Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer has a ton of pop ups and wont let me downloand anything. [

Started by bnktrucking , Jul 14 2015 12:51 AM

  • This topic is locked This topic is locked

#1
bnktrucking
Posted 14 July 2015 - 12:51 AM

bnktrucking

    New Member

  • Member
  • Pip
  • 2 posts

MY computer has a ton of pop ups and won't let me download anything. I really want to get it back up an running the way it used to it has slowed way down. I have a 5 year old that's austic and loves watching you tube videos. but the ads keep popping up.

 FRST REPORT...  

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by The Curry Family (administrator) on THECURRYFAMILY on 14-07-2015 02:40:00
Running from C:\Users\The Curry Family\Downloads
Loaded Profiles: The Curry Family (Available Profiles: The Curry Family)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Catalytix Web Services) C:\Users\The Curry Family\AppData\Local\CrushArcade\cat\CatWSPrx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
(CenturyLink Inc) C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Tomorrow Software Installer) C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VG1G9KEH\FlashPlayer_Updater.exe
(Tomorrow Software Installer) C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VG1G9KEH\FlashPlayer_Updater.exe
(Tomorrow Software Installer) C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0OPWLXJ\FlashPlayer_Updater.exe
(Tomorrow Software Installer) C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0OPWLXJ\FlashPlayer_Updater.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AmazonGSDownloaderTray] => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe [326144 2009-10-23] (Amazon.com)
HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48904 2014-11-04] (CenturyLink Inc)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {7a911be5-ab99-11e3-b1f2-020205536166} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {7a911be8-ab99-11e3-b1f2-020205536166} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {7f8e3ca3-25df-11e4-945e-020102513334} - F:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {893ce083-d369-11e4-84d3-90e6ba3235b2} - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {a87ad9f0-9ba4-11e3-bba9-90e6ba3235b2} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {d13e7849-8c0e-11e4-8aa5-90e6ba3235b2} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\MountPoints2: {f287f7c5-bf07-11e3-af2c-90e6ba3235b2} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-08] (Microsoft Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Users\The Curry Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-04-24]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\The Curry Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart Plus B210 series.lnk [2015-03-26]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart Plus B210 series.lnk -> C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\The Curry Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk [2015-03-15]
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\The Curry Family\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
SearchScopes: HKLM -> DefaultScope {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3E07A771-0A6A-4EE9-9E02-06594B5627DB} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...&p={searchTerms}
SearchScopes: HKLM -> {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3E07A771-0A6A-4EE9-9E02-06594B5627DB} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...&p={searchTerms}
SearchScopes: HKLM-x32 -> {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> DefaultScope {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> {3E07A771-0A6A-4EE9-9E02-06594B5627DB} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> {B24D35E6-E696-4787-861B-BE6C227AB30D} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: No Name -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} ->  No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: CenturyLink Toolbar -> {83453B9B-B889-4659-9144-20F081542BDC} -> C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll [2011-04-20] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Toolbar: HKLM-x32 - CenturyLink Toolbar - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll [2011-04-20] ()
Toolbar: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 02 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 03 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 04 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 15 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 01 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 02 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 03 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 04 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 15 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.203.226
Tcpip\..\Interfaces\{16FF545D-8D47-4F80-8CAF-EBA851A3D340}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8060B917-E481-41B8-A8E7-2DC3149C7CFD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8BF472AA-9741-4219-BB9D-5A1E3224E9F1}: [DhcpNameServer] 192.168.0.1 205.171.203.226
Tcpip\..\Interfaces\{E6C40593-FF0A-4601-9212-23C505D047C4}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-03] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1247059395-4008646685-3945732177-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\The Curry Family\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn

Chrome:
=======
CHR Profile: C:\Users\The Curry Family\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\The Curry Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-06]
CHR Extension: (Google Search) - C:\Users\The Curry Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-06]
CHR Extension: (Gmail) - C:\Users\The Curry Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CatWSPrx; C:\Users\The Curry Family\AppData\Local\CrushArcade\cat\CatWSPrx.exe [1464056 2015-02-27] (Catalytix Web Services)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-22] (WildTangent)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [262928 2015-03-07] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-06-16] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-02-13] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20150712.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150713.016\ENG64.SYS [138488 2015-07-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150713.016\EX64.SYS [2146040 2015-07-09] (Symantec Corporation)
S3 PTAPCBUS; C:\Windows\System32\DRIVERS\PTAPCBUS.sys [105656 2012-11-26] (DEVGURU Co., LTD.)
S3 PTAPCMDM; C:\Windows\System32\DRIVERS\PTAPCMDM.sys [183864 2012-11-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTAPCVSP; C:\Windows\System32\DRIVERS\PTAPCVSP.sys [183864 2012-11-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 02:40 - 2015-07-14 02:40 - 00027125 _____ C:\Users\The Curry Family\Downloads\FRST.txt
2015-07-14 02:39 - 2015-07-14 02:40 - 00000000 ____D C:\FRST
2015-07-14 02:39 - 2015-07-14 02:39 - 02133504 _____ (Farbar) C:\Users\The Curry Family\Downloads\FRST64.exe
2015-07-14 02:13 - 2015-07-14 02:13 - 00001285 _____ C:\Users\Public\Desktop\Construction-Simulator 2012 - Demo.lnk
2015-07-14 02:13 - 2015-07-14 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Construction-Simulator 2012 - Demo
2015-07-14 02:12 - 2015-07-14 02:13 - 00000000 ____D C:\Program Files (x86)\Construction-Simulator 2012 - Demo
2015-07-06 21:58 - 2015-07-06 22:17 - 00000000 ____D C:\Users\The Curry Family\Desktop\Corporate Identity
2015-06-26 07:22 - 2015-06-26 07:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 23:19 - 2015-06-24 23:21 - 00004308 _____ C:\Users\The Curry Family\Desktop\krystles resume.lnk
2015-06-21 14:11 - 2015-06-21 14:11 - 00847712 _____ C:\Users\The Curry Family\Downloads\Infographic-with-speech-bubbles.zip
2015-06-21 14:08 - 2015-06-21 14:08 - 01707038 _____ C:\Users\The Curry Family\Downloads\Modern-timeline-infographic.zip
2015-06-21 14:07 - 2015-06-21 14:07 - 02176584 _____ C:\Users\The Curry Family\Desktop\2-simple-webpage-design-vector-templates.zip
2015-06-21 13:09 - 2015-06-21 13:09 - 00001456 _____ C:\Users\The Curry Family\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-21 00:41 - 2015-06-21 00:42 - 00000000 ____D C:\Users\The Curry Family\Desktop\website
2015-06-18 01:29 - 2015-06-18 01:46 - 00000000 ____D C:\Users\The Curry Family\Desktop\KC DESIGN
2015-06-14 23:55 - 2015-06-15 17:46 - 00000000 ____D C:\Users\The Curry Family\Desktop\Moms Flyer
2015-06-14 23:13 - 2015-06-14 23:25 - 110857808 _____ C:\Users\The Curry Family\Desktop\Video 6.wmv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 02:36 - 2015-03-21 23:47 - 00000348 _____ C:\Windows\Tasks\CrushArcade Support.job
2015-07-14 02:25 - 2015-05-10 16:09 - 00005040 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheCurryFamily-The Curry Family TheCurryFamily
2015-07-14 02:13 - 2014-02-22 10:54 - 00000000 ____D C:\Users\The Curry Family
2015-07-14 02:11 - 2015-03-21 23:47 - 00011448 _____ C:\Windows\SysWOW64\CatWSPrx.ini
2015-07-14 02:11 - 2015-03-21 23:47 - 00009176 _____ C:\Windows\SysWOW64\CatWSPrxOff.ini
2015-07-14 02:11 - 2015-03-21 23:47 - 00009176 _____ C:\Windows\system32\CatWSPrxOff.ini
2015-07-14 02:09 - 2014-04-24 02:17 - 00000360 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-07-14 02:03 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 02:03 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 02:00 - 2014-04-05 23:51 - 00000000 ____D C:\Users\The Curry Family\AppData\Local\Adobe
2015-07-14 01:51 - 2014-02-22 10:54 - 01637147 _____ C:\Windows\WindowsUpdate.log
2015-07-14 01:46 - 2014-04-05 23:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 00:35 - 2015-03-21 23:47 - 00000294 _____ C:\Windows\Tasks\CrushArcade Update.job
2015-07-13 22:28 - 2015-02-02 16:53 - 00000378 _____ C:\Windows\Tasks\HPCeeScheduleForThe Curry Family.job
2015-07-13 17:07 - 2015-02-21 19:06 - 00000000 ____D C:\Users\The Curry Family\AppData\Local\CrashDumps
2015-07-13 16:13 - 2009-07-14 01:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-13 16:09 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-13 16:09 - 2009-07-14 00:51 - 00066721 _____ C:\Windows\setupact.log
2015-07-13 16:06 - 2014-04-06 04:10 - 00530690 _____ C:\Windows\PFRO.log
2015-07-13 15:38 - 2014-02-22 11:02 - 00003994 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{25D4F2F3-54FE-4FAE-A019-0F7DBD1243E7}
2015-07-13 15:33 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-13 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-12 08:40 - 2015-03-01 00:01 - 00000000 ____D C:\Users\The Curry Family\AppData\Roaming\Skype
2015-07-08 13:47 - 2015-04-14 12:46 - 17597104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-08 13:47 - 2014-04-05 23:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 13:47 - 2014-04-05 23:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 13:47 - 2014-04-05 23:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-29 16:28 - 2015-02-02 16:53 - 00003254 _____ C:\Windows\System32\Tasks\HPCeeScheduleForThe Curry Family
2015-06-24 23:36 - 2015-03-25 23:40 - 00000000 ____D C:\Users\The Curry Family\Documents\business plan and portfolio project
2015-06-24 10:40 - 2015-04-06 14:20 - 00000675 _____ C:\Users\The Curry Family\Documents\Krystle Curry Resume (2).lnk
2015-06-23 19:40 - 2014-11-03 00:34 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-21 21:59 - 2015-03-11 14:26 - 00000000 ____D C:\Users\The Curry Family\Documents\Outlook Files
2015-06-21 13:08 - 2014-02-22 11:01 - 00000000 ____D C:\Users\The Curry Family\AppData\Roaming\Adobe
2015-06-20 12:12 - 2014-04-24 02:08 - 00000000 ____D C:\ProgramData\HP Photo Creations
2015-06-17 22:08 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-14 22:30 - 2015-03-26 00:27 - 00000000 ____D C:\Users\The Curry Family\Desktop\Adobe products
2015-06-14 22:29 - 2014-11-19 12:33 - 00000000 ____D C:\Users\The Curry Family\Desktop\schoolwork

==================== Files in the root of some directories =======

2014-05-26 23:28 - 2014-05-27 00:00 - 0000132 _____ () C:\Users\The Curry Family\AppData\Roaming\Adobe BMP Format CC Prefs
2014-05-26 22:17 - 2014-05-26 22:17 - 0000132 _____ () C:\Users\The Curry Family\AppData\Roaming\Adobe PNG Format CC Prefs
2014-11-02 21:54 - 2014-11-03 00:43 - 0000262 _____ () C:\Users\The Curry Family\AppData\Roaming\wklnhst.dat
2015-06-21 13:09 - 2015-06-21 13:09 - 0001456 _____ () C:\Users\The Curry Family\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-05-24 12:07 - 2015-05-24 12:13 - 0005120 _____ () C:\Users\The Curry Family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 13:41 - 2014-04-23 13:41 - 0000017 _____ () C:\Users\The Curry Family\AppData\Local\resmon.resmoncfg
2014-04-24 02:07 - 2014-04-24 02:07 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\The Curry Family\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\The Curry Family\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\The Curry Family\AppData\Local\Temp\Delta.exe
C:\Users\The Curry Family\AppData\Local\Temp\DeltaTB.exe
C:\Users\The Curry Family\AppData\Local\Temp\fff reflexive.solution.v5.exe__10924_i1556963503_il280514.exe
C:\Users\The Curry Family\AppData\Local\Temp\MybabylonTB.exe
C:\Users\The Curry Family\AppData\Local\Temp\nsc9280.tmp.exe
C:\Users\The Curry Family\AppData\Local\Temp\PCHCLauncher.exe
C:\Users\The Curry Family\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\The Curry Family\AppData\Local\Temp\SpOrder.dll
C:\Users\The Curry Family\AppData\Local\Temp\Uninstall.exe
C:\Users\The Curry Family\AppData\Local\Temp\WSSetup.exe
C:\Users\The Curry Family\AppData\Local\Temp\ybc8w1jv.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-13 00:53

==================== End of log ============================

 

 

 

 

 

 

 

ADDITON REPORT.......\

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by The Curry Family at 2015-07-14 02:40:59
Running from C:\Users\The Curry Family\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1247059395-4008646685-3945732177-500 - Administrator - Disabled)
Guest (S-1-5-21-1247059395-4008646685-3945732177-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1247059395-4008646685-3945732177-1002 - Limited - Enabled)
The Curry Family (S-1-5-21-1247059395-4008646685-3945732177-1000 - Administrator - Enabled) => C:\Users\The Curry Family

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

18 Wheels of Steel: Haulin'  (HKLM-x32\...\18 Wheels of Steel: Haulin') (Version:  - ValuSoft)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 7.2 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.3.5 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CenturyLink Installer (HKLM-x32\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
CenturyLink Toolbar (HKLM-x32\...\centurytoolbar) (Version:  - CenturyLink)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Construction-Simulator 2012 - Demo version 1.0 (HKLM-x32\...\{1AD74AE8-6BF3-4B28-A0DD-A9503C39B5BE}_is1) (Version: 1.0 - weltenbauer. Software Entwicklung GmbH)
CrushArcade (HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\CrushArcade) (Version:  - CrushArcade)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{65B2569D-303B-41EC-B38C-0934963BC3AD}) (Version: 7.7.60366.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{7CF15243-E71F-47A1-B1A0-87AC0FC9BEDE}) (Version: 7.0.41419.0 - DisplayLink Corp.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fishdom: Depths of Time Collector's Edition (x32 Version: 3.0.2.118 - WildTangent) Hidden
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{73B1AC18-614F-42CD-A798-4BA214586406}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Product Improvement Study (HKLM\...\{0213A0FE-2725-4A04-9A37-79502F64D7A9}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3205 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{5B17980C-5C44-45D0-80A5-665FD9E776A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Help (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Photosmart Plus B210 series Product Improvement Study (HKLM\...\{0C87AEBC-E9FD-4232-9386-54C4F8ECCCDF}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.7.0.11 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Pantech USB Driver for Android phones ver1 (HKLM-x32\...\{F90AF486-DA04-47EE-91FE-04B3504FCA92}) (Version: 4.12.2.0 - Pantech)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Popcorn Time (HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SlingPlayer for Web (HKLM-x32\...\{EF471CCE-B371-4BCC-AE8C-86F93D917184}) (Version: 2.4.0113 - Sling Media)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{4B6F8DD1-66C7-4905-BD8A-B05562E08984}) (Version: 2.14.1212 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

18-06-2015 02:43:50 Scheduled Checkpoint
26-06-2015 02:16:17 Scheduled Checkpoint
04-07-2015 00:48:17 Scheduled Checkpoint
12-07-2015 02:46:01 Scheduled Checkpoint
13-07-2015 03:00:13 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A14AA9-E4FA-41B6-9ACB-C33CEFC13F80} - System32\Tasks\{EFF271F0-B030-46F1-A997-AE797764FD0C} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {06C60709-4F64-4558-AD72-5C203BA09415} - System32\Tasks\{13DB9499-97C2-4C04-BB61-55EF576CC4A3} => pcalua.exe -a "C:\Users\The Curry Family\Desktop\Police Force 2 (Download)\prerequisites\vc9\vcredist_x86.exe" -d "C:\Users\The Curry Family\Desktop\Police Force 2 (Download)\prerequisites\vc9"
Task: {09680752-25A4-4F58-9A9F-047CB0BBDD36} - System32\Tasks\{99CD39DE-FBE5-4D6D-8E7A-50C701DC90BB} => C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Swat4SPDemo.exe
Task: {2CB294B2-4248-493F-9D6C-91162437EF67} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TheCurryFamily-The Curry Family TheCurryFamily => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {32F5EBEE-5A2D-4CAF-A489-B7E247E222B4} - System32\Tasks\{B1E753B1-85DE-48D0-8EF1-CDDAB1F0C5FD} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {344BB3FC-B50F-45A2-BAA5-5427FDA283FA} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3AACEE83-064A-46C7-9218-0B53AE471C4C} - System32\Tasks\{40760DFA-59F8-4B5D-94CF-3C636D6C71FF} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {3EA06E28-2710-4FA4-A959-2D2ABD3DB06B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {4A0A5280-DB11-4C93-8CFD-7A2D97402765} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {4F206FE0-9B65-4C29-8B05-BFA53C50E3CD} - System32\Tasks\{2195E10E-99B0-423C-BDB3-910B6D4A08B4} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {581EDA9B-6955-4B28-80F9-909167C47AA9} - System32\Tasks\{C34D7BAC-F2A8-4A14-85BD-48B022B99131} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {5E0A2EC6-86B5-4439-BD25-2B05ABA774E9} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {61FBB12C-22CA-4325-A478-441D13473B1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {64A3CCE0-E4BF-478D-BB3C-8C006EDB1DA7} - System32\Tasks\HPCeeScheduleForThe Curry Family => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)
Task: {7225F14B-21C5-4B2E-A9CB-CC060E038446} - System32\Tasks\{E543751A-99C5-48EF-9E50-3CBCBAF95F4E} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {741008B4-CCEF-4C36-9743-35C39CC5BC86} - System32\Tasks\{0BB0A862-FC28-4FCC-8508-C4E47F6AF2C7} => pcalua.exe -a "C:\Users\The Curry Family\Desktop\Police Force 2 (Download)\prerequisites\vc10\vcredist_x86.exe" -d "C:\Users\The Curry Family\Desktop\Police Force 2 (Download)\prerequisites\vc10"
Task: {7C743701-CD87-4343-88FF-C851DD3EF786} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {7F80FD5C-59C6-463C-B053-BF36A2109BD6} - System32\Tasks\{BB38EBE5-A51B-4C8E-9FA6-BCDD7DDF2608} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {8DA8163E-B2CA-47EC-9736-EA70E5D55A6E} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {939E0770-FEE4-4FD2-80A0-08539F1B502B} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {984B0E7D-8890-414F-AA83-2E6CB862BEC6} - System32\Tasks\{97DFD9D3-EF81-445C-91D7-E5C772130304} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {A03358A2-DE77-49BD-B714-A54B84FBFE32} - System32\Tasks\CrushArcade Update => C:\Users\The Curry Family\AppData\Local\CrushArcade\updater.exe [2015-02-27] (CrushArcade)
Task: {A9F8B30F-B1DC-4C22-9C87-CE995AD16485} - System32\Tasks\AdobeAAMUpdater-1.0-TheCurryFamily-The Curry Family => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {AD5F2D99-625F-4331-934D-1898547895D5} - System32\Tasks\CrushArcade Support => Rundll32.exe C:\Users\THECUR~1\AppData\Local\CRUSHA~1\CaHelp.dll,Start
Task: {B02EE906-B20E-4BA3-847C-6FD312D5BE00} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-08-05] (CyberLink)
Task: {B23FD452-98CC-4C9B-8663-20DC0D68395C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\WSCStub.exe [2015-06-16] (Symantec Corporation)
Task: {BE05F9D1-848A-4AC0-9C58-1178CABD6EC2} - System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C5A8D449-9289-4CBF-B278-A9361FA54F73} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {C5C60384-30E4-46E2-B22A-24D0CA24D0EA} - System32\Tasks\{E0ECBF4A-EF6F-4F1E-9849-4599280EB7C2} => C:\Program Files (x86)\Quadriga Games\Police Force\bin.x86\police.exe
Task: {CCA3BD78-2BC2-4C05-BCFE-B59B9585F023} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {DD0DE4FC-087A-4BC4-AD42-B7DC55A795C2} - System32\Tasks\{97804C22-FBD1-43BE-8790-142221CC48DF} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {DE8F2890-20B2-453B-80CD-CDBC8BBA3BD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated)
Task: {EF8E7B5F-C287-4015-9B82-F428209DBDD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {F4F4E954-3919-4A81-8D87-67DB8D1D0D34} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {FA0D6876-4B93-427B-99F6-A0C34D709D00} - System32\Tasks\{2446C794-F0ED-47A0-912F-99E7608FBC63} => C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
Task: {FEF9EB0E-8439-4127-80A1-685C50720805} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CrushArcade Support.job => C:\Windows\system32\rundll32.exe C:\Users\THECUR~1\AppData\Local\CRUSHA~1\CaHelp.dll
Task: C:\Windows\Tasks\CrushArcade Update.job => C:\Users\The Curry Family\AppData\Local\CrushArcade\updater.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForThe Curry Family.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2014-11-03 00:34 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-20 03:31 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-07-08 17:35 - 2009-07-08 17:35 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-05-26 04:36 - 2009-05-26 04:36 - 00656896 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-20 00:44 - 2009-10-23 12:31 - 00038912 _____ () C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
2009-07-15 20:51 - 2009-07-15 20:51 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 20:51 - 2009-07-15 20:51 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2009-08-05 16:45 - 2009-08-05 16:45 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-07-13 17:09 - 2015-07-13 17:09 - 00506368 _____ () C:\Users\The Curry Family\AppData\Local\Temp\6N6tlAjRLemYgEiMGno\lua51.dll
2015-07-13 17:09 - 2015-07-13 17:09 - 00074752 _____ () C:\Users\The Curry Family\AppData\Local\Temp\6N6tlAjRLemYgEiMGno\extramod.dll
2015-07-13 17:09 - 2015-07-13 17:09 - 00204800 _____ () C:\Users\The Curry Family\AppData\Local\Temp\6N6tlAjRLemYgEiMGno\shared_library.dll
2015-07-13 17:09 - 2015-07-13 17:09 - 00005632 _____ () C:\Users\The Curry Family\AppData\Local\Temp\6N6tlAjRLemYgEiMGno\loading_screen.dll
2015-07-13 17:09 - 2015-07-13 17:09 - 00040960 _____ () C:\Users\The Curry Family\AppData\Local\Temp\6N6tlAjRLemYgEiMGno\nsisunz.dll
2015-07-13 17:10 - 2015-07-13 17:10 - 00506368 _____ () C:\Users\The Curry Family\AppData\Local\Temp\rIXo9I11OdPJVA2RJrK\lua51.dll
2015-07-13 17:10 - 2015-07-13 17:10 - 00074752 _____ () C:\Users\The Curry Family\AppData\Local\Temp\rIXo9I11OdPJVA2RJrK\extramod.dll
2015-07-13 17:10 - 2015-07-13 17:10 - 00204800 _____ () C:\Users\The Curry Family\AppData\Local\Temp\rIXo9I11OdPJVA2RJrK\shared_library.dll
2015-07-13 17:10 - 2015-07-13 17:10 - 00005632 _____ () C:\Users\The Curry Family\AppData\Local\Temp\rIXo9I11OdPJVA2RJrK\loading_screen.dll
2015-07-13 17:10 - 2015-07-13 17:10 - 00040960 _____ () C:\Users\The Curry Family\AppData\Local\Temp\rIXo9I11OdPJVA2RJrK\nsisunz.dll
2015-02-27 06:16 - 2015-02-27 06:16 - 00432888 _____ () C:\Users\The Curry Family\AppData\Local\CrushArcade\CaHelp.dll
2015-03-20 03:30 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSPrx => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\...\sharepoint.com -> hxxps://studentswfc.sharepoint.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1247059395-4008646685-3945732177-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\The Curry Family\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.203.226

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{81AE3E5B-704E-47DC-B344-679B13E40340}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{709E5116-2F4A-4F12-87D6-22613A425A29}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{8F708BD0-C678-4454-8065-BE12D314EBE6}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{44093459-B4B4-4A2D-AA4C-3FA32953B446}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{F5E5F390-D074-4766-A765-F06C259B7560}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{AE308778-EF29-4346-88C2-091792467CD5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{FDEEA4AE-0902-4F3A-A43F-396FB8CC0490}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{B729F768-ADBD-45F1-A032-1197AA2470B4}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{115347FF-F638-4EBC-949F-5357FC1FA2F8}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{C9981D3A-6B5F-4B1B-AE86-701865F01AA5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{D14262FF-04F2-4317-ABE5-0E7FBCABD119}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{FFB567CA-5D8D-4E56-956C-CE2B91D452EB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{B8F4DCF8-895D-4676-8F42-6076719DB375}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E6A6385-C302-4176-8B35-7FE731D90D0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{514FDD95-1FF6-4270-9E63-8ACD61AF8B5E}] => (Allow) C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
FirewallRules: [{EE71F2CA-A9E0-469F-84CC-59EBACBF0BF4}] => (Allow) C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
FirewallRules: [{2C43E9D9-2B90-4875-BB27-1FAD54E853DF}] => (Allow) C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
FirewallRules: [{94ECF045-C57B-4A9F-983A-DA1B5AAABEF9}] => (Allow) C:\Program Files (x86)\Quadriga Games\Police Force 2\bin.x86\police2.exe
FirewallRules: [{71B1C038-3252-4040-996D-1E75FECBF6FA}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{E565D882-6D29-4EFF-B6E2-1D08E63ECB52}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{81067895-9C81-4143-83DD-D97D555B6C5A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{814E78AB-C5F7-4D24-947C-C78FADFA8EE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{24423502-5F63-4C98-A3A6-8BAB6C800B30}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CE832627-850D-46A9-BAF0-9504A19B32C5}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{D8567899-993A-4E4D-94BD-FB180522F6ED}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{EB170BC6-FEB5-470A-84AF-037FAC6EA305}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{803E13FD-1779-4465-B90D-E94F06352CC1}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{477C9761-89B4-45C9-A8F6-794E0BA496CB}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{71E943E2-BC25-48F1-BB56-EC52CF51DF46}C:\users\the curry family\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\the curry family\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{C59D2331-0B8D-4E77-9185-A31DAB147584}C:\users\the curry family\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\the curry family\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{9953649F-B5A1-4D15-8387-F3893B73026E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7B3D9A67-9D4B-4E54-AA0E-A412B5D4AE08}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2015 02:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NAV.exe, version: 12.11.4.4, time stamp: 0x53f531a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x4f000000
Faulting process id: 0xf24
Faulting application start time: 0xNAV.exe0
Faulting application path: NAV.exe1
Faulting module path: NAV.exe2
Report Id: NAV.exe3

Error: (07/13/2015 05:07:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x11a8
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/12/2015 09:33:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x1110
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/09/2015 10:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x1140
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/08/2015 06:11:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x10b8
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/08/2015 05:11:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x1180
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/07/2015 11:49:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x109c
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/06/2015 10:17:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Illustrator.exe version 17.1.0.273 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8fc

Start Time: 01d0b85ae7811d39

Termination Time: 14

Application Path: C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\Illustrator.exe

Report Id: 4527754e-244e-11e5-b9b8-90e6ba3235b2

Error: (07/06/2015 06:32:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x10e4
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

Error: (07/06/2015 06:13:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0x10c4
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3

System errors:
=============
Error: (07/13/2015 04:06:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:58:21 PM on ‎7/‎13/‎2015 was unexpected.

Error: (07/12/2015 09:32:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:28:30 AM on ‎7/‎12/‎2015 was unexpected.

Error: (07/09/2015 10:16:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:42:10 PM on ‎7/‎9/‎2015 was unexpected.

Error: (07/08/2015 06:06:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:03:17 PM on ‎7/‎8/‎2015 was unexpected.

Error: (07/07/2015 11:38:44 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:32:14 AM on ‎7/‎7/‎2015 was unexpected.

Error: (07/06/2015 06:31:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:13:54 PM on ‎7/‎6/‎2015 was unexpected.

Error: (07/06/2015 06:12:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:08:24 PM on ‎7/‎6/‎2015 was unexpected.

Error: (07/06/2015 10:14:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.

Error: (07/06/2015 10:06:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:01:09 AM on ‎7/‎6/‎2015 was unexpected.

Error: (07/05/2015 08:39:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:37:06 PM on ‎7/‎5/‎2015 was unexpected.

Microsoft Office:
=========================

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 6134.23 MB
Available physical RAM: 3065.9 MB
Total Virtual: 12266.66 MB
Available Virtual: 8970.38 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:453.83 GB) (Free:353.87 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.83 GB) (Free:2.12 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (JILLIAN_MICHAELS_BEGINNER_SHRED) (CDROM) (Total:3.37 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 

 

 


  • 0

Advertisements

#2
Essexboy
Posted 14 July 2015 - 01:21 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi lets see if we can get the little one back to happy :)

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
SearchScopes: HKLM-x32 -> {3E07A771-0A6A-4EE9-9E02-06594B5627DB} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> {3E07A771-0A6A-4EE9-9E02-06594B5627DB} URL = http://www.ask.com/w...}&l=dis&o=ushpd
BHO: No Name -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKLM-x32 - CenturyLink Toolbar - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll [2011-04-20] ()
Toolbar: HKU\S-1-5-21-1247059395-4008646685-3945732177-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Winsock: Catalog9 01 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 02 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 03 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 04 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9 15 C:\Windows\SysWOW64\CatWSPrx.dll [324008 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 01 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 02 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 03 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 04 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
Winsock: Catalog9-x64 15 C:\Windows\system32\CatWSPrx64.dll [379440 2015-03-21] (Catalytix Web Services)
R2 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 CatWSPrx; C:\Users\The Curry Family\AppData\Local\CrushArcade\cat\CatWSPrx.exe [1464056 2015-02-27] (Catalytix Web Services)
2015-07-14 01:46 - 2014-04-05 23:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 00:35 - 2015-03-21 23:47 - 00000294 _____ C:\Windows\Tasks\CrushArcade Update.job
Task: {A03358A2-DE77-49BD-B714-A54B84FBFE32} - System32\Tasks\CrushArcade Update => C:\Users\The Curry Family\AppData\Local\CrushArcade\updater.exe [2015-02-27] (CrushArcade)
Task: {AD5F2D99-625F-4331-934D-1898547895D5} - System32\Tasks\CrushArcade Support => Rundll32.exe C:\Users\THECUR~1\AppData\Local\CRUSHA~1\CaHelp.dll,Start
Task: C:\Windows\Tasks\CrushArcade Support.job => C:\Windows\system32\rundll32.exe C:\Users\THECUR~1\AppData\Local\CRUSHA~1\CaHelp.dll
Task: C:\Windows\Tasks\CrushArcade Update.job => C:\Users\The Curry Family\AppData\Local\CrushArcade\updater.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSPrx => ""="service"
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VG1G9KEH
C:\Users\The Curry Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0OPWLXJ
C:\Users\The Curry Family\AppData\Local\CrushArcade
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Essexboy
Posted 19 July 2015 - 03:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP