\NVIDIA
2014-11-25 10:33 - 2012-04-07 08:44 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla
2014-11-25 10:33 - 2011-06-03 02:02 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Local\Microsoft Help
2014-11-25 10:33 - 2011-02-01 09:30 - 00000000 ____D () C:\Users\Myriam.home-PC.000\AppData\Roaming\Macromedia
2014-11-25 10:33 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-25 10:33 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\Myriam.home-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-24 15:12 - 2014-11-24 15:13 - 00759488 _____ ( ) C:\Users\Brian\Desktop\adobe_flash_setup.exe.dap
2014-11-24 14:02 - 2014-11-24 14:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-24 14:01 - 2014-11-24 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-24 13:56 - 2014-11-24 13:56 - 00638888 _____ (Oracle Corporation) C:\Users\Brian\Desktop\javadl.sun.com
2014-11-24 09:53 - 2014-11-24 09:53 - 00050705 _____ () C:\Users\Brian\Desktop\Addition.txt
2014-11-24 09:51 - 2014-11-24 10:03 - 00060377 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-11-24 09:50 - 2014-11-24 09:50 - 02118144 _____ (Farbar) C:\Users\Brian\Desktop\FRST64_1.exe
2014-11-24 09:45 - 2014-11-26 10:15 - 00000000 ____D () C:\FRST
2014-11-23 17:09 - 2014-11-23 17:09 - 00000000 ____D () C:\Users\mom\AppData\Local\NVIDIA
2014-11-23 14:33 - 2014-11-23 14:33 - 04745544 _____ (Google) C:\Users\sims only\Downloads\314.22-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-11-23 13:34 - 2014-11-23 13:34 - 02291025 _____ () C:\Users\sims only\Downloads\CCMagic_2920_Setup.zip
2014-11-23 12:09 - 2014-11-23 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 12:07 - 2014-11-23 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-23 11:57 - 2014-11-23 11:57 - 00001912 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-11-23 11:57 - 2014-11-22 10:36 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-23 11:39 - 2014-11-23 11:39 - 00244120 _____ () C:\Users\sims only\Downloads\Firefox Setup Stub 33.1.1 (1).exe
2014-11-23 11:03 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-23 11:02 - 2014-11-23 11:03 - 36480824 _____ () C:\Users\sims only\Downloads\Firefox_Setup_33.1.1.exe
2014-11-22 19:00 - 2014-11-23 14:35 - 00000000 ____D () C:\Users\sims only\Desktop\stuff to convert
2014-11-22 17:22 - 2014-11-23 15:39 - 00000000 ____D () C:\Users\sims only\AppData\Local\CrashDumps
2014-11-22 16:39 - 2014-11-22 19:27 - 00000000 ____D () C:\Users\sims only\Desktop\converted files
2014-11-22 16:07 - 2014-11-23 13:37 - 00000000 ____D () C:\Program Files (x86)\CC Magic
2014-11-22 16:07 - 2014-11-22 16:07 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CC Magic
2014-11-22 15:31 - 2014-11-22 15:31 - 02068215 _____ () C:\Users\sims only\Downloads\MTS_granthes_1308731_CCMagic_2942_Setup.zip
2014-11-22 15:16 - 2014-11-22 15:16 - 00157098 _____ () C:\Users\sims only\AppData\Local\ars.cache
2014-11-22 15:16 - 2014-11-22 15:16 - 00084165 _____ () C:\Users\sims only\AppData\Local\census.cache
2014-11-22 15:12 - 2014-11-22 15:12 - 00000010 _____ () C:\Users\sims only\AppData\Local\sponge.last.runtime.cache
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-22 15:10 - 2014-11-22 15:10 - 01745624 _____ () C:\Users\sims only\Downloads\wrar511.exe
2014-11-22 15:05 - 2014-11-22 15:08 - 00000000 ____D () C:\Users\sims only\Downloads\TMRBLog
2014-11-22 15:05 - 2014-11-22 15:05 - 00000000 ____D () C:\Users\sims only\Downloads\log
2014-11-22 15:04 - 2014-11-22 15:04 - 00000036 _____ () C:\Users\sims only\AppData\Local\housecall.guid.cache
2014-11-22 15:03 - 2014-11-22 15:04 - 02064880 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HousecallLauncher.exe
2014-11-22 15:03 - 2014-11-22 15:03 - 14861360 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\RootkitBusterV5.0-1180x64.exe
2014-11-22 15:02 - 2014-11-22 15:02 - 00296536 _____ () C:\Users\sims only\Downloads\HousecallLauncher64.exe
2014-11-22 14:52 - 2014-11-22 14:52 - 00000000 _____ () C:\Users\sims only\AppData\Roaming\Light Machine
2014-11-22 14:27 - 2014-11-22 14:27 - 00000247 _____ () C:\Windows\system32\2014-11-22-22-27-27.058-aswFe.exe-6600.log
2014-11-22 14:27 - 2014-11-22 14:27 - 00000197 _____ () C:\Windows\system32\2014-11-22-22-27-11.075-AvastVBoxSVC.exe-164.log
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-22 14:03 - 2014-11-22 14:05 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-22 13:49 - 2014-11-23 19:00 - 00001288 _____ () C:\Windows\setupact.log
2014-11-22 13:49 - 2014-11-23 18:56 - 00927942 _____ () C:\Windows\PFRO.log
2014-11-22 13:49 - 2014-11-22 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-22 10:38 - 2014-11-22 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-22 10:36 - 2014-11-22 10:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-22 10:36 - 2014-11-22 10:35 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-22 10:27 - 2014-11-22 10:27 - 00000000 __SHD () C:\Users\sims only\AppData\Local\EmieBrowserModeList
2014-11-21 20:42 - 2014-11-21 20:42 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(8).exe
2014-11-21 20:40 - 2014-11-25 14:20 - 00000000 ____D () C:\AdwCleaner
2014-11-21 20:40 - 2014-11-21 20:40 - 02140160 _____ () C:\Users\sims only\Downloads\AdwCleaner.exe
2014-11-21 20:36 - 2014-11-21 20:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\phch.sys
2014-11-21 16:52 - 2014-11-21 16:52 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-21 16:51 - 2014-11-21 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis(1).exe
2014-11-21 16:51 - 2014-11-21 16:51 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-21 16:50 - 2014-11-21 16:51 - 15196248 _____ () C:\Users\sims only\Downloads\RogueKiller.exe
2014-11-21 13:07 - 2014-11-21 13:07 - 00002210 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-11-21 12:37 - 2014-11-21 12:37 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(7).exe
2014-11-21 11:55 - 2014-11-21 11:56 - 00000000 __SHD () C:\Program Files (x86)\FruidiadOepharbox
2014-11-21 11:40 - 2014-11-21 15:49 - 00000000 ____D () C:\ProgramData\WinZip
2014-11-21 10:03 - 2014-11-21 10:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-20 15:58 - 2014-11-20 15:58 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
2014-11-20 13:31 - 2014-11-20 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\sims only\Downloads\HiJackThis.exe
2014-11-19 19:20 - 2014-11-19 19:20 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\DJS Sims
2014-11-19 11:11 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:11 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:11 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 11:10 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 12:05 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 12:05 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 12:05 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:05 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 12:05 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:05 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:05 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:04 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:04 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:04 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:04 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 12:04 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:04 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 12:04 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:04 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 12:04 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:04 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:04 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:04 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:04 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:04 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:04 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:04 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:04 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:04 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:04 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:04 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:04 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:04 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:04 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:04 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:04 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:04 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:04 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 12:04 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:04 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:04 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:04 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:04 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:04 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:04 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 12:04 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:04 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 12:04 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 12:04 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:04 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 12:04 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 12:04 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 12:04 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 12:04 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 12:04 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 12:04 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 12:04 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:03 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 12:03 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 12:03 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:03 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:03 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:03 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 12:03 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 12:03 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-08 13:16 - 2014-11-08 13:16 - 00000000 _____ () C:\dummy.wav
2014-11-04 17:01 - 2014-11-04 17:01 - 00021324 _____ () C:\Users\Noah\Documents\Dpss2.odt
2014-11-01 12:02 - 2014-11-01 12:02 - 00638888 _____ (Oracle Corporation) C:\Users\sims only\Downloads\jxpiinstall(6).exe
2014-11-01 08:10 - 2014-11-02 08:30 - 00000000 ____D () C:\Users\TEMP.home-PC
2014-10-29 11:58 - 2014-10-29 11:58 - 07764691 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1469958_springbunny_lolita_blouses_longsleeves.rar
2014-10-29 11:58 - 2014-10-29 11:58 - 00903027 _____ () C:\Users\sims only\Downloads\MTS_Springbunny_1442004_springbunny_lolita_skirt.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00316239 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111591_LadyFrontbum_Cheeky_v2.rar
2014-10-29 11:57 - 2014-10-29 11:57 - 00300605 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1111590_LadyFrontbum_Cheeky_v1.rar
2014-10-29 11:56 - 2014-10-29 11:56 - 00739389 _____ () C:\Users\sims only\Downloads\MTS_LadyFrontbum_1112855_LadyFrontbum_Swoop.rar
2014-10-29 11:54 - 2014-10-29 11:54 - 00012383 _____ () C:\Users\sims only\Downloads\MTS_Papercat_967520_Papercatcatliner.rar
2014-10-29 11:52 - 2014-10-29 11:53 - 03616846 _____ () C:\Users\sims only\Downloads\MTS_imey1997_1449052_PerfectPigtailsPF.rar
2014-10-29 11:48 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\sims only\Desktop\sims stuff
2014-10-29 11:45 - 2014-10-29 11:45 - 00188321 _____ () C:\Users\sims only\Downloads\MTS_Sakura4_1319330_Sims3PackFileGenerateToolv1.4.1.36.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 10:03 - 2013-09-30 07:54 - 01535523 _____ () C:\Windows\WindowsUpdate.log
2014-11-26 10:03 - 2012-04-03 17:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-26 10:03 - 2011-01-26 13:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 10:03 - 2011-01-26 13:25 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001UA.job
2014-11-26 07:31 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Roaming\Spotify
2014-11-26 07:29 - 2012-08-14 06:26 - 00000000 ____D () C:\Users\Noah\AppData\Local\Spotify
2014-11-26 07:27 - 2014-05-28 16:13 - 00000000 ___RD () C:\Users\Noah\Google Drive
2014-11-26 07:27 - 2014-05-02 11:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-26 07:27 - 2011-03-02 09:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-26 07:26 - 2014-10-18 09:45 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForsims only.job
2014-11-26 07:26 - 2009-11-23 15:41 - 00000000 ____D () C:\ProgramData\Temp
2014-11-25 13:49 - 2012-04-03 17:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 13:49 - 2012-04-03 17:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 13:49 - 2011-07-18 12:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 13:31 - 2011-01-26 13:25 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3091677303-449996058-2394412518-1001Core.job
2014-11-25 12:51 - 2013-03-02 18:18 - 00000000 ____D () C:\ProgramData\Strongvault Online Backup
2014-11-24 14:03 - 2013-09-29 15:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-24 13:35 - 2011-12-23 22:14 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F7EFA6C6-6AB5-447A-918D-D71C8F6A218E}
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:09 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 18:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 18:58 - 2009-11-23 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-23 13:16 - 2014-04-15 13:00 - 00000000 ____D () C:\Users\sims only\Desktop\New folder (2)
2014-11-23 12:07 - 2014-08-20 18:00 - 00000000 ____D () C:\Users\sims only\AppData\Local\Adobe
2014-11-23 12:07 - 2013-05-31 07:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-23 10:56 - 2012-07-03 15:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1990C256-0994-4952-831B-22E45AEA3D91}
2014-11-22 16:08 - 2013-01-07 14:03 - 00000000 ___DC () C:\Users\sims only\Documents\Electronic Arts
2014-11-22 16:02 - 2013-04-04 14:35 - 00000000 ___HD () C:\Users\sims only\Documents\backup
2014-11-22 16:01 - 2012-09-27 15:03 - 00121856 ___SH () C:\Users\sims only\Documents\Thumbs.db
2014-11-22 15:11 - 2011-01-27 09:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-22 14:52 - 2011-08-07 16:56 - 00000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Updater
2014-11-22 14:50 - 2013-02-16 20:58 - 00000000 ____D () C:\Users\mom\Documents\RCA Detective
2014-11-22 14:50 - 2013-02-16 20:57 - 00000000 ____D () C:\Users\mom\Documents\RCA easyRip
2014-11-22 14:47 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-22 14:41 - 2014-09-22 10:42 - 00000000 ____D () C:\Users\sims only\AppData\Local\LogMeIn Hamachi
2014-11-22 10:37 - 2013-05-29 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piranha Games
2014-11-22 10:37 - 2012-03-03 19:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 10:36 - 2014-05-02 11:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-22 10:36 - 2014-01-02 21:07 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-22 10:36 - 2013-03-16 08:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-22 10:36 - 2012-03-03 19:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-21 20:36 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\addins
2014-11-21 18:00 - 2011-02-09 15:20 - 00000482 _____ () C:\Windows\Tasks\OptimalPC.job
2014-11-21 15:57 - 2014-07-26 13:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 12:26 - 2011-02-12 16:53 - 00000000 ____D () C:\Users\mom
2014-11-21 12:26 - 2011-01-29 07:02 - 00000000 ____D () C:\Users\Noah
2014-11-21 12:26 - 2011-01-26 20:18 - 00000000 ____D () C:\Users\Brian
2014-11-21 12:26 - 2011-01-26 17:23 - 00000000 ____D () C:\Users\Nathalie
2014-11-21 12:26 - 2011-01-26 13:16 - 00000000 ____D () C:\Users\myriam
2014-11-21 12:04 - 2011-01-26 14:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-21 12:04 - 2009-11-23 15:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-21 10:03 - 2011-02-01 09:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-20 17:58 - 2011-02-11 14:47 - 00003182 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBrian
2014-11-20 17:58 - 2011-02-11 14:47 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForBrian.job
2014-11-19 10:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-16 13:48 - 2011-01-26 13:50 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 13:48 - 2011-01-26 13:50 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 13:48 - 2011-01-26 13:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 12:54 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-16 08:42 - 2014-09-20 15:37 - 00000000 ____D () C:\Users\Noah\AppData\Local\LogMeIn Hamachi
2014-11-16 07:59 - 2011-01-26 14:03 - 00000448 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-11-15 17:17 - 2009-07-13 20:45 - 02292160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 17:15 - 2014-05-07 02:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-15 12:03 - 2014-10-18 09:45 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForsims only
2014-11-15 12:02 - 2011-11-12 15:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-15 12:02 - 2011-02-11 14:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-14 09:20 - 2014-09-21 11:19 - 00000000 ____D () C:\Users\Brian\AppData\Local\LogMeIn Hamachi
2014-11-13 03:26 - 2011-06-01 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:20 - 2013-08-15 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:05 - 2011-01-27 08:56 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 13:07 - 2011-07-04 18:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-06 12:03 - 2014-05-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-05 18:17 - 2011-07-04 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-04 14:30 - 2011-01-26 13:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 11:08 - 2009-07-13 21:13 - 00878250 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 10:55 - 2014-05-30 08:39 - 00019279 _____ () C:\Users\sims only\Documents\GROCERY LIST.ods
2014-11-01 12:04 - 2014-08-24 17:27 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-01 12:04 - 2014-08-24 17:27 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-01 12:03 - 2011-01-26 14:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 12:39 - 2014-07-26 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-31 12:39 - 2013-01-21 13:33 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-31 12:39 - 2012-02-09 14:16 - 00000000 ____D () C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-10-31 06:42 - 2012-07-03 15:16 - 00000000 ____D () C:\Users\sims only\AppData\Roaming\Adobe
2014-10-30 05:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-29 11:01 - 2013-10-09 12:36 - 00000000 ____D () C:\Users\sims only\Documents\New folder
Files to move or delete:
====================
C:\Users\Nathalie\PenTablet_5.2.4-6.exe
C:\Users\Nathalie\zynga_6362.exe
C:\Users\Noah\jagex_cl_runescape_LIVE.dat
C:\Users\Noah\random.dat
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\ars0xeqw.dll
C:\Users\Brian\AppData\Local\Temp\ce6-yz4m.dll
C:\Users\Brian\AppData\Local\Temp\chhkyp5m.dll
C:\Users\Brian\AppData\Local\Temp\ibcveaib.dll
C:\Users\Brian\AppData\Local\Temp\lpuninstall.exe
C:\Users\Brian\AppData\Local\Temp\m78druqf.dll
C:\Users\Brian\AppData\Local\Temp\p9z9uzc3.dll
C:\Users\Brian\AppData\Local\Temp\qtnz05-p.dll
C:\Users\Brian\AppData\Local\Temp\v-qstvaf.dll
C:\Users\mom\AppData\Local\Temp\BRSVC_37382831_hlp.exe
C:\Users\mom\AppData\Local\Temp\HssInstaller.exe
C:\Users\mom\AppData\Local\Temp\lpuninstall.exe
C:\Users\mom\AppData\Local\Temp\SIntf16.dll
C:\Users\mom\AppData\Local\Temp\SIntf32.dll
C:\Users\mom\AppData\Local\Temp\SIntfNT.dll
C:\Users\mom\AppData\Local\Temp\tbinst.exe
C:\Users\Nathalie\AppData\Local\Temp\lpuninstall.exe
C:\Users\Nathalie\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Noah\AppData\Local\Temp\lpuninstall.exe
C:\Users\Noah\AppData\Local\Temp\SIntf16.dll
C:\Users\Noah\AppData\Local\Temp\SIntf32.dll
C:\Users\Noah\AppData\Local\Temp\SIntfNT.dll
C:\Users\sims only\AppData\Local\Temp\Quarantine.exe
C:\Users\sims only\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 07:53
==================== End Of Log ============================
#27
Posted 26 November 2014 - 01:59 PM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
I'm a little confused on why you have posted the FRST and Addition log again?
#28
Posted 26 November 2014 - 03:03 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
It isn't always co-operating with me right now, sorry about those. I had to run the FRST64 3 times.
CloseProcesses:
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe
() C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharboxHelper.exe
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3091677303-449996058-2394412518-1001\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [InstallIQUpdater] => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1003\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\Run: [Messenger] => "C:\Program Files (x86)\Strongvault Online Backup\ClientMessenger.exe"
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1005\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - K:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {11f3c78f-20b6-11e3-b78a-90e6baa5b22c} - F:\LGAutoRun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {a83219cd-2990-11e0-9c35-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3091677303-449996058-2394412518-1012\...\MountPoints2: {ccee5e71-c96b-11e3-8b6a-90e6baa5b22c} - F:\LGAutoRun.exe
AppInit_DLLs-x32: => "" File Not Found
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1006\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3091677303-449996058-2394412518-1012\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1004] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1004] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1005] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1012] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1012] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [S-1-5-21-3091677303-449996058-2394412518-1078] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3091677303-449996058-2394412518-1078] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-3091677303-449996058-2394412518-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as..._9.0.8112.16470
URLSearchHook: HKLM-x32 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 - (No Name) - {37153479-1976-43c3-a1ee-557513977b64} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 - (No Name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...32-F5387A104933
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {2780EBEE-10BC-408d-94F7-0AA90B056FE8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {E9CE0F89-9D8F-46D5-AE20-D94C93DE6976} URL = http://searchya.com/...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {53C15A03-DFB4-4519-96F3-4433FDE6FC21} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {951F3306-3CE1-404B-BBBC-0A86E724CDAB} URL = http://search.yahoo....14,17841,0,18,0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.ip...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {82F58046-0F99-4D37-BAC0-9BE126EB66B6} URL = http://websearch.ask...CB-43A0C6FC5A30
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8B50173E-6FCF-42e4-9609-4B54C6231798} URL = http://search.speedb...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://websearch.ask...BC-6E6980505ABD
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80291&lng=en
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> {EDDB140A-431A-4DFA-B2B0-85FD909DABA3} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = http://www.startnow....ion=6.1-x64-SP0
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {4A1B17F1-16A3-4CF6-8BF6-A39CD79E49A1} URL = http://search.condui...3221141119&UM=2
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {8C338C1C-3F33-4771-901B-8CDD38666A6B} URL = http://asksearch.ask...={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {36776B83-D6EA-43CB-AC37-2693874127C3} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {9E14367B-961B-4742-8C4F-A19610F3D18D} URL =
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {AAE50888-0E4A-4664-BF7C-07E5FDFA2695} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> {CB72E47E-EEF0-4BA1-BA34-D4E3D670744A} URL = http://us.yhs4.searc...p={searchTerms}
Toolbar: HKLM-x32 - Frostwire Toolbar - {46575637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FWV7\Passport.dll" No File
Toolbar: HKLM-x32 - No Name - {650598e1-b35a-45d3-b607-896d7acb64c3} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1003 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1004 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {E6103D7B-6052-4575-A010-59037765E87A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1005 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1006 -> No Name - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\S-1-5-21-3091677303-449996058-2394412518-1012 -> No Name - {46575636-0076-A76A-76A7-7A786E7484D7} - No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3091677303-449996058-2394412518-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Extension: ArcadeWeb - C:\Users\Myriam.home-PC.000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2014-11-25]
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1004\...\Firefox\Extensions: [{ED76C299-85BC-4891-9237-74A140C28832}] - C:\Program Files (x86)\RebateInformer\Firefox
FF HKU\S-1-5-21-3091677303-449996058-2394412518-1006\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\mom\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2011-01-26]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\mom\AppData\Local\Temp\ccex.crx [2012-03-03]
R2 FruidiadOepharbox; C:\Program Files (x86)\FruidiadOepharbox\FruidiadOepharbox.exe [4377560 2014-11-03] ()
S0 poqdoehy; C:\Windows\SysWOW64\drivers\fubilq.sys [61440 2011-11-27] () [File not signed]
S0 tiwdxqvx; C:\Windows\SysWOW64\drivers\livkaoag.sys [61440 2011-03-02] () [File not signed]
Task: {2C9C96D3-ECF7-4B13-AF1A-EEA9539234B5} - System32\Tasks\{9515769D-44DA-44A4-9C70-F71AA08BC84E} => C:\Program Files (x86)\FrostWire 5\FrostWire.exe
Task: {DB3D28D5-A91A-4FC8-BFDA-19020183BE17} - \TidyNetwork Update No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:00F3978A
AlternateDataStreams: C:\ProgramData\Temp:014BC3B4
AlternateDataStreams: C:\ProgramData\Temp:05582920
AlternateDataStreams: C:\ProgramData\Temp:05F547A9
AlternateDataStreams: C:\ProgramData\Temp:073139EC
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:0968E571
AlternateDataStreams: C:\ProgramData\Temp:0ACF1AF5
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:0DE96CF5
AlternateDataStreams: C:\ProgramData\Temp:0E22C5DB
AlternateDataStreams: C:\ProgramData\Temp:0FE0A03C
AlternateDataStreams: C:\ProgramData\Temp:10CFA7D4
AlternateDataStreams: C:\ProgramData\Temp:10D45FC3
AlternateDataStreams: C:\ProgramData\Temp:149327FE
AlternateDataStreams: C:\ProgramData\Temp:163B8B93
AlternateDataStreams: C:\ProgramData\Temp:1B3549F2
AlternateDataStreams: C:\ProgramData\Temp:1B389835
AlternateDataStreams: C:\ProgramData\Temp:1B7E2022
AlternateDataStreams: C:\ProgramData\Temp:1CF1FB36
AlternateDataStreams: C:\ProgramData\Temp:1E288DA3
AlternateDataStreams: C:\ProgramData\Temp:217A2A36
AlternateDataStreams: C:\ProgramData\Temp:2211E7A0
AlternateDataStreams: C:\ProgramData\Temp:2216A431
AlternateDataStreams: C:\ProgramData\Temp:24C072FF
AlternateDataStreams: C:\ProgramData\Temp:25BB767E
AlternateDataStreams: C:\ProgramData\Temp:2B11E0DF
AlternateDataStreams: C:\ProgramData\Temp:2B856118
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2F5A06FD
AlternateDataStreams: C:\ProgramData\Temp:2F8138B7
AlternateDataStreams: C:\ProgramData\Temp:32289BE8
AlternateDataStreams: C:\ProgramData\Temp:35629AE6
AlternateDataStreams: C:\ProgramData\Temp:3571475C
AlternateDataStreams: C:\ProgramData\Temp:36608448
AlternateDataStreams: C:\ProgramData\Temp:36A39835
AlternateDataStreams: C:\ProgramData\Temp:371A321E
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:384AA0FD
AlternateDataStreams: C:\ProgramData\Temp:39B53860
AlternateDataStreams: C:\ProgramData\Temp:3AC0ED43
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:3C0887BF
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4D551822
AlternateDataStreams: C:\ProgramData\Temp:4D729D61
AlternateDataStreams: C:\ProgramData\Temp:5520ED93
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA
AlternateDataStreams: C:\ProgramData\Temp:56C66609
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:571CCF8E
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:5A9F1AE5
AlternateDataStreams: C:\ProgramData\Temp:5C0940F1
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:5C4A588B
AlternateDataStreams: C:\ProgramData\Temp:5E8C18F1
AlternateDataStreams: C:\ProgramData\Temp:5ED7E575
AlternateDataStreams: C:\ProgramData\Temp:60E0AB2A
AlternateDataStreams: C:\ProgramData\Temp:6447E3B5
AlternateDataStreams: C:\ProgramData\Temp:67842DB7
AlternateDataStreams: C:\ProgramData\Temp:68B61847
AlternateDataStreams: C:\ProgramData\Temp:69FE2EE4
AlternateDataStreams: C:\ProgramData\Temp:6A0A47E7
AlternateDataStreams: C:\ProgramData\Temp:6A9EDD31
AlternateDataStreams: C:\ProgramData\Temp:6B2FBF73
AlternateDataStreams: C:\ProgramData\Temp:6BEADDC0
AlternateDataStreams: C:\ProgramData\Temp:6DA18708
AlternateDataStreams: C:\ProgramData\Temp:6E6A4F42
AlternateDataStreams: C:\ProgramData\Temp:6FD36C4B
AlternateDataStreams: C:\ProgramData\Temp:701B92FB
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:755BD5CD
AlternateDataStreams: C:\ProgramData\Temp:769DE8D6
AlternateDataStreams: C:\ProgramData\Temp:79C6A9CE
AlternateDataStreams: C:\ProgramData\Temp:7BB584AA
AlternateDataStreams: C:\ProgramData\Temp:7C44248C
AlternateDataStreams: C:\ProgramData\Temp:7D288858
AlternateDataStreams: C:\ProgramData\Temp:7EC01D6D
AlternateDataStreams: C:\ProgramData\Temp:7FA0D639
AlternateDataStreams: C:\ProgramData\Temp:834DD57E
AlternateDataStreams: C:\ProgramData\Temp:86B7FDDB
AlternateDataStreams: C:\ProgramData\Temp:87A3A233
AlternateDataStreams: C:\ProgramData\Temp:88AE8AB0
AlternateDataStreams: C:\ProgramData\Temp:8967C154
AlternateDataStreams: C:\ProgramData\Temp:8E11CC80
AlternateDataStreams: C:\ProgramData\Temp:8EE351C8
AlternateDataStreams: C:\ProgramData\Temp:902C848D
AlternateDataStreams: C:\ProgramData\Temp:90C320E1
AlternateDataStreams: C:\ProgramData\Temp:96838F8A
AlternateDataStreams: C:\ProgramData\Temp:983B4DC0
AlternateDataStreams: C:\ProgramData\Temp:993185CB
AlternateDataStreams: C:\ProgramData\Temp:9A8F071F
AlternateDataStreams: C:\ProgramData\Temp:9B2BD056
AlternateDataStreams: C:\ProgramData\Temp:9DB67071
AlternateDataStreams: C:\ProgramData\Temp:A039EDF9
AlternateDataStreams: C:\ProgramData\Temp:A0921B2C
AlternateDataStreams: C:\ProgramData\Temp:A1128200
AlternateDataStreams: C:\ProgramData\Temp:A17CCD03
AlternateDataStreams: C:\ProgramData\Temp:A6B07419
AlternateDataStreams: C:\ProgramData\Temp:A8606E6E
AlternateDataStreams: C:\ProgramData\Temp:AE9351E0
AlternateDataStreams: C:\ProgramData\Temp:AF9538BC
AlternateDataStreams: C:\ProgramData\Temp:B1E64E47
AlternateDataStreams: C:\ProgramData\Temp:B34A7CD6
AlternateDataStreams: C:\ProgramData\Temp:B38BEEEE
AlternateDataStreams: C:\ProgramData\Temp:B6AF2226
AlternateDataStreams: C:\ProgramData\Temp:BAFAD1DF
AlternateDataStreams: C:\ProgramData\Temp:BB718C46
AlternateDataStreams: C:\ProgramData\Temp:BD34FFC5
AlternateDataStreams: C:\ProgramData\Temp:BD8010FE
AlternateDataStreams: C:\ProgramData\Temp:BE40C8A2
AlternateDataStreams: C:\ProgramData\Temp:BF640EE5
AlternateDataStreams: C:\ProgramData\Temp:C370B84F
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:C4A88D6B
AlternateDataStreams: C:\ProgramData\Temp:CAEDBDA6
AlternateDataStreams: C:\ProgramData\Temp:CE8A42A3
AlternateDataStreams: C:\ProgramData\Temp:D01ACC06
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D576A536
AlternateDataStreams: C:\ProgramData\Temp:D6D084A5
AlternateDataStreams: C:\ProgramData\Temp:D987CB43
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:E326D1D1
AlternateDataStreams: C:\ProgramData\Temp:E6537A16
AlternateDataStreams: C:\ProgramData\Temp:E6EC5C2A
AlternateDataStreams: C:\ProgramData\Temp:E9900C74
AlternateDataStreams: C:\ProgramData\Temp:E99D1D3C
AlternateDataStreams: C:\ProgramData\Temp:EB2D2CC5
AlternateDataStreams: C:\ProgramData\Temp:EB5BDBB0
AlternateDataStreams: C:\ProgramData\Temp:ED6B6C83
AlternateDataStreams: C:\ProgramData\Temp:ED9B661E
AlternateDataStreams: C:\ProgramData\Temp:F1C8B957
AlternateDataStreams: C:\ProgramData\Temp:F2327E82
AlternateDataStreams: C:\ProgramData\Temp:F2E92DCD
AlternateDataStreams: C:\ProgramData\Temp:F36BFA23
AlternateDataStreams: C:\ProgramData\Temp:F53B274A
AlternateDataStreams: C:\ProgramData\Temp:F5FC5DCE
AlternateDataStreams: C:\ProgramData\Temp:F888E36D
AlternateDataStreams: C:\ProgramData\Temp:F942EC78
AlternateDataStreams: C:\ProgramData\Temp:F98E6C67
AlternateDataStreams: C:\ProgramData\Temp:FBD274CF
AlternateDataStreams: C:\ProgramData\Temp:FD786DCA
C:\Program Files (x86)\W3i
C:\Program Files (x86)\Free Ride Games
C:\Program Files (x86)\uTorrent
C:\Program Files (x86)\Strongvault Online Backup
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files (x86)\FruidiadOepharbox
C:\ProgramData\BrowserProtect
C:\Program Files (x86)\RebateInformer
C:\Program Files (x86)\Pando Networks
C:\Program Files (x86)\FrostWire 5
C:\Windows\SysWOW64\drivers\fubilq.sys
C:\Windows\SysWOW64\drivers\livkaoag.sys
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
EmptyTemp:
#29
Posted 26 November 2014 - 03:18 PM
nonosma
- Topic Starter
-
- Member
-
- 123 posts
Member
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-11-26 12:50:52
-----------------------------
12:50:52.155 OS Version: Windows x64 6.1.7601 Service Pack 1
12:50:52.155 Number of processors: 4 586 0x502
12:50:52.155 ComputerName: HOME-PC UserName: Myriam
12:50:53.513 Initialize success
12:50:53.544 VM: initialized successfully
12:50:53.544 VM: Amd CPU supported virtualizedSuspended
12:50:59.483 AVAST engine defs: 14112600
12:51:05.972 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
12:51:05.972 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
12:51:06.128 Disk 0 MBR read successfully
12:51:06.128 Disk 0 MBR scan
12:51:06.144 Disk 0 unknown MBR code
12:51:06.144 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:51:06.144 Disk 0 default boot code
12:51:06.160 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942740 MB offset 206848
12:51:06.191 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11027 MB offset 1930938368
12:51:06.238 Disk 0 scanning C:\Windows\system32\drivers
12:51:19.388 Service scanning
12:51:46.985 Modules scanning
12:51:46.985 Disk 0 trace - called modules:
12:51:47.047 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
12:51:47.047 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005db5060]
12:51:47.047 3 CLASSPNP.SYS[fffff8800193c43f] -> nt!IofCallDriver -> [0xfffffa8005b05e40]
12:51:47.047 5 ACPI.sys[fffff88000ecd7a1] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8005bb39c0]
12:51:48.092 AVAST engine scan C:\Windows
12:51:51.602 AVAST engine scan C:\Windows\system32
12:56:03.837 AVAST engine scan C:\Windows\system32\drivers
12:56:37.174 AVAST engine scan C:\Users\Myriam.home-PC.000
12:57:56.184 File: C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner (1).exe **INFECTED** Win32:Rootkit-gen [Rtk]
12:57:56.683 File: C:\Users\Myriam.home-PC.000\Downloads\AdwCleaner.exe **INFECTED** Win32:Rootkit-gen [Rtk]
12:57:59.055 AVAST engine scan C:\ProgramData
13:11:07.174 Disk 0 statistics 4289661/0/0 @ 2.18 MB/s
13:11:07.174 Scan finished successfully
13:17:44.043 Disk 0 MBR has been saved successfully to "C:\Users\Myriam.home-PC.000\Desktop\MBR.dat"
13:17:44.047 The log file has been saved successfully to "C:\Users\Myriam.home-PC.000\Desktop\aswMBR.txt"
#30
Posted 26 November 2014 - 03:37 PM
BrianDrab
-
- Malware Removal
-
- 3,591 posts
Trusted Helper
It doesn't look like the FRST fix was run. I want to confirm that you did the following.
1. You downloaded the fixlist.txt to your desktop.
2. You opened FRST64 and then clicked the fix button.
3. After some time you will be prompted to reboot your machine.
4. After your machine reboots the fixlog.txt file will open. If it doesn't open it should be on your desktop.
5. Once this file is open you can choose the Edit menu and select All. Then Edit copy and then paste into the forum.
Please let me know. Thank you.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
