Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Games crash when i try to open them and they also crash sound driver


  • Please log in to reply

#76
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/02/2015 1:37:04 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 04/02/2015 1:21:03 PM
Type: Error Category: 0
Event: 11704 Source: MsiInstaller
Product: Google Update Helper -- Error 1704. An installation for Logitech Webcam Software is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Log: 'Application' Date/Time: 04/02/2015 11:19:52 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 03/02/2015 11:18:19 PM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/02/2015 1:37:44 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/02/2015 6:33:12 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 04/02/2015 1:15:13 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 04/02/2015 1:03:49 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/02/2015 6:33:18 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 3:15:33 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 11:15:02 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name 9gag.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 11:15:02 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name gamification.ff.avast.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 11:14:57 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 11:14:53 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 9:15:05 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 9:13:43 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 8:29:52 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 7:53:27 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 7:53:20 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 1:03:44 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/02/2015 1:03:43 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 

  • 0

Advertisements


#77
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP
 
Log: 'Application' Date/Time: 04/02/2015 1:21:03 PM
Type: Error Category: 0
Event: 11704 Source: MsiInstaller
Product: Google Update Helper -- Error 1704. An installation for Logitech Webcam Software is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

 

 
Supposedly if you say Yes it will clear the problem.  (Did you get a pop up to that effect?)
 
 
Microsoft pulled the Installer Cleanup Utility that used to fix these kinds of problems saying it did some damage to Office in the process.  You can still get it at
http://majorgeeks.co...ad.php?det=4459  Select one of the Download Locations.
You do not need to fill out the form that shows up.  I haven't used it on Windows 7 but word on the net is that it still works (I didn't think it did but have just learned otherwise).  Right click on it and Run As Admin.   If Logitech shows up then highlight it and Remove.  It doesn't remove any installed programs or their files or it's not supposed too anyway.  Just cleans out the files from the installer.  Might make it harder to uninstall a program but there are programs for that (Revo Uninstaller - http://www.revounins..._download.html)

  • 0

#78
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

what should I do with FRST? opt for this one instead?  I'm okay with removing logitech as if it were a virus but idk. And I didn't get any popup. 


  • 0

#79
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

See if the installer Cleanup Utility will work to remove logitech from the installer.  In either case run FRST with the addition box checked (Scan)  and get both logs.


  • 0

#80
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

Logitech doesn't appear on the installer. 


  • 0

#81
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015
Ran by Renato (administrator) on RENATO-PC on 05-02-2015 13:15:37
Running from C:\Users\Renato\Desktop
Loaded Profiles: Renato (Available profiles: Renato)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Alcatel-Lucent) C:\Program Files\Verizon\McciTrayApp.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Octoshape ApS) C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Spotify Ltd) C:\Users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Renato\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
(Verizon) C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [Verizon_McciTrayApp] => C:\Program Files\Verizon\McciTrayApp.exe [3432448 2010-03-17] (Alcatel-Lucent)
HKLM\...\Run: [Zune Launcher] => c:\Program Files\Zune\ZuneLauncher.exe [163568 2010-09-24] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [251744 2011-06-06] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [VERIZONDM] => C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe [206120 2010-09-02] (SupportSoft, Inc.)
HKLM-x32\...\Run: [VerizonServicepoint.exe] => C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe [4318520 2011-01-10] (Verizon)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2529096 2012-02-16] (Desura Pty Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [5915480 2010-10-29] (Logitech Inc.)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [NCsoft Launcher] => C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe [43304 2013-06-06] (NCSOFT)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Spotify Web Helper] => C:\Users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Spotify] => C:\Users\Renato\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [uTorrent] => C:\Users\Renato\AppData\Roaming\uTorrent\uTorrent.exe [1377872 2015-01-20] (BitTorrent Inc.)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
Startup: C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk /r \??\C:autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM -> {C9B3E73D-3E54-4289-821F-DF4FC0BA4351} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {C9B3E73D-3E54-4289-821F-DF4FC0BA4351} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> DefaultScope {F6DF4AE4-1EC8-47A9-AF93-FC4C481C5718} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> {224C4FB2-1476-4EC6-B16C-166D8631F260} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> {F6DF4AE4-1EC8-47A9-AF93-FC4C481C5718} URL = https://search.yahoo...p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @hulu.com/Hulu Desktop -> C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll No File
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @powerchallenge.com/PowerLoader -> C:\Users\Renato\AppData\LocalLow\PowerChallenge\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Renato\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Renato\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\google-search.xml
FF SearchPlugin: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (From Dust) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2013-10-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-31]
CHR Extension: (Sniper Team) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec [2014-04-03]
CHR Extension: (Crazy Shooting) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2014-04-03]
CHR Extension: (Adblock for Pirate Bay) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-04-05] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-03-17] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-03-17] (Alcatel-Lucent) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2010-09-02] (SupportSoft, Inc.)
R2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2010-09-02] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; c:\Windows\system32\ZuneWlanCfgSvc.exe [467696 2010-09-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-18] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
S4 catchme; \??\C:\ComboFix0\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-05 13:15 - 2015-02-05 13:16 - 00027359 _____ () C:\Users\Renato\Desktop\FRST.txt
2015-02-05 13:11 - 2015-02-05 13:11 - 00002819 _____ () C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2015-02-05 13:11 - 2015-02-05 13:11 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2015-02-05 13:07 - 2015-02-05 13:07 - 00359656 _____ (Microsoft Corporation) C:\Users\Renato\Desktop\msicuu2.exe
2015-02-04 13:36 - 2015-02-04 13:36 - 02131968 _____ (Farbar) C:\Users\Renato\Downloads\FRST64.exe
2015-02-04 13:36 - 2015-02-04 13:36 - 02131968 _____ (Farbar) C:\Users\Renato\Desktop\FRST64.exe
2015-02-03 23:30 - 2015-02-04 13:37 - 00004145 _____ () C:\VEW.txt
2015-02-03 22:28 - 2015-02-03 22:28 - 00061440 _____ ( ) C:\Users\Renato\Downloads\VEW.exe
2015-02-03 22:28 - 2015-02-03 22:28 - 00061440 _____ ( ) C:\Users\Renato\Desktop\VEW.exe
2015-02-03 16:02 - 2015-02-03 16:02 - 00000020 ___SH () C:\Users\Renato\ntuser.ini
2015-02-03 14:50 - 2015-02-03 14:50 - 00000000 ____D () C:\Users\Renato\AppData\Local\AMD
2015-02-03 14:46 - 2015-02-03 14:46 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\ATI
2015-02-03 14:46 - 2015-02-03 14:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\ATI
2015-02-03 14:45 - 2015-02-03 14:45 - 00115960 _____ () C:\Users\Renato\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 14:43 - 2015-02-03 14:43 - 00000000 __SHD () C:\Users\Renato\AppData\Local\EmieUserList
2015-02-03 14:43 - 2015-02-03 14:43 - 00000000 __SHD () C:\Users\Renato\AppData\Local\EmieSiteList
2015-02-03 07:25 - 2015-02-03 07:25 - 00000000 ____D () C:\Users\Public\Recorded TV
2015-02-01 15:09 - 2015-02-01 15:09 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Gyazo
2015-01-26 23:40 - 2015-01-26 23:40 - 00115960 _____ () C:\GDIPFONTCACHEV1.DAT
2015-01-24 17:37 - 2015-01-24 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 00:23 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-24 00:23 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-24 00:23 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-24 00:21 - 2015-01-24 00:50 - 00000000 ____D () C:\Qoobox
2015-01-18 05:00 - 2015-01-18 05:00 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\AVAST Software
2015-01-18 04:58 - 2015-01-31 16:58 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-18 04:57 - 2015-01-18 04:58 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-18 04:56 - 2015-01-18 04:58 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-18 04:56 - 2015-01-18 04:56 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-18 04:56 - 2015-01-18 04:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-18 04:55 - 2015-01-18 04:55 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-17 22:51 - 2015-01-17 22:51 - 00000000 ____D () C:\Users\Renato\AppData\Local\Apps\2.0
2015-01-14 01:32 - 2015-01-14 01:32 - 00000000 ____D () C:\Program Files\7-Zip
2015-01-13 19:42 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:42 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:42 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:42 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:42 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:42 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:42 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:42 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:42 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:42 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:42 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-10 23:49 - 2015-01-10 23:49 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-RENATO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-10 23:49 - 2015-01-10 23:49 - 00000000 ____D () C:\RegBackup
2015-01-10 23:47 - 2015-01-10 23:47 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-10 23:46 - 2015-01-10 23:46 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-05 13:15 - 2015-01-03 16:42 - 00000000 ____D () C:\FRST
2015-02-05 13:15 - 2013-02-02 11:58 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\uTorrent
2015-02-05 13:10 - 2013-03-13 17:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-02-05 13:05 - 2013-03-07 18:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-05 13:05 - 2013-02-11 22:03 - 01712140 _____ () C:\Windows\WindowsUpdate.log
2015-02-05 13:05 - 2013-02-11 20:38 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-02-05 12:21 - 2011-02-10 16:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 08:21 - 2011-02-10 16:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-05 08:16 - 2009-07-13 23:51 - 14925484 _____ () C:\Windows\setupact.log
2015-02-04 18:18 - 2013-03-07 18:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 18:18 - 2013-03-07 18:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 18:18 - 2013-03-07 18:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 08:16 - 2011-02-10 16:23 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 08:16 - 2011-02-10 16:23 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 06:17 - 2009-07-13 23:45 - 00026448 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 06:17 - 2009-07-13 23:45 - 00026448 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 21:03 - 2014-12-28 03:15 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRenato
2015-02-03 21:03 - 2014-12-28 03:15 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForRenato.job
2015-02-03 16:19 - 2013-01-09 22:21 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Spotify
2015-02-03 16:04 - 2010-11-26 13:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-03 16:02 - 2013-02-11 20:40 - 00000000 ____D () C:\Users\Renato
2015-02-03 16:02 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 16:01 - 2010-07-11 16:24 - 00000000 ____D () C:\Users\Renato\AppData\Local\Hewlett-Packard
2015-02-03 16:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-02-01 17:21 - 2013-02-11 22:03 - 01485311 _____ () C:\Windows\WindowsUpdate(15).log
2015-01-29 18:51 - 2010-08-15 01:15 - 00000000 ____D () C:\Users\Renato\AppData\Local\CrashDumps
2015-01-29 14:16 - 2011-07-03 17:29 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Tropico 3
2015-01-29 14:15 - 2013-07-21 22:06 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Dropbox
2015-01-29 14:14 - 2011-04-13 14:51 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Bioshock
2015-01-29 14:14 - 2010-07-30 10:19 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\CyberLink
2015-01-29 14:14 - 2010-07-11 16:33 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Adobe
2015-01-28 14:24 - 2010-08-15 17:34 - 00000000 ____D () C:\Users\Renato\AppData\Local\Adobe
2015-01-28 14:17 - 2013-09-12 17:48 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Skype
2015-01-28 14:17 - 2010-11-16 23:08 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\mIRC
2015-01-28 00:28 - 2010-08-25 17:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\AIM
2015-01-28 00:27 - 2013-02-11 20:38 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-01-27 04:58 - 2010-11-20 22:47 - 00556856 _____ () C:\Windows\PFRO.log
2015-01-27 02:56 - 2012-10-10 12:18 - 00000000 ____D () C:\Users\Renato\AppData\Local\Facebook
2015-01-27 02:56 - 2011-02-10 16:23 - 00000000 ____D () C:\Users\Renato\AppData\Local\Google
2015-01-26 21:56 - 2013-01-09 22:22 - 00000000 ____D () C:\Users\Renato\AppData\Local\Spotify
2015-01-26 21:42 - 2010-08-25 17:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\AOL
2015-01-26 21:08 - 2010-02-07 13:38 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-26 21:05 - 2010-08-17 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-26 19:19 - 2010-02-07 13:42 - 00259152 _____ () C:\Windows\DirectX.log
2015-01-24 00:45 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-18 04:22 - 2011-02-02 18:36 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-11 01:53 - 2009-07-14 00:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-11 01:48 - 2009-07-13 23:45 - 00424040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 01:38 - 2009-07-13 21:34 - 00000514 _____ () C:\Windows\win.ini
2015-01-11 01:34 - 2013-12-15 14:57 - 00781790 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-08 09:55 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 18:16
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015
Ran by Renato at 2015-02-05 13:17:31
Running from C:\Users\Renato\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
[email protected] ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Aion (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\NCsoft-Aion) (Version:  - NCsoft)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent Demo  (HKLM-x32\...\Steam App 57310) (Version:  - )
And Yet It Moves (HKLM-x32\...\Steam App 18700) (Version:  - Broken Rules)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12263.1 - Cisco Consumer Products LLC)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gish (HKLM-x32\...\Steam App 9500) (Version:  - Cryptic Sea)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Jolly Rover (HKLM-x32\...\Steam App 58200) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (x32 Version: 1.3 - Riot Games) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 3.0.24.12179 - LeapFrog)
LeapFrog Connect (x32 Version: 3.0.24.12179 - LeapFrog) Hidden
LeapFrog Leapster2 Plugin (x32 Version: 3.0.24.12378 - LeapFrog) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2427702) (HKLM\...\A-WIN-Extras 8.0.3 2427702_is1) (Version: 8.0.3 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.4.2 - NCsoft)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
Octoshape Streaming Services (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Octoshape Streaming Services) (Version:  - )
OnLive (HKLM-x32\...\OnLive) (Version:  - OnLive)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power Challenge Game Plugin (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Power Loader) (Version:  - )
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
Proun (HKLM-x32\...\Proun) (Version:  - )
Puzzle Agent (HKLM-x32\...\Steam App 31270) (Version:  - Telltale Games)
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version:  - Airtight Games)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD)
RAIDXpert (x32 Version: 3.2.1540.5 - AMD) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version:  - EasyGameStation)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Rybka 3 Aquarium Demo (HKLM-x32\...\Rybka 3 Aquarium Demo_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spotify (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.5.4.24540 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Tarrasch Chess GUI V1.00a (HKLM-x32\...\Tarrasch Chess GUI_is1) (Version:  - Triple Happy Ltd.)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
Tribes Ascend Open Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.942.1 - Hi-Rez Studios)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin) (HKLM-x32\...\Leapster2Plugin) (Version:  - LeapFrog)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.7 - Flagship Industries, Inc.)
Verizon Download Manager (HKLM-x32\...\{F54E5D65-CB60-4A31-A71B-BCFB0FA0076D}) (Version: 1.0.0 - Verizon)
Verizon FiOS Activation (HKLM-x32\...\Verizon FiOS Activation_is1) (Version:  - Verizon)
Verizon Help and Support Tool (HKLM-x32\...\Verizon Help and Support) (Version:  - )
Verizon Servicepoint 3.7.44 (HKLM-x32\...\RadialpointClientGateway_is1) (Version: 3.7.44 - Verizon)
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
Vz In Home Agent (HKLM-x32\...\{2746B4DE-A2EE-4B33-A7CE-B33BAD5EF6FE}) (Version: 7.08.22 - Verizon)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Wolfram CDF Player (M-WIN-D 8.0.3 2427703) (HKLM-x32\...\M-WIN-D 8.0.3 2427703_is1) (Version: 8.0.3 - Wolfram Research, Inc.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.07.1404.00 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Renato\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
 
==================== Restore Points  =========================
 
01-02-2015 19:00:09 Windows Backup
03-02-2015 14:43:15 avast! antivirus system restore point
03-02-2015 15:05:11 Windows Update
03-02-2015 15:42:09 Restore Operation
03-02-2015 16:12:55 Windows Update
05-02-2015 13:08:07 Installed Windows Installer Clean Up
05-02-2015 13:11:07 Installed Windows Installer Clean Up
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-01-11 01:38 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0409711F-F06F-4937-8CD7-DB66E7D3404C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {0C27BDBF-74C3-42D9-B2AF-6932B6371856} - System32\Tasks\{2D302DEE-A7A1-4833-8208-87CF68A4DE18} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {108C3671-83BF-4AF1-9250-70EB39093967} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {19BBE128-FDB9-4B47-AD68-FD857BB4DAB3} - System32\Tasks\{E2BE99FC-0497-4339-898B-AEEE77821141} => pcalua.exe -a C:\Users\Renato\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {1D8E8618-0E45-4767-B83E-A89072D63762} - System32\Tasks\{9C84E6CD-3589-4860-BA72-BD0BF133B5BF} => pcalua.exe -a C:\Users\Renato\Downloads\zunesetuppkg-x86.exe -d C:\Users\Renato\Downloads
Task: {2336944E-89FA-4457-9CBF-5AAEC0566EC9} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2890A260-3A29-4432-91B7-26EA4A7590A8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-18] (AVAST Software)
Task: {36BFC549-BBD3-453B-B532-DD82E1ED4287} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3BBBE335-780A-48ED-9962-B2C322D0D279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {448E677D-D502-454D-B599-D68E73924342} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4D61A063-9BDE-4A4E-BCDF-804560EB5407} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {517E4D03-6611-4229-A13D-992AD173BD0C} - System32\Tasks\{3B41B43B-5361-46A7-8168-20C5F49EEE3E} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: {5926E2A8-FDBD-4E74-ADDB-23CE1CE6BDD9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001Core => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10] (Facebook Inc.)
Task: {5A75E99B-5DE1-4459-A547-D733C29D005F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001UA => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10] (Facebook Inc.)
Task: {60DF6554-35F1-412B-8096-DDE3559E74A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {65887A64-EF3C-4EDD-8F78-773623BB8544} - System32\Tasks\HPCeeScheduleForRenato => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {6D2B0257-DEC4-45DD-8E60-4233F0C140BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {8642D700-3CBC-4772-AB60-CCBE6F2C937C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {9AB7FB4A-5972-4D01-961E-9735F83376A6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {AD89A927-FE00-434E-83CF-18DB1DE0AD37} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B5D039C0-881F-4A2B-9611-36EA01F7B587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {B91244CD-4F1B-4888-A394-2DD22728C3A5} - System32\Tasks\{16EB0BB1-199A-4C8E-B2A0-9C42FC48EB11} => Firefox.exe http://ui.skype.com/...all?page=tsMain
Task: {EE54D812-2BCD-4CB2-A637-CD2D85E57E2D} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001Core.job => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001UA.job => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRenato.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-11-20 21:23 - 2014-11-20 21:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2009-09-19 17:38 - 2009-09-19 17:38 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2009-09-14 19:17 - 2009-09-14 19:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-09-19 17:40 - 2009-09-19 17:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-09-19 17:40 - 2009-09-19 17:40 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-01 14:29 - 2015-02-01 14:29 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-03 16:03 - 2015-02-03 16:03 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020301\algo.dll
2015-02-05 10:17 - 2015-02-05 10:17 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020500\algo.dll
2009-09-07 16:54 - 2009-09-07 16:54 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-04-09 18:04 - 2009-04-09 18:04 - 02141008 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 07704400 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
2009-04-22 16:53 - 2009-04-22 16:53 - 00969040 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00475472 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00363856 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00200016 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
2010-10-29 15:01 - 2010-10-29 15:01 - 00027472 _____ () C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 11311952 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00291664 _____ () C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
2010-10-29 15:02 - 2010-10-29 15:02 - 00751616 _____ () C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00029008 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00035152 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00138064 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 16:10 - 2014-11-11 13:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-31 00:32 - 2015-01-23 17:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-12 19:12 - 2015-01-23 17:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-04-01 14:41 - 2011-04-01 14:41 - 02267648 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
2011-04-01 14:48 - 2011-04-01 14:48 - 08217088 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
2011-01-25 19:12 - 2011-01-10 11:47 - 00158208 _____ () C:\Program Files (x86)\Verizon\VSP\Windows7Features.dll
2015-01-18 04:56 - 2015-01-18 04:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-26 13:14 - 2015-01-15 18:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-27 14:20 - 2015-01-25 16:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 14:20 - 2015-01-25 16:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 14:20 - 2015-01-25 16:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-01-27 14:20 - 2015-01-25 16:08 - 14913864 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
2014-08-14 16:37 - 2015-01-15 18:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-02-05 06:31 - 2015-02-03 12:22 - 14964912 _____ () C:\Users\Renato\AppData\Local\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3591711946-2265182465-2123470179-500 - Administrator - Disabled)
Guest (S-1-5-21-3591711946-2265182465-2123470179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3591711946-2265182465-2123470179-1004 - Limited - Enabled)
Renato (S-1-5-21-3591711946-2265182465-2123470179-1001 - Administrator - Enabled) => C:\Users\Renato
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/05/2015 06:20:22 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (02/04/2015 08:21:03 AM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1704. An installation for Logitech Webcam Software is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Error: (02/04/2015 06:19:52 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (02/03/2015 06:18:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
 
System errors:
=============
Error: (02/05/2015 00:15:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (02/05/2015 10:15:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (02/05/2015 08:15:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (02/04/2015 01:33:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (02/04/2015 08:15:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (02/03/2015 08:03:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
 
Microsoft Office Sessions:
=========================
Error: (02/05/2015 06:20:22 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2
 
Error: (02/04/2015 08:21:03 AM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1704. An installation for Logitech Webcam Software is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (02/04/2015 06:19:52 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2
 
Error: (02/03/2015 06:18:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-24 00:44:16.780
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix0\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-24 00:44:16.581
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix0\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-05 21:50:27.340
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-05 21:50:27.183
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-31 16:05:16.340
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-31 16:05:16.258
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 945 Processor
Percentage of memory in use: 41%
Total physical RAM: 8183.89 MB
Available physical RAM: 4821.78 MB
Total Pagefile: 16365.96 MB
Available Pagefile: 6477.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:919.67 GB) (Free:53.72 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.56 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.3 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#82
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

I think we will use Combofix.  It's a bit stronger than FRST.  If you don't still have it then get it from:

 

http://download.blee...Bs/ComboFix.exe

 

Pause your anti-virus first before downloading or running Combofix:  (Right click on the avast ball and Shields Control, Disable until Computer is restarted.)

 

Then  

 
Copy the text between the lines of stars by highlighting and Ctrl + c.
 
******************************************
 
DirLook::
C:\Program Files\Common
C:\Program Files\Common Files
%user%\library
 
File::
c:\windows\system32\DRIVERS\LVPr2M64.sys
c:\windows\system32\DRIVERS\lvrs64.sys
c:\windows\system32\DRIVERS\lvuvc64.sys
c:\windows\system32\DRIVERS\Rt64win7.sys
 
Driver::
LVPrcS64
LVPr2M64
LVRS64
LVUVC64
 
Folder::
C:\Program Files\Common Files\logishrd
c:\program files (x86)\Logitech
C:\Program Files\Logitech
 
RootKit::
c:\windows\system32\DRIVERS\LVPr2M64.sys
c:\windows\system32\DRIVERS\lvrs64.sys
c:\windows\system32\DRIVERS\lvuvc64.sys
c:\windows\system32\DRIVERS\Rt64win7.sys
 
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"=-
 
******************************************
 
Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.
 
Pause your anti-virus.
 
Drag CFScript.txt over to Combofix and let go Combofix should start on its own.
 
Post the new log.
 
Ron

  • 0

#83
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
I feel like nobody should ever get a virus in this day and age. Also why was combofix mentioned on previous logs?
 
 
 
 
 
ComboFix 15-02-02.01 - Renato 02/06/2015  14:43:26.4.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8184.6349 [GMT -5:00]
Running from: c:\users\Renato\Desktop\ComboFix.exe
Command switches used :: c:\users\Renato\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\DRIVERS\LVPr2M64.sys"
"c:\windows\system32\DRIVERS\lvrs64.sys"
"c:\windows\system32\DRIVERS\lvuvc64.sys"
"c:\windows\system32\DRIVERS\Rt64win7.sys"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\DRIVERS\LVPr2M64.sys
c:\windows\system32\DRIVERS\lvrs64.sys
c:\windows\system32\DRIVERS\lvuvc64.sys
c:\windows\system32\DRIVERS\Rt64win7.sys
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_LVPR2M64
-------\Service_LVPr2M64
-------\Service_LVRS64
-------\Service_LVUVC64
-------\Service_RTL8167
.
.
(((((((((((((((((((((((((   Files Created from 2015-01-06 to 2015-02-06  )))))))))))))))))))))))))))))))
.
.
2015-02-06 20:03 . 2015-02-06 20:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-02-06 09:25 . 2014-12-15 09:13 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADE7FAB7-E3E5-4B6F-9A78-7660774D0726}\mpengine.dll
2015-02-05 18:11 . 2015-02-05 18:11 3584 ----a-r- c:\users\Renato\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-02-05 18:11 . 2015-02-05 18:11 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-02-03 19:50 . 2015-02-03 19:50 -------- d-----w- c:\users\Renato\AppData\Local\AMD
2015-02-03 19:46 . 2015-02-03 19:46 -------- d-----w- c:\users\Renato\AppData\Roaming\ATI
2015-02-03 19:46 . 2015-02-03 19:46 -------- d-----w- c:\users\Renato\AppData\Local\ATI
2015-02-03 19:43 . 2015-02-03 19:43 -------- d-sh--w- c:\users\Renato\AppData\Local\EmieUserList
2015-02-03 19:43 . 2015-02-03 19:43 -------- d-sh--w- c:\users\Renato\AppData\Local\EmieSiteList
2015-02-03 12:25 . 2015-02-03 12:25 -------- d-----w- c:\users\Public\Recorded TV
2015-02-01 20:09 . 2015-02-01 20:09 -------- d-----w- c:\users\Renato\AppData\Roaming\Gyazo
2015-01-18 10:00 . 2015-01-18 10:00 -------- d-----w- c:\users\Renato\AppData\Roaming\AVAST Software
2015-01-18 09:57 . 2015-01-18 09:56 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-01-18 09:57 . 2015-01-18 09:56 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-01-18 09:57 . 2015-01-18 09:56 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-01-18 09:57 . 2015-01-18 09:56 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-01-18 09:57 . 2015-01-18 09:58 87912 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-01-18 09:57 . 2015-01-18 09:56 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-01-18 09:57 . 2015-01-18 09:56 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-01-18 09:56 . 2015-01-18 09:58 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-01-18 09:56 . 2015-01-18 09:56 364512 ----a-w- c:\windows\system32\aswBoot.exe
2015-01-18 09:56 . 2015-01-18 09:56 43152 ----a-w- c:\windows\avastSS.scr
2015-01-18 09:55 . 2015-01-18 09:55 -------- d-----w- c:\program files\AVAST Software
2015-01-18 09:19 . 2015-01-18 09:55 -------- d-----w- c:\programdata\AVAST Software
2015-01-18 03:51 . 2015-01-18 03:51 -------- d-----w- c:\users\Renato\AppData\Local\Apps
2015-01-14 06:32 . 2015-01-14 06:32 -------- d-----w- c:\program files\7-Zip
2015-01-11 06:45 . 2015-02-03 21:01 -------- d-----w- c:\windows\system32\catroot2
2015-01-11 06:34 . 2015-01-11 06:34 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2015-01-11 04:49 . 2015-01-11 04:49 -------- d-----w- C:\RegBackup
2015-01-11 04:46 . 2015-01-11 04:46 -------- d-----w- c:\program files (x86)\Tweaking.com
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-04 23:18 . 2013-03-07 23:05 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 23:18 . 2013-03-07 23:05 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-08 14:55 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-17 18:58 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-17 18:58 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-10 08:14 . 2013-02-15 03:17 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-04 02:50 . 2014-12-09 20:49 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-09 20:49 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-09 20:49 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-09 20:49 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-09 20:49 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-09 20:49 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-09 20:49 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-09 20:49 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-09 20:48 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-09 20:48 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-09 20:48 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-09 20:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-09 20:48 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-09 20:48 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-09 20:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-09 20:48 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-09 20:48 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-09 20:48 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-09 20:48 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-09 20:48 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-09 20:48 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-09 20:48 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-09 20:48 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-09 20:48 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-09 20:48 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-09 20:48 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-09 20:48 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-09 20:48 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-09 20:48 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-09 20:48 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-09 20:48 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-09 20:48 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-09 20:48 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-09 20:48 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-09 20:48 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-09 20:48 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-09 20:48 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-09 20:48 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-09 20:48 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-09 20:48 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-09 20:48 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-09 20:48 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-09 20:48 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-09 20:48 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-09 20:48 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-09 20:48 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-09 20:48 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-09 20:48 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2011-06-01 06:18 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2011-06-01 06:18 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2014-11-21 02:44 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2011-06-01 06:17 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2011-06-01 07:01 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2011-06-01 07:02 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2011-06-01 06:43 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2011-06-01 06:52 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2014-11-21 02:43 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2014-11-21 02:43 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2014-11-21 02:43 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2014-11-21 02:43 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:36 . 2014-11-21 02:36 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-21 02:35 . 2014-11-21 02:35 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2014-11-21 02:33 . 2014-11-21 02:33 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2014-11-21 02:33 . 2014-11-21 02:33 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2014-11-21 02:33 . 2014-11-21 02:33 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common Files ----
.
2015-01-28 05:27 . 2009-10-16 16:22 16090 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_trk.html
2015-01-28 05:27 . 2009-10-16 16:22 15133 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_sve.html
2015-01-28 05:27 . 2009-10-16 16:22 25379 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_rus.html
2015-01-28 05:27 . 2009-10-16 16:22 16839 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_ptb.html
2015-01-28 05:27 . 2009-10-16 16:22 16947 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_plk.html
2015-01-28 05:27 . 2009-10-16 16:22 15145 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_nor.html
2015-01-28 05:27 . 2009-10-16 16:22 16512 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_nld.html
2015-01-28 05:27 . 2009-10-16 16:22 17386 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_kor.html
2015-01-28 05:27 . 2009-10-16 16:22 18826 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_jpn.html
2015-01-28 05:27 . 2009-10-16 16:22 16709 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_ita.html
2015-01-28 05:27 . 2009-10-16 16:22 17579 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_fra.html
2015-01-28 05:27 . 2009-10-16 16:22 17213 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_esp.html
2015-01-28 05:27 . 2009-10-16 16:22 26562 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_ell.html
2015-01-28 05:27 . 2009-10-16 16:22 16568 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_deu.html
2015-01-28 05:27 . 2009-10-16 16:22 15523 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_dan.html
2015-01-28 05:27 . 2009-10-16 16:22 14169 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_cht.html
2015-01-28 05:27 . 2009-10-16 16:22 14269 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\Readme_chs.html
2015-01-28 05:27 . 2009-10-16 16:22 16503 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\readme.html
2015-01-28 05:27 . 2009-10-16 16:22 3587 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\logo.jpg
2015-01-28 05:27 . 2009-10-16 16:22 5770 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\logi_new_75.png
2015-01-28 05:27 . 2009-10-16 16:22 29267 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Readme\2455.1.0.jpg
2015-01-28 05:27 . 2009-10-14 20:29 47130 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\PrivacyShades\ps_image39.jpg
2015-01-28 05:27 . 2009-10-14 20:29 48374 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\PrivacyShades\ps_image38.jpg
2015-01-28 05:27 . 2009-10-14 20:29 245909 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\PrivacyShades\ps_default.jpg
2015-01-28 05:27 . 2009-10-16 16:16 14005 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Tiled Up__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:17 305486 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\They're Watching__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 68809 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Talk to the Hand__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:16 427484 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Stick_Figure.LVA
2015-01-28 05:27 . 2009-10-16 16:16 922638 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Shark.LVA
2015-01-28 05:27 . 2009-10-16 16:16 102235 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Robot_Face.LVF
2015-01-28 05:27 . 2009-10-16 16:17 119575 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Raccoons__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:16 60829 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Pig_nose.LVF
2015-01-28 05:27 . 2009-10-16 16:16 13890 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Neonize__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:17 103343 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Mother Nature__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 36350 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Moon__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 161559 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Mona Lisa__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 295261 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Lion__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 13789 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\I See A Ghost__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:16 75412 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Goatee.LVF
2015-01-28 05:27 . 2009-10-16 16:16 13882 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Fisheye__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:16 548071 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Dinosaur.LVA
2015-01-28 05:27 . 2009-10-16 16:16 72161 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Crown.LVF
2015-01-28 05:27 . 2009-10-16 16:17 13701 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Cotton Candy__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:16 13255 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Chalk__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:17 115706 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Cat__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:16 385233 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Cat.LVA
2015-01-28 05:27 . 2009-10-16 16:17 230994 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Bulldog__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 13787 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Blockhead__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:17 290985 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Baby__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:16 58352 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Arrow_through_head.LVF
2015-01-28 05:27 . 2009-10-16 16:16 675879 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Alien.LVA
2015-01-28 05:27 . 2009-10-16 16:16 13813 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\80's Music Video__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:16 14327 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\50's Movie Reel__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:16 14264 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\4 Squares__fun.LVF
2015-01-28 05:27 . 2009-10-16 16:22 392684 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\TRK\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 345648 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\SVE\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 400456 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\RUS\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 348034 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\PTB\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 399354 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\PLK\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 344779 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\NOR\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 346019 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\NLD\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 392429 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\KOR\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 400069 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\JPN\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 347174 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\ITA\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 349146 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\FRA\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 347983 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\ESP\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 355214 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\ENU\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 401124 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\ELL\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 347724 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\DEU\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 346060 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\DAN\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 388291 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\CHT\qcam.chm
2015-01-28 05:27 . 2009-10-16 16:22 385871 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Help\CHS\qcam.chm
2015-01-28 05:27 . 2009-10-14 20:50 15893504 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\LWS64.msi
2015-01-28 05:27 . 2009-10-16 16:17 305486 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\They're Watching__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:17 68809 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\Talk to the Hand__vmk.LVF
2015-01-28 05:27 . 2009-10-16 16:16 13813 ----a-w- c:\program files\Common Files\logishrd\CacheMSI\{987FE247-4E69-4A2E-A961-D14F901FDBF6}\Models\80's Music Video__fun.LVF
2015-01-27 10:00 . 2015-02-03 19:22 40164 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.log
2014-12-09 20:48 . 2014-11-22 02:08 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-11-21 02:43 . 2014-11-21 02:43 110880 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDMFTVideoDecoder_32.dll
2014-11-21 02:43 . 2014-11-21 02:43 126360 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDMFTVideoDecoder_64.dll
2014-11-21 02:36 . 2014-11-21 02:36 2511872 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
2014-11-21 02:32 . 2014-11-21 02:32 625664 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\amdwdst.exe
2014-11-21 02:18 . 2014-11-21 02:18 246272 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDhwDecoder_64.dll
2014-11-21 02:18 . 2014-11-21 02:18 208384 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDhwDecoder_32.dll
2014-11-21 02:17 . 2014-11-21 02:17 114688 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll
2014-11-21 02:17 . 2014-11-21 02:17 97280 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_32.dll
2014-10-16 07:07 . 2014-10-16 07:07 5085936 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-07-10 05:00 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-10 04:59 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-10 04:59 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-10 04:59 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-10 04:59 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-10 04:59 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-10 04:59 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-04-01 09:12 . 2014-04-01 09:12 2127040 ----a-w- c:\program files\Common Files\Microsoft Shared\Filters\VISFILT.DLL
2013-09-05 05:17 . 2013-09-05 05:17 4300456 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-26 00:28 . 2013-06-26 00:28 1332952 ----a-w- c:\program files\Common Files\Microsoft Shared\Filters\odffilt.dll
2013-06-26 00:28 . 2013-06-26 00:28 1509592 ----a-w- c:\program files\Common Files\Microsoft Shared\Filters\offfiltx.dll
2013-06-25 08:11 . 2013-06-25 08:11 1271512 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
2013-03-09 12:52 . 2013-03-09 12:52 163968 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\vstoee.dll
2013-03-09 12:52 . 2013-03-09 12:52 17048 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb
2013-03-09 12:52 . 2013-03-09 12:52 22656 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb
2013-03-09 12:52 . 2013-03-09 12:52 98448 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe
2013-03-09 12:52 . 2013-03-09 12:52 364168 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
2013-03-09 12:52 . 2013-03-09 12:52 48792 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll
2013-03-09 12:52 . 2013-03-09 12:52 10896 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll
2013-03-09 12:52 . 2013-03-09 12:52 19080 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
2013-02-13 08:28 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2013-02-13 08:28 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-02-13 08:01 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-02-13 08:01 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-02-13 08:01 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-02-13 08:01 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-02-13 08:01 . 2012-06-06 04:37 40960 ----a-w- c:\program files\Common Files\System\ado\msador28.tlb
2013-02-13 08:01 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2013-02-13 08:01 . 2012-06-06 04:37 73728 ----a-w- c:\program files\Common Files\System\ado\msado26.tlb
2013-02-13 08:01 . 2012-06-06 04:37 73728 ----a-w- c:\program files\Common Files\System\ado\msado25.tlb
2013-02-13 08:01 . 2012-06-06 04:37 77824 ----a-w- c:\program files\Common Files\System\ado\msado27.tlb
2013-02-13 08:01 . 2012-06-06 04:37 73728 ----a-w- c:\program files\Common Files\System\ado\msado60.tlb
2013-02-13 08:01 . 2012-06-06 04:37 73728 ----a-w- c:\program files\Common Files\System\ado\msado28.tlb
2013-02-13 08:01 . 2012-06-06 04:37 57344 ----a-w- c:\program files\Common Files\System\ado\msado21.tlb
2013-02-13 08:01 . 2012-06-06 04:37 57344 ----a-w- c:\program files\Common Files\System\ado\msado20.tlb
2013-02-13 08:01 . 2012-06-06 04:37 20480 ----a-w- c:\program files\Common Files\System\ado\msadomd28.tlb
2012-12-13 18:50 . 2012-12-13 18:50 6112864 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\Drivers\usbaaplrc.dll
2012-12-13 18:50 . 2012-12-13 18:50 54784 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl64.sys
2012-12-13 17:38 . 2012-12-13 17:38 13416 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl64.cat
2012-12-13 17:38 . 2012-12-13 17:38 5551 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl64.inf
2012-12-06 17:53 . 2012-12-06 17:53 239200 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll
2012-12-06 17:41 . 2012-12-06 17:41 9615 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\NetDrivers\netaapl64.cat
2012-12-06 17:41 . 2012-12-06 17:41 4215 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\NetDrivers\netaapl64.inf
2012-09-10 15:41 . 2012-09-10 15:41 22528 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\NetDrivers\netaapl64.sys
2012-09-10 15:41 . 2012-09-10 15:41 1721576 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\NetDrivers\WdfCoInstaller01009.dll
2012-05-24 19:11 . 2012-05-24 19:11 272 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\UninstReg.reg
2012-04-25 13:44 . 2012-04-25 13:44 39728 ----a-w- c:\program files\Common Files\Microsoft Shared\Filters\msgfilt.dll
2012-04-03 19:32 . 2012-04-03 19:32 185 ----a-w- c:\program files\Common Files\ATI Technologies\Multimedia\amdwdst.config
2011-07-25 05:19 . 2011-07-10 22:20 682512 ----a-w- c:\program files\Common Files\Wolfram Research\Search\8.0.3.2427702\WindowsNotebookIndexer64.dll
2011-07-25 05:19 . 2011-07-11 00:18 4190736 ----a-w- c:\program files\Common Files\Wolfram Research\Browser\8.0.3.2427702\MathPlugin.dll
2011-04-19 08:09 . 2011-04-19 08:09 855376 ----a-w- c:\program files\Common Files\Microsoft Shared\VC\msdia90.dll
2010-11-26 08:31 . 2010-11-26 08:31 1784192 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll
2010-11-21 07:06 . 2010-11-21 07:06 10240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 3072 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 32768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 8704 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 9216 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 2560 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 22528 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 2560 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 8704 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 2560 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 43520 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 3072 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 2560 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 4608 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 26624 ----a-w- c:\program files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui
2010-11-21 07:06 . 2010-11-21 07:06 5120 ----a-w- c:\program files\Common Files\System\msadc\en-US\msadcfr.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 5632 ----a-w- c:\program files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 44032 ----a-w- c:\program files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui
2010-11-21 07:06 . 2010-11-21 07:06 93696 ----a-w- c:\program files\Common Files\System\en-US\wab32res.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 7168 ----a-w- c:\program files\Common Files\System\msadc\en-US\msdaprsr.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 2560 ----a-w- c:\program files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 17408 ----a-w- c:\program files\Common Files\System\ado\en-US\msader15.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 3072 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 5632 ----a-w- c:\program files\Common Files\System\msadc\en-US\msadcor.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 9728 ----a-w- c:\program files\Common Files\System\msadc\en-US\msadcer.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 13824 ----a-w- c:\program files\Common Files\System\msadc\en-US\msaddsr.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 5632 ----a-w- c:\program files\Common Files\System\msadc\en-US\msdaremr.dll.mui
2010-11-21 07:06 . 2010-11-21 07:06 17920 ----a-w- c:\program files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui
2010-11-21 07:06 . 2010-11-21 07:06 47616 ----a-w- c:\program files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui
2010-11-21 03:25 . 2010-11-21 03:25 101376 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tpcps.dll
2010-11-21 03:24 . 2010-11-21 03:24 1547264 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mip.exe
2010-11-21 03:24 . 2010-11-21 03:24 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui
2010-11-21 03:24 . 2010-11-21 03:24 57344 ----a-w- c:\program files\Common Files\System\msadc\msdfmap.dll
2010-11-21 03:24 . 2010-11-21 03:24 249856 ----a-w- c:\program files\Common Files\System\msadc\msdarem.dll
2010-11-21 03:24 . 2010-11-21 03:24 1212416 ----a-w- c:\program files\Common Files\System\Ole DB\sqloledb.dll
2010-11-21 03:24 . 2010-11-21 03:24 749568 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2010-11-21 03:24 . 2010-11-21 03:24 114688 ----a-w- c:\program files\Common Files\System\msadc\msadcf.dll
2010-11-21 03:24 . 2010-11-21 03:24 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui
2010-11-21 03:23 . 2010-11-21 03:23 745472 ----a-w- c:\program files\Common Files\System\Ole DB\msdasql.dll
2010-11-21 03:23 . 2010-11-21 03:23 1101824 ----a-w- c:\program files\Common Files\System\Ole DB\oledb32.dll
2010-11-21 03:23 . 2010-11-21 03:23 98304 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2010-11-21 03:23 . 2010-11-21 03:23 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui
2010-11-21 03:23 . 2010-11-21 03:23 378880 ----a-w- c:\program files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
2010-10-16 22:06 . 2010-03-17 20:54 933376 ----a-w- c:\program files\Common Files\Motive\McciExecute.exe
2010-10-16 22:06 . 2010-03-17 20:55 1185 ----a-w- c:\program files\Common Files\Motive\MREW64N55_550-1804-1_DSR.ini
2010-10-16 22:06 . 2010-03-17 20:54 233472 ----a-w- c:\program files\Common Files\Motive\MREW64N55_550-1804-1_DSR.dll
2010-10-16 22:06 . 2010-03-17 20:54 2895872 ----a-w- c:\program files\Common Files\Motive\McciWirelessClientAppX.dll
2010-10-16 22:06 . 2010-03-17 20:54 2712064 ----a-w- c:\program files\Common Files\Motive\McciSysNetX.dll
2010-10-16 22:06 . 2010-03-17 20:55 1936896 ----a-w- c:\program files\Common Files\Motive\McciSysDialX.dll
2010-10-16 22:06 . 2010-03-17 20:55 2921472 ----a-w- c:\program files\Common Files\Motive\McciNetX.dll
2010-10-16 22:06 . 2010-03-17 20:55 966144 ----a-w- c:\program files\Common Files\Motive\McciContextX.dll
2010-10-16 22:06 . 2010-03-17 20:54 862208 ----a-w- c:\program files\Common Files\Motive\McciContextProcessor_DSR.dll
2010-10-16 22:06 . 2010-03-17 20:54 312320 ----a-w- c:\program files\Common Files\Motive\McciContextHook_DSR.dll
2010-10-16 22:06 . 2010-03-17 20:55 1028096 ----a-w- c:\program files\Common Files\Motive\McciContextDetectorWin32_DSR.dll
2010-10-16 22:06 . 2010-03-17 20:54 1000960 ----a-w- c:\program files\Common Files\Motive\McciContextDetectorEmail_DSR.dll
2010-10-16 22:06 . 2010-03-17 20:54 3131904 ----a-w- c:\program files\Common Files\Motive\McciConnectedDevicesX.dll
2010-10-16 22:06 . 2010-03-17 20:54 287744 ----a-w- c:\program files\Common Files\Motive\McciAppsHelper.exe
2010-10-16 22:06 . 2010-03-17 20:55 2600448 ----a-w- c:\program files\Common Files\Motive\McciAppsX.dll
2010-10-16 22:05 . 2010-03-17 12:15 422912 ----a-w- c:\program files\Common Files\Motive\McciUACManagerX.dll
2010-10-16 22:05 . 2010-03-17 12:15 3317760 ----a-w- c:\program files\Common Files\Motive\McciUtilsX.dll
2010-10-16 22:05 . 2010-03-17 12:15 3749376 ----a-w- c:\program files\Common Files\Motive\McciSysX.dll
2010-10-16 22:05 . 2010-03-17 12:15 625152 ----a-w- c:\program files\Common Files\Motive\McciSMX.dll
2010-10-16 22:05 . 2010-03-17 12:15 623104 ----a-w- c:\program files\Common Files\Motive\McciHTTPX.dll
2010-10-16 22:05 . 2010-03-17 12:15 1058816 ----a-w- c:\program files\Common Files\Motive\McciEventX.dll
2010-10-16 22:05 . 2010-03-17 12:15 424448 ----a-w- c:\program files\Common Files\Motive\McciControlHost.exe
2010-10-16 22:05 . 2010-03-17 12:15 321536 ----a-w- c:\program files\Common Files\Motive\McciLogX.dll
2010-10-16 22:05 . 2010-03-17 12:16 517632 ----a-w- c:\program files\Common Files\Motive\McciCMService.exe
2010-10-16 22:05 . 2010-03-17 12:16 552960 ----a-w- c:\program files\Common Files\Motive\InstallHelper.exe
2010-03-01 09:18 . 2010-03-01 09:18 56144 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL
2010-02-28 06:24 . 2010-02-28 06:24 121168 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
2010-02-28 06:24 . 2010-02-28 06:24 56192 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
2010-02-28 06:13 . 2010-02-28 06:13 716 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config
2010-01-10 01:34 . 2010-01-10 01:34 148736 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2010-01-10 01:34 . 2010-01-10 01:34 1828608 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2010-01-10 01:34 . 2010-01-10 01:34 11646 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms
2010-01-10 01:34 . 2010-01-10 01:34 2173696 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
2010-01-10 01:34 . 2010-01-10 01:34 4925184 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2010-01-10 01:34 . 2010-01-10 01:34 146192 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL
2010-01-10 01:34 . 2010-01-10 01:34 47710 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF
2009-10-07 15:39 . 2009-10-07 15:39 682256 ----a-w- c:\program files\Common Files\logishrd\WUApp64.exe
2009-10-07 08:51 . 2009-10-07 08:51 280600 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\UMVPL.dll
2009-10-07 08:47 . 2009-10-07 08:47 191000 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
2009-10-07 08:46 . 2009-10-07 08:46 131608 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\LVPrcInj.dll
2009-10-07 08:28 . 2009-10-07 08:28 764 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\LVPr2M64.cat
2009-10-07 08:24 . 2009-10-07 08:24 1540 ----a-w- c:\program files\Common Files\logishrd\LVMVFM\LVPr2M64.inf
2009-07-14 05:32 . 2009-07-14 05:32 645 --sha-w- c:\program files\Common Files\Microsoft Shared\Stationery\Desktop.ini
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 4096 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui
2009-07-14 01:17 . 2009-07-14 01:17 3584 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui
2009-07-14 00:34 . 2009-07-14 01:41 181248 ----a-w- c:\program files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll
2009-07-14 00:34 . 2009-07-14 01:41 373760 ----a-w- c:\program files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll
2009-07-14 00:33 . 2009-07-14 01:41 9728 ----a-w- c:\program files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll
2009-07-14 00:33 . 2009-07-14 01:41 41472 ----a-w- c:\program files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll
2009-07-14 00:29 . 2009-07-14 01:41 364544 ----a-w- c:\program files\Common Files\System\Ole DB\sqlxmlx.dll
2009-07-14 00:28 . 2009-07-14 01:41 434176 ----a-w- c:\program files\Common Files\System\Ole DB\msdaps.dll
2009-07-14 00:28 . 2009-07-14 00:28 16384 ----a-w- c:\program files\Common Files\System\Ole DB\sqloledb.rll
2009-07-14 00:28 . 2009-07-14 00:28 8192 ----a-w- c:\program files\Common Files\System\Ole DB\sqlxmlx.rll
2009-07-14 00:28 . 2009-07-14 01:41 303104 ----a-w- c:\program files\Common Files\System\msadc\msadds.dll
2009-07-14 00:28 . 2009-07-14 01:41 389120 ----a-w- c:\program files\Common Files\System\msadc\msdaprst.dll
2009-07-14 00:28 . 2009-07-14 01:41 106496 ----a-w- c:\program files\Common Files\System\ado\msadrh15.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\ado\msader15.dll
2009-07-14 00:28 . 2009-07-14 00:28 28672 ----a-w- c:\program files\Common Files\System\ado\msadox28.tlb
2009-07-14 00:28 . 2009-07-14 01:29 61440 ----a-w- c:\program files\Common Files\System\Ole DB\msdasqlr.dll
2009-07-14 00:28 . 2009-07-14 01:41 36864 ----a-w- c:\program files\Common Files\System\Ole DB\msxactps.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msdaprsr.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msdaremr.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msaddsr.dll
2009-07-14 00:28 . 2009-07-14 01:41 131072 ----a-w- c:\program files\Common Files\System\Ole DB\msdatl3.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msadcer.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msadcor.dll
2009-07-14 00:28 . 2009-07-14 01:29 8192 ----a-w- c:\program files\Common Files\System\msadc\msadcfr.dll
2009-07-14 00:28 . 2009-07-14 01:31 81920 ----a-w- c:\program files\Common Files\System\Ole DB\oledb32r.dll
2009-07-14 00:05 . 2009-06-10 20:44 15063 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif
2009-07-14 00:05 . 2009-06-10 20:44 3168 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg
2009-07-14 00:05 . 2009-06-10 20:44 4638 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Tiki.gif
2009-07-14 00:05 . 2009-06-10 20:44 3650 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg
2009-07-14 00:05 . 2009-06-10 20:44 1864 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Stucco.gif
2009-07-14 00:05 . 2009-06-10 20:44 1990 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Small_News.jpg
2009-07-14 00:05 . 2009-06-10 20:44 15776 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg
2009-07-14 00:05 . 2009-06-10 20:44 26720 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf
2009-07-14 00:05 . 2009-06-10 20:44 81292 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Shorthand.emf
2009-07-14 00:05 . 2009-06-10 20:44 37316 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Seyes.emf
2009-07-14 00:05 . 2009-06-10 20:44 26036 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Music.emf
2009-07-14 00:05 . 2009-06-10 20:44 4192 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf
2009-07-14 00:05 . 2009-06-10 20:44 152300 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Memo.emf
2009-07-14 00:05 . 2009-06-10 20:44 116724 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Graph.emf
2009-07-14 00:05 . 2009-06-10 20:44 10340 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Genko_2.emf
2009-07-14 00:05 . 2009-06-10 20:44 5524 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Genko_1.emf
2009-07-14 00:05 . 2009-06-10 20:44 3792 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf
2009-07-14 00:05 . 2009-06-10 20:44 2920 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf
2009-07-14 00:05 . 2009-06-10 20:44 7498 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf
2009-07-14 00:05 . 2009-06-10 20:44 14049 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg
2009-07-14 00:05 . 2009-06-10 20:44 5115 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg
2009-07-14 00:05 . 2009-06-10 20:44 3981 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg
2009-07-14 00:05 . 2009-06-10 20:44 2950 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Notebook.jpg
2009-07-14 00:05 . 2009-06-10 20:44 2209 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Monet.jpg
2009-07-14 00:05 . 2009-06-10 20:44 2319 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Connectivity.gif
2009-07-14 00:05 . 2009-06-10 20:44 4587 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif
2009-07-14 00:05 . 2009-06-10 20:44 2575 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg
2009-07-14 00:03 . 2009-07-14 01:41 1071616 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwLatin.dll
2009-07-14 00:03 . 2009-07-14 01:39 383488 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
2009-07-14 00:02 . 2009-07-14 01:39 193024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe
2009-07-14 00:02 . 2009-07-14 01:41 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2009-07-14 00:02 . 2009-06-10 21:08 791686 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\Alphabet.xml
2009-07-14 00:02 . 2009-07-14 01:39 695296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
2009-07-14 00:02 . 2009-07-14 01:41 1704448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\micaut.dll
2009-07-14 00:02 . 2009-07-14 01:41 49664 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwgst.dll
2009-07-14 00:02 . 2009-07-14 01:41 94720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\IpsPlugin.dll
2009-07-14 00:02 . 2009-07-14 01:39 397312 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkWatson.exe
2009-07-14 00:02 . 2009-07-14 01:41 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll
2009-07-14 00:02 . 2009-07-14 01:39 927744 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe
2009-07-14 00:02 . 2009-07-14 01:41 6331392 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mraut.dll
2009-07-14 00:02 . 2009-07-14 01:28 2048 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll
2009-07-14 00:02 . 2009-07-14 01:41 40448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabIpsps.dll
2009-07-14 00:01 . 2009-07-14 01:41 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2009-07-14 00:01 . 2009-07-14 01:41 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2009-07-14 00:01 . 2009-07-14 01:33 12288 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipresx.dll
2009-07-13 23:58 . 2009-07-14 01:33 1098752 ----a-w- c:\program files\Common Files\System\wab32res.dll
2009-07-13 23:57 . 2009-07-14 01:40 29184 ----a-w- c:\program files\Common Files\System\DirectDB.dll
2009-07-13 23:04 . 2009-07-14 01:51 507904 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll
2009-07-13 23:01 . 2009-06-10 20:47 7505 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Stars.jpg
2009-07-13 23:01 . 2009-07-13 23:01 232 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm
2009-07-13 23:01 . 2009-06-10 20:47 10569 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg
2009-07-13 23:01 . 2009-07-13 23:01 230 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Stars.htm
2009-07-13 23:01 . 2009-06-10 20:47 1920 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Roses.jpg
2009-07-13 23:01 . 2009-07-13 23:01 237 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm
2009-07-13 23:01 . 2009-06-10 20:47 4734 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg
2009-07-13 23:01 . 2009-06-10 20:47 5115 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Peacock.jpg
2009-07-13 23:01 . 2009-07-13 23:01 233 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Roses.htm
2009-07-13 23:01 . 2009-06-10 20:47 6381 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg
2009-07-13 23:01 . 2009-07-13 23:01 232 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Peacock.htm
2009-07-13 23:01 . 2009-07-13 23:01 235 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm
2009-07-13 23:01 . 2009-06-10 20:47 4222 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg
2009-07-13 23:01 . 2009-07-13 23:01 237 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm
2009-07-13 23:01 . 2009-06-10 20:47 6406 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg
2009-07-13 23:01 . 2009-07-13 23:01 237 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm
2009-07-13 23:01 . 2009-06-10 20:47 1074 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Bears.jpg
2009-07-13 23:01 . 2009-07-13 23:01 231 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Garden.htm
2009-07-13 23:01 . 2009-06-10 20:47 23871 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Garden.jpg
2009-07-13 23:01 . 2009-07-13 23:01 255 ----a-w- c:\program files\Common Files\Microsoft Shared\Stationery\Bears.htm
2009-07-13 22:31 . 2009-07-13 22:31 9804 ----a-w- c:\program files\Common Files\System\Ole DB\oledbjvs.inc
2009-07-13 22:31 . 2009-07-13 22:31 9975 ----a-w- c:\program files\Common Files\System\Ole DB\oledbvbs.inc
2009-07-13 22:31 . 2009-07-13 20:50 14610 ----a-w- c:\program files\Common Files\System\ado\adojavas.inc
2009-07-13 22:31 . 2009-07-13 20:50 14951 ----a-w- c:\program files\Common Files\System\ado\adovbs.inc
2009-07-13 22:31 . 2009-07-13 20:50 623 ----a-w- c:\program files\Common Files\System\msadc\adcvbs.inc
2009-07-13 22:31 . 2009-07-13 20:50 630 ----a-w- c:\program files\Common Files\System\msadc\adcjavas.inc
2009-07-13 20:49 . 2009-06-10 20:36 588 ----a-w- c:\program files\Common Files\System\msadc\handsafe.reg
2009-07-13 20:41 . 2009-07-13 20:41 4120784 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrusash.dat
2009-07-13 20:41 . 2009-07-13 20:41 3195696 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrusalm.dat
2009-07-13 20:41 . 2009-07-13 20:41 2227968 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwruksh.dat
2009-07-13 20:41 . 2009-07-13 20:41 3053984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwruklm.dat
2009-07-13 20:40 . 2009-07-13 20:40 815680 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrenclm.dat
2009-07-13 20:40 . 2009-07-13 20:40 1100368 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat
2009-07-13 20:40 . 2009-07-13 20:40 747280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrenalm.dat
2009-07-13 20:40 . 2009-07-13 20:40 46624 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat
2009-07-13 20:40 . 2009-06-10 21:08 2520 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipssve.xml
2009-07-13 20:40 . 2009-06-10 21:08 2596 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipssrl.xml
2009-07-13 20:40 . 2009-06-10 21:08 2542 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsrus.xml
2009-07-13 20:40 . 2009-06-10 21:08 2568 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipssrb.xml
2009-07-13 20:40 . 2009-06-10 21:08 2240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsptg.xml
2009-07-13 20:40 . 2009-06-10 21:08 2644 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsrom.xml
2009-07-13 20:40 . 2009-06-10 21:08 2600 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsplk.xml
2009-07-13 20:40 . 2009-06-10 21:08 2246 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsptb.xml
2009-07-13 20:40 . 2009-06-10 21:08 2568 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipskor.xml
2009-07-13 20:40 . 2009-06-10 21:08 2626 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsnld.xml
2009-07-13 20:40 . 2009-06-10 21:08 2580 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsnor.xml
2009-07-13 20:40 . 2009-06-10 21:08 2522 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsjpn.xml
2009-07-13 20:40 . 2009-06-10 21:08 2652 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipshrv.xml
2009-07-13 20:40 . 2009-06-10 21:08 2526 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsita.xml
2009-07-13 20:40 . 2009-06-10 21:08 3024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsesp.xml
2009-07-13 20:40 . 2009-06-10 21:08 2628 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsfra.xml
2009-07-13 20:40 . 2009-06-10 21:08 2658 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsfin.xml
2009-07-13 20:40 . 2009-06-10 21:08 2578 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsen.xml
2009-07-13 20:40 . 2009-06-10 21:08 2514 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsdan.xml
2009-07-13 20:40 . 2009-06-10 21:08 2616 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipsdeu.xml
2009-07-13 20:40 . 2009-06-10 21:08 2436 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipscht.xml
2009-07-13 20:40 . 2009-06-10 21:08 2556 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipscsy.xml
2009-07-13 20:40 . 2009-06-10 21:08 2462 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipschs.xml
2009-07-13 20:39 . 2009-06-10 20:47 194048 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\split.avi
2009-07-13 20:39 . 2009-06-10 20:47 222208 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\join.avi
2009-07-13 20:39 . 2009-06-10 20:47 224256 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\delete.avi
2009-07-13 20:39 . 2009-06-10 20:47 197120 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\correct.avi
2009-07-13 20:39 . 2009-06-10 20:47 62976 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi
2009-07-13 20:39 . 2009-06-10 20:47 33280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi
2009-07-13 20:39 . 2009-06-10 20:47 31744 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi
2009-07-13 20:39 . 2009-06-10 20:46 247 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml
2009-07-13 20:39 . 2009-06-10 20:46 11067 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml
2009-07-13 20:39 . 2009-06-10 20:46 10947 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml
2009-07-13 20:39 . 2009-06-10 20:46 749 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml
2009-07-13 20:39 . 2009-06-10 20:46 9803 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml
2009-07-13 20:39 . 2009-06-10 20:46 749 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml
2009-07-13 20:39 . 2009-06-10 20:46 15097 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml
2009-07-13 20:39 . 2009-06-10 20:46 16616 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml
2009-07-13 20:39 . 2009-06-10 20:46 617 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml
2009-07-13 20:39 . 2009-06-10 20:46 804 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml
2009-07-13 20:39 . 2009-06-10 20:46 488 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml
2009-07-13 20:39 . 2009-06-10 20:46 738 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml
2009-07-13 20:39 . 2009-06-10 20:46 392 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml
2009-07-13 20:39 . 2009-06-10 20:46 3166 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml
2009-07-13 20:39 . 2009-06-10 20:46 1118 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml
2009-07-13 20:39 . 2009-06-10 20:46 3161 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml
2009-06-10 21:08 . 2009-06-10 21:08 1600388 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\FlickAnimation.avi
2009-06-10 21:08 . 2009-06-10 21:08 2592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ipscat.xml
2009-06-10 21:08 . 2009-06-10 21:08 27045 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\Content.xml
2009-06-10 20:47 . 2009-06-10 20:47 2702 ----a-w- c:\program files\Common Files\Services\verisign.bmp
2009-06-10 20:47 . 2009-06-10 20:47 89600 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi
2009-06-10 20:46 . 2009-06-10 20:46 1166 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 207 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml
2009-06-10 20:46 . 2009-06-10 20:46 2764 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 591 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml
2009-06-10 20:46 . 2009-06-10 20:46 924 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 215 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml
2009-06-10 20:46 . 2009-06-10 20:46 1437 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 219 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml
2009-06-10 20:46 . 2009-06-10 20:46 471 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml
2009-06-10 20:46 . 2009-06-10 20:46 215 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml
2009-06-10 20:46 . 2009-06-10 20:46 1218 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 209 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml
2009-06-10 20:46 . 2009-06-10 20:46 3150 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml
2009-06-10 20:46 . 2009-06-10 20:46 38485 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml
2009-06-10 20:46 . 2009-06-10 20:46 384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml
2009-06-10 20:46 . 2009-06-10 20:46 727 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml
2009-06-10 20:46 . 2009-06-10 20:46 1434 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml
2009-06-10 20:46 . 2009-06-10 20:46 212 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml
2009-06-10 20:36 . 2009-06-10 20:36 518 ----a-w- c:\program files\Common Files\System\msadc\handler.reg
2007-02-23 09:40 . 2007-02-23 09:40 1451920 ----a-w- c:\program files\Common Files\Microsoft Shared\DW\DW20.EXE
2007-02-23 09:40 . 2007-02-23 09:40 1064872 ----a-w- c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
.
---- Directory of c:\program files\Common ----
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-02-16 2529096]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"NCsoft Launcher"="c:\program files (x86)\NCSoft\Launcher\NCLauncher.exe" [2013-06-06 43304]
"Octoshape Streaming Services"="c:\users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]
"Spotify Web Helper"="c:\users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-13 1676344]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-01-23 1942720]
"Spotify"="c:\users\Renato\AppData\Roaming\Spotify\spotify.exe" [2014-12-13 6737976]
"uTorrent"="c:\users\Renato\AppData\Roaming\uTorrent\uTorrent.exe" [2015-01-20 1377872]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-06-06 251744]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"VERIZONDM"="c:\program files (x86)\VERIZONDM\bin\sprtcmd.exe" [2010-09-02 206120]
"VerizonServicepoint.exe"="c:\program files (x86)\Verizon\VSP\VerizonServicepoint.exe" [2011-01-10 4318520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-21 767176]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-26 5227112]
.
c:\users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys;c:\windows\SYSNATIVE\drivers\ahcix64s.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/02/07 10:18];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl;c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe;c:\program files\Common Files\Motive\McciCMService.exe [x]
S2 ServicepointService;ServicepointService;c:\program files (x86)\Verizon\VSP\ServicepointService.exe;c:\program files (x86)\Verizon\VSP\ServicepointService.exe [x]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe;c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe;c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 06:23 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 23:18]
.
2013-02-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001Core.job
- c:\users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10 17:18]
.
2013-02-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001UA.job
- c:\users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10 17:18]
.
2015-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-10 04:23]
.
2015-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-10 04:23]
.
2015-02-04 c:\windows\Tasks\HPCeeScheduleForRenato.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
2013-02-02 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-18 09:56 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 3432448]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 163568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchURL,(Default) = hxxp://search.alot.com/web?q=&pr=auto&client_id=586617A001CCE12F21600B83&src_id=30305&camp_id=3534&tb_version=1.1.3001.0(B)
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-Power Loader - c:\users\Renato\AppData\Local\PowerChallenge\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Completion time: 2015-02-06  19:03:24 - machine was rebooted
ComboFix-quarantined-files.txt  2015-02-07 00:03
.
Pre-Run: 94,690,656,256 bytes free
Post-Run: 734,015,795,200 bytes free
.
- - End Of File - - 547B1127F2E7AC3EC4C6FA402900E375
 
 
For some reason the post didn't go through and I thought it was already posted. 

  • 0

#84
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

I don't see any of the logitech webcam still running.  Looks like we got rid of it without crashing your PC.  

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.

  • 0

#85
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/02/2015 12:39:22 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/02/2015 5:35:02 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
 
Log: 'System' Date/Time: 08/02/2015 5:28:14 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The SupportSoft Repair Service (verizondm) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 08/02/2015 5:28:14 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Repair Service (verizondm) service to connect.
 
Log: 'System' Date/Time: 08/02/2015 5:27:14 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Support Solutions Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 08/02/2015 5:27:14 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
 
Log: 'System' Date/Time: 08/02/2015 5:26:44 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez Studios Authenticate and Update Service service to connect.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/02/2015 5:35:26 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.evri.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/02/2015 5:29:26 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#.
 
Log: 'System' Date/Time: 08/02/2015 5:24:57 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/02/2015 12:40:20 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/02/2015 5:27:19 AM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 

  • 0

Advertisements


#86
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.


  • 0

#87
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Renato (administrator) on RENATO-PC on 08-02-2015 14:17:32
Running from C:\Users\Renato\Desktop
Loaded Profiles: Renato (Available profiles: Renato)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Alcatel-Lucent) C:\Program Files\Verizon\McciTrayApp.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
(Octoshape ApS) C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Spotify Ltd) C:\Users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Renato\AppData\Roaming\uTorrent\uTorrent.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
(Verizon) C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
Failed to access process -> dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [Verizon_McciTrayApp] => C:\Program Files\Verizon\McciTrayApp.exe [3432448 2010-03-17] (Alcatel-Lucent)
HKLM\...\Run: [Zune Launcher] => c:\Program Files\Zune\ZuneLauncher.exe [163568 2010-09-24] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [251744 2011-06-06] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [VERIZONDM] => C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe [206120 2010-09-02] (SupportSoft, Inc.)
HKLM-x32\...\Run: [VerizonServicepoint.exe] => C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe [4318520 2011-01-10] (Verizon)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2529096 2012-02-16] (Desura Pty Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [NCsoft Launcher] => C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe [43304 2013-06-06] (NCSOFT)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Spotify Web Helper] => C:\Users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Spotify] => C:\Users\Renato\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [uTorrent] => C:\Users\Renato\AppData\Roaming\uTorrent\uTorrent.exe [1377872 2015-01-20] (BitTorrent Inc.)
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
Startup: C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM -> {C9B3E73D-3E54-4289-821F-DF4FC0BA4351} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {C9B3E73D-3E54-4289-821F-DF4FC0BA4351} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> DefaultScope {F6DF4AE4-1EC8-47A9-AF93-FC4C481C5718} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> {224C4FB2-1476-4EC6-B16C-166D8631F260} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001 -> {F6DF4AE4-1EC8-47A9-AF93-FC4C481C5718} URL = https://search.yahoo...p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @hulu.com/Hulu Desktop -> C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll No File
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @powerchallenge.com/PowerLoader -> C:\Users\Renato\AppData\LocalLow\PowerChallenge\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-3591711946-2265182465-2123470179-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Renato\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Renato\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\google-search.xml
FF SearchPlugin: C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (From Dust) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2013-10-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-31]
CHR Extension: (Sniper Team) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec [2014-04-03]
CHR Extension: (Crazy Shooting) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2014-04-03]
CHR Extension: (Adblock for Pirate Bay) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-04-05] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-03-17] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-03-17] (Alcatel-Lucent) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2010-09-02] (SupportSoft, Inc.)
S2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2010-09-02] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; c:\Windows\system32\ZuneWlanCfgSvc.exe [467696 2010-09-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-18] ()
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-08 14:17 - 2015-02-08 14:17 - 00000000 ____D () C:\Users\Renato\Desktop\FRST-OlderVersion
2015-02-06 19:03 - 2015-02-06 19:03 - 00083855 _____ () C:\ComboFix.txt
2015-02-06 18:52 - 2015-02-06 18:52 - 00003664 ____N () C:\bootsqm.dat
2015-02-06 02:28 - 2015-02-06 02:28 - 05611380 ____R (Swearware) C:\Users\Renato\Desktop\ComboFix.exe
2015-02-06 02:26 - 2015-02-06 02:28 - 05611380 _____ (Swearware) C:\Users\Renato\Downloads\ComboFix.exe
2015-02-05 13:17 - 2015-02-05 13:20 - 00037902 _____ () C:\Users\Renato\Desktop\Addition.txt
2015-02-05 13:15 - 2015-02-08 14:18 - 00026722 _____ () C:\Users\Renato\Desktop\FRST.txt
2015-02-05 13:11 - 2015-02-05 13:11 - 00002819 _____ () C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2015-02-05 13:11 - 2015-02-05 13:11 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2015-02-05 13:07 - 2015-02-05 13:07 - 00359656 _____ (Microsoft Corporation) C:\Users\Renato\Desktop\msicuu2.exe
2015-02-04 13:36 - 2015-02-08 14:17 - 02132992 _____ (Farbar) C:\Users\Renato\Desktop\FRST64.exe
2015-02-04 13:36 - 2015-02-04 13:36 - 02131968 _____ (Farbar) C:\Users\Renato\Downloads\FRST64.exe
2015-02-03 23:30 - 2015-02-08 00:40 - 00000640 _____ () C:\VEW.txt
2015-02-03 22:28 - 2015-02-03 22:28 - 00061440 _____ ( ) C:\Users\Renato\Downloads\VEW.exe
2015-02-03 22:28 - 2015-02-03 22:28 - 00061440 _____ ( ) C:\Users\Renato\Desktop\VEW.exe
2015-02-03 16:02 - 2015-02-03 16:02 - 00000020 ___SH () C:\Users\Renato\ntuser.ini
2015-02-03 14:50 - 2015-02-03 14:50 - 00000000 ____D () C:\Users\Renato\AppData\Local\AMD
2015-02-03 14:46 - 2015-02-03 14:46 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\ATI
2015-02-03 14:46 - 2015-02-03 14:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\ATI
2015-02-03 14:45 - 2015-02-03 14:45 - 00115960 _____ () C:\Users\Renato\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 14:43 - 2015-02-03 14:43 - 00000000 __SHD () C:\Users\Renato\AppData\Local\EmieUserList
2015-02-03 14:43 - 2015-02-03 14:43 - 00000000 __SHD () C:\Users\Renato\AppData\Local\EmieSiteList
2015-02-03 07:25 - 2015-02-03 07:25 - 00000000 ____D () C:\Users\Public\Recorded TV
2015-02-01 15:09 - 2015-02-01 15:09 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Gyazo
2015-01-26 23:40 - 2015-01-26 23:40 - 00115960 _____ () C:\GDIPFONTCACHEV1.DAT
2015-01-24 17:37 - 2015-01-24 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 00:23 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-24 00:23 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-24 00:23 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-24 00:23 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-24 00:21 - 2015-02-06 19:03 - 00000000 ____D () C:\Qoobox
2015-01-18 05:00 - 2015-01-18 05:00 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\AVAST Software
2015-01-18 04:58 - 2015-02-08 14:04 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-18 04:57 - 2015-01-18 04:58 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-18 04:57 - 2015-01-18 04:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-18 04:56 - 2015-01-18 04:58 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-18 04:56 - 2015-01-18 04:56 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-18 04:56 - 2015-01-18 04:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-18 04:55 - 2015-01-18 04:55 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-17 22:51 - 2015-01-17 22:51 - 00000000 ____D () C:\Users\Renato\AppData\Local\Apps\2.0
2015-01-14 01:32 - 2015-01-14 01:32 - 00000000 ____D () C:\Program Files\7-Zip
2015-01-13 19:42 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:42 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:42 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:42 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:42 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:42 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:42 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:42 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:42 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:42 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:42 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-10 23:49 - 2015-01-10 23:49 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-RENATO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-10 23:49 - 2015-01-10 23:49 - 00000000 ____D () C:\RegBackup
2015-01-10 23:47 - 2015-01-10 23:47 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-10 23:46 - 2015-01-10 23:46 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-08 14:17 - 2015-01-03 16:42 - 00000000 ____D () C:\FRST
2015-02-08 14:16 - 2013-02-02 11:58 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\uTorrent
2015-02-08 14:16 - 2011-02-10 16:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 14:05 - 2013-02-11 22:03 - 01898887 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 14:04 - 2013-03-07 18:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 14:04 - 2011-02-10 16:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 00:32 - 2009-07-13 23:45 - 00026448 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 00:32 - 2009-07-13 23:45 - 00026448 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 00:30 - 2013-01-09 22:21 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Spotify
2015-02-08 00:26 - 2010-11-26 13:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-08 00:26 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 00:25 - 2009-07-13 23:51 - 14994272 _____ () C:\Windows\setupact.log
2015-02-07 21:03 - 2014-12-28 03:15 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRenato
2015-02-07 21:03 - 2014-12-28 03:15 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForRenato.job
2015-02-06 18:54 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-06 18:53 - 2010-11-20 22:47 - 00557402 _____ () C:\Windows\PFRO.log
2015-02-06 15:03 - 2012-07-31 14:57 - 00000000 ____D () C:\Windows\erdnt
2015-02-06 14:39 - 2013-02-11 20:40 - 00000000 ____D () C:\Users\Renato
2015-02-06 14:13 - 2013-02-11 20:38 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-02-05 13:10 - 2013-03-13 17:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-02-04 18:18 - 2013-03-07 18:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 18:18 - 2013-03-07 18:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 18:18 - 2013-03-07 18:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 08:16 - 2011-02-10 16:23 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 08:16 - 2011-02-10 16:23 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 16:01 - 2010-07-11 16:24 - 00000000 ____D () C:\Users\Renato\AppData\Local\Hewlett-Packard
2015-02-03 16:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-02-01 17:21 - 2013-02-11 22:03 - 01485311 _____ () C:\Windows\WindowsUpdate(15).log
2015-01-29 18:51 - 2010-08-15 01:15 - 00000000 ____D () C:\Users\Renato\AppData\Local\CrashDumps
2015-01-29 14:16 - 2011-07-03 17:29 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Tropico 3
2015-01-29 14:15 - 2013-07-21 22:06 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Dropbox
2015-01-29 14:14 - 2011-04-13 14:51 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Bioshock
2015-01-29 14:14 - 2010-07-30 10:19 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\CyberLink
2015-01-29 14:14 - 2010-07-11 16:33 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Adobe
2015-01-28 14:24 - 2010-08-15 17:34 - 00000000 ____D () C:\Users\Renato\AppData\Local\Adobe
2015-01-28 14:17 - 2013-09-12 17:48 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\Skype
2015-01-28 14:17 - 2010-11-16 23:08 - 00000000 ____D () C:\Users\Renato\AppData\Roaming\mIRC
2015-01-28 00:28 - 2010-08-25 17:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\AIM
2015-01-28 00:27 - 2013-02-11 20:38 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-01-27 02:56 - 2012-10-10 12:18 - 00000000 ____D () C:\Users\Renato\AppData\Local\Facebook
2015-01-27 02:56 - 2011-02-10 16:23 - 00000000 ____D () C:\Users\Renato\AppData\Local\Google
2015-01-26 21:56 - 2013-01-09 22:22 - 00000000 ____D () C:\Users\Renato\AppData\Local\Spotify
2015-01-26 21:42 - 2010-08-25 17:46 - 00000000 ____D () C:\Users\Renato\AppData\Local\AOL
2015-01-26 21:08 - 2010-02-07 13:38 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-26 21:05 - 2010-08-17 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-26 19:19 - 2010-02-07 13:42 - 00259152 _____ () C:\Windows\DirectX.log
2015-01-18 04:22 - 2011-02-02 18:36 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-11 01:53 - 2009-07-14 00:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-11 01:48 - 2009-07-13 23:45 - 00424040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 01:38 - 2009-07-13 21:34 - 00000514 _____ () C:\Windows\win.ini
2015-01-11 01:34 - 2013-12-15 14:57 - 00781790 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 18:16
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by Renato at 2015-02-08 14:19:34
Running from C:\Users\Renato\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
[email protected] ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Aion (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\NCsoft-Aion) (Version:  - NCsoft)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent Demo  (HKLM-x32\...\Steam App 57310) (Version:  - )
And Yet It Moves (HKLM-x32\...\Steam App 18700) (Version:  - Broken Rules)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12263.1 - Cisco Consumer Products LLC)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gish (HKLM-x32\...\Steam App 9500) (Version:  - Cryptic Sea)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Jolly Rover (HKLM-x32\...\Steam App 58200) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (x32 Version: 1.3 - Riot Games) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 3.0.24.12179 - LeapFrog)
LeapFrog Connect (x32 Version: 3.0.24.12179 - LeapFrog) Hidden
LeapFrog Leapster2 Plugin (x32 Version: 3.0.24.12378 - LeapFrog) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2427702) (HKLM\...\A-WIN-Extras 8.0.3 2427702_is1) (Version: 8.0.3 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.4.2 - NCsoft)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
Octoshape Streaming Services (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Octoshape Streaming Services) (Version:  - )
OnLive (HKLM-x32\...\OnLive) (Version:  - OnLive)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
Proun (HKLM-x32\...\Proun) (Version:  - )
Puzzle Agent (HKLM-x32\...\Steam App 31270) (Version:  - Telltale Games)
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version:  - Airtight Games)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD)
RAIDXpert (x32 Version: 3.2.1540.5 - AMD) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version:  - EasyGameStation)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Rybka 3 Aquarium Demo (HKLM-x32\...\Rybka 3 Aquarium Demo_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spotify (HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.5.4.24540 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Tarrasch Chess GUI V1.00a (HKLM-x32\...\Tarrasch Chess GUI_is1) (Version:  - Triple Happy Ltd.)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
Tribes Ascend Open Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.942.1 - Hi-Rez Studios)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin) (HKLM-x32\...\Leapster2Plugin) (Version:  - LeapFrog)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.7 - Flagship Industries, Inc.)
Verizon Download Manager (HKLM-x32\...\{F54E5D65-CB60-4A31-A71B-BCFB0FA0076D}) (Version: 1.0.0 - Verizon)
Verizon FiOS Activation (HKLM-x32\...\Verizon FiOS Activation_is1) (Version:  - Verizon)
Verizon Help and Support Tool (HKLM-x32\...\Verizon Help and Support) (Version:  - )
Verizon Servicepoint 3.7.44 (HKLM-x32\...\RadialpointClientGateway_is1) (Version: 3.7.44 - Verizon)
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
Vz In Home Agent (HKLM-x32\...\{2746B4DE-A2EE-4B33-A7CE-B33BAD5EF6FE}) (Version: 7.08.22 - Verizon)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Wolfram CDF Player (M-WIN-D 8.0.3 2427703) (HKLM-x32\...\M-WIN-D 8.0.3 2427703_is1) (Version: 8.0.3 - Wolfram Research, Inc.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.07.1404.00 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Renato\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
 
==================== Restore Points  =========================
 
01-02-2015 19:00:09 Windows Backup
03-02-2015 14:43:15 avast! antivirus system restore point
03-02-2015 15:05:11 Windows Update
03-02-2015 15:42:09 Restore Operation
03-02-2015 16:12:55 Windows Update
05-02-2015 13:08:07 Installed Windows Installer Clean Up
05-02-2015 13:11:07 Installed Windows Installer Clean Up
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-02-06 18:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0409711F-F06F-4937-8CD7-DB66E7D3404C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {0C27BDBF-74C3-42D9-B2AF-6932B6371856} - System32\Tasks\{2D302DEE-A7A1-4833-8208-87CF68A4DE18} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {108C3671-83BF-4AF1-9250-70EB39093967} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {19BBE128-FDB9-4B47-AD68-FD857BB4DAB3} - System32\Tasks\{E2BE99FC-0497-4339-898B-AEEE77821141} => pcalua.exe -a C:\Users\Renato\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {1D8E8618-0E45-4767-B83E-A89072D63762} - System32\Tasks\{9C84E6CD-3589-4860-BA72-BD0BF133B5BF} => pcalua.exe -a C:\Users\Renato\Downloads\zunesetuppkg-x86.exe -d C:\Users\Renato\Downloads
Task: {2336944E-89FA-4457-9CBF-5AAEC0566EC9} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2890A260-3A29-4432-91B7-26EA4A7590A8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-18] (AVAST Software)
Task: {36BFC549-BBD3-453B-B532-DD82E1ED4287} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3BBBE335-780A-48ED-9962-B2C322D0D279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {448E677D-D502-454D-B599-D68E73924342} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4D61A063-9BDE-4A4E-BCDF-804560EB5407} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {517E4D03-6611-4229-A13D-992AD173BD0C} - System32\Tasks\{3B41B43B-5361-46A7-8168-20C5F49EEE3E} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: {5926E2A8-FDBD-4E74-ADDB-23CE1CE6BDD9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001Core => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10] (Facebook Inc.)
Task: {5A75E99B-5DE1-4459-A547-D733C29D005F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001UA => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-10] (Facebook Inc.)
Task: {60DF6554-35F1-412B-8096-DDE3559E74A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {65887A64-EF3C-4EDD-8F78-773623BB8544} - System32\Tasks\HPCeeScheduleForRenato => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {6D2B0257-DEC4-45DD-8E60-4233F0C140BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {8642D700-3CBC-4772-AB60-CCBE6F2C937C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {9AB7FB4A-5972-4D01-961E-9735F83376A6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {AD89A927-FE00-434E-83CF-18DB1DE0AD37} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B5D039C0-881F-4A2B-9611-36EA01F7B587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {B91244CD-4F1B-4888-A394-2DD22728C3A5} - System32\Tasks\{16EB0BB1-199A-4C8E-B2A0-9C42FC48EB11} => Firefox.exe http://ui.skype.com/...all?page=tsMain
Task: {EE54D812-2BCD-4CB2-A637-CD2D85E57E2D} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001Core.job => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3591711946-2265182465-2123470179-1001UA.job => C:\Users\Renato\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRenato.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-11-20 21:23 - 2014-11-20 21:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2009-09-19 17:38 - 2009-09-19 17:38 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2009-09-14 19:17 - 2009-09-14 19:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-09-19 17:40 - 2009-09-19 17:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-09-19 17:40 - 2009-09-19 17:40 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2015-02-07 14:11 - 2015-02-07 14:11 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020701\algo.dll
2015-02-08 14:04 - 2015-02-08 14:04 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020801\algo.dll
2009-09-07 16:54 - 2009-09-07 16:54 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-09-29 18:25 - 2009-09-29 18:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 16:10 - 2014-11-11 13:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-25 15:19 - 2014-12-01 19:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-31 00:32 - 2015-01-23 17:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-12 03:17 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-12 19:12 - 2015-01-23 17:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-04-01 14:41 - 2011-04-01 14:41 - 02267648 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
2011-04-01 14:48 - 2011-04-01 14:48 - 08217088 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
2011-01-25 19:12 - 2011-01-10 11:47 - 00158208 _____ () C:\Program Files (x86)\Verizon\VSP\Windows7Features.dll
2015-01-18 04:56 - 2015-01-18 04:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-26 13:14 - 2015-01-15 18:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-06 01:24 - 2015-02-04 04:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 01:24 - 2015-02-04 04:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 01:24 - 2015-02-04 04:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 01:24 - 2015-02-04 04:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
2014-08-14 16:37 - 2015-01-15 18:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Registry Areas =====================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3591711946-2265182465-2123470179-500 - Administrator - Disabled)
Guest (S-1-5-21-3591711946-2265182465-2123470179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3591711946-2265182465-2123470179-1004 - Limited - Enabled)
Renato (S-1-5-21-3591711946-2265182465-2123470179-1001 - Administrator - Enabled) => C:\Users\Renato
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Logitech QuickCam S5500
Description: Logitech QuickCam S5500
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Logitech
Service: LVUVC64
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Logitech Mic (QuickCam S5500)
Description: Logitech Mic (QuickCam S5500)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: usbaudio
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (02/08/2015 02:04:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34} because another computer on the network has the same name.  The server could not start.
 
Error: (02/08/2015 00:35:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SupportSoft Repair Service (verizondm) service failed to start due to the following error: 
%%1053
 
Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Repair Service (verizondm) service to connect.
 
Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053
 
Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
 
Error: (02/08/2015 00:26:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez Studios Authenticate and Update Service service to connect.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-06 15:02:39.291
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-02-06 15:02:39.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-24 00:44:16.780
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix0\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-24 00:44:16.581
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix0\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-05 21:50:27.340
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-05 21:50:27.183
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-31 16:05:16.340
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-31 16:05:16.258
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 945 Processor
Percentage of memory in use: 58%
Total physical RAM: 8183.89 MB
Available physical RAM: 3433.55 MB
Total Pagefile: 16365.96 MB
Available Pagefile: 8894.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:919.67 GB) (Free:681.86 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.56 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.3 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#88
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Looking at your errors:

 

Error: (02/08/2015 02:04:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34} because another computer on the network has the same name.  The server could not start.

 

Not really important but is there another PC with the same name?

Error: (02/08/2015 00:35:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

 

This one we care about.  If you go to Control Panel, Windows Update does it seem to work?


Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SupportSoft Repair Service (verizondm) service failed to start due to the following error: 
%%1053

 

Not sure what this does for you.  Do you need Verizon Download Manager?  May need to uninstall and reinstall.


Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Repair Service (verizondm) service to connect.

 

Same as above.


Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053
 
Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

 

 

If you use it get a new version from HP then uninstall the old and reinstall the new.

Error: (02/08/2015 00:26:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez Studios Authenticate and Update Service service to connect.
 

 

 

This is some game software.  May need to be reinstalled.


  • 0

#89
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

Looking at your errors:

 

Error: (02/08/2015 02:04:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34} because another computer on the network has the same name.  The server could not start.

 

Not really important but is there another PC with the same name?

Error: (02/08/2015 00:35:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

 

This one we care about.  If you go to Control Panel, Windows Update does it seem to work?


Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SupportSoft Repair Service (verizondm) service failed to start due to the following error: 
%%1053

 

Not sure what this does for you.  Do you need Verizon Download Manager?  May need to uninstall and reinstall.


Error: (02/08/2015 00:28:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Repair Service (verizondm) service to connect.

 

Same as above.


Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053
 
Error: (02/08/2015 00:27:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

 

 

If you use it get a new version from HP then uninstall the old and reinstall the new.

Error: (02/08/2015 00:26:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez Studios Authenticate and Update Service service to connect.
 

 

 

This is some game software.  May need to be reinstalled.

 

 

there is no other pc at home, nope. 

 

Windows update seems to work. 

 

not sure what verizon download manager does. I could just uninstall it if its not useful. 

 

I might just uninstall hp but its useful if its support?

 

idk what hi rez studios is i might uninstall and if it needs to be resinstalled the game would let me know?

 

 

What's my next step up after I uninstall these? I can't access a lot of of my files. And now that I checked my hardisk i have 618 gb left when i previously only had 51 which means lots of files were deleted. (combofix?)

 

Basically, I lost the majority of my files from my computer and the desktop icon is still not there. What exactly did I lose them to anyways? A logitech webcam thats ridiculous. I can't believe so many problems came from trying to uninstall a simple software.

 

I feel like It was working fine till I tried to uninstall logitech. But I have a feeling some problem might have eventually arisen even if I didnt touch logitech. Sigh this is very frustrating. 


Edited by Ren12, 08 February 2015 - 08:53 PM.

  • 0

#90
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Combofix only removed the 4 files we told it to.  But FRST does show a big decline in disk usage.

 

 

I expect the hard drive had problems even tho we ran drive check.  Files are stored in a very funny way on a drive.  They break them up into smaller pieces then at the end of piece one they tell you how to get to piece two.  If the address for piece 2 is wrong for some reason then what you pick up for piece 2 may not be what you wanted.  When we deleted the 4 files one or more of them had a bad pointer to the next section and it.

 

We haven't run the disk check since Combofix.

 

Try it again.  Perhaps it will recover the files.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP