Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My browser(s) are sooo slow [Closed]


  • This topic is locked This topic is locked

#1
BuddyMG

BuddyMG

    Member

  • Member
  • PipPip
  • 54 posts

Whether Firefox or Chrome, most of the time it's just loading - And I have no idea if I have the right/any security on my computer - any help is greatly appreciated! Here are my FRST logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Mike (administrator) on PC (17-09-2015 12:14:42)
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike (Available Profiles: Mike)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcatel-Lucent) C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\MAHostService.exe
(Joyent, Inc) C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\node.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcatel-Lucent) C:\Program Files\ATT\8.5.0.48\ma\bin\pcTrayApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [VX3000] => C:\windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [ATT_McciTrayApp] => C:\Program Files\ATT\8.5.0.48\ma\bin\pcTrayApp.exe [2886144 2015-01-22] (Alcatel-Lucent)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-28] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [pronto] => "C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe"
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-28] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A8A8C631-CC71-4F8E-9A12-1418D9D34BD9}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-3758289344-697551801-2976451627-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-atty
SearchScopes: HKU\S-1-5-21-3758289344-697551801-2976451627-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-atty
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
 
FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788
FF DefaultSearchEngine: Yahoo!
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxps://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2009-01-07] (Motive, Inc.)
FF Plugin-x32: @Motive.com/NpMotive,version=1.1 -> C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\npMotive.dll [2015-01-22] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.1 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2014-08-27] (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3758289344-697551801-2976451627-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mike\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-06-24] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-11-04] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2010-03-27] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-12-03] (Coupons, Inc.)
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788\searchplugins\amazon-search-suggestions.xml [2015-07-09]
FF Extension: Classic Theme Restorer - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788\Extensions\[email protected] [2015-06-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2015-07-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-09]
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch","hxxps://www.yahoo.com/?fr=hp-avast&type=odc179"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=926458&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-06]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-06]
CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-12-09]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-06]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-06]
CHR Extension: (Avast SafePrice) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-08]
CHR Extension: (Disconnect Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2014-04-03]
CHR Extension: (Disconnect) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-03-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-23]
CHR Extension: (Ghostery) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-06]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-06]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [kofilaoejfjbjfopdnckahcidedndnln] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2015-07-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\MAHostService.exe [321024 2015-01-22] (Alcatel-Lucent) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-28] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-28] (Avast Software)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-12-03] (Coupons.com Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2014-09-10] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2014-09-10] (Alcatel-Lucent) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-28] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-15] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-28] (AVAST Software)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-28] (Avast Software)
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-17 12:14 - 2015-09-17 12:15 - 00023392 _____ C:\Users\Mike\Desktop\FRST.txt
2015-09-17 11:15 - 2015-09-17 11:15 - 00134608 _____ C:\Users\Mike\Downloads\R. M. Drake on Instagram  “.htm
2015-09-17 11:15 - 2015-09-17 11:15 - 00111637 _____ C:\Users\Mike\Downloads\Instagram photo by Allison Mitchell • Sep 16, 2015 at 8 48 PM.htm
2015-09-17 11:15 - 2015-09-17 11:15 - 00109899 _____ C:\Users\Mike\Downloads\kamilerner on Instagram  “#true ❤️”.htm
2015-09-17 11:15 - 2015-09-17 11:15 - 00000000 ____D C:\Users\Mike\Downloads\R. M. Drake on Instagram  “_files
2015-09-17 11:15 - 2015-09-17 11:15 - 00000000 ____D C:\Users\Mike\Downloads\kamilerner on Instagram  “#true ❤️”_files
2015-09-17 11:15 - 2015-09-17 11:15 - 00000000 ____D C:\Users\Mike\Downloads\Instagram photo by Allison Mitchell • Sep 16, 2015 at 8 48 PM_files
2015-09-17 11:12 - 2015-09-17 11:12 - 00135199 _____ C:\Users\Mike\Downloads\WRDSMTH on Instagram  “'sweet.htm
2015-09-17 11:12 - 2015-09-17 11:12 - 00129356 _____ C:\Users\Mike\Downloads\WRDSMTH on Instagram  “action shot Photo Credit  @ilona_salmons #WRDSMTH”.htm
2015-09-17 11:12 - 2015-09-17 11:12 - 00120753 _____ C:\Users\Mike\Downloads\Byron Katie on Instagram  “#byronkatie #q.htm
2015-09-17 11:12 - 2015-09-17 11:12 - 00120699 _____ C:\Users\Mike\Downloads\Byron Katie on Instagram  “#beaut.htm
2015-09-17 11:12 - 2015-09-17 11:12 - 00116366 _____ C:\Users\Mike\Downloads\Byron Katie on Instagram  “Happy Friday! Who's going to Spirit Rock this.htm
2015-09-17 11:12 - 2015-09-17 11:12 - 00000000 ____D C:\Users\Mike\Downloads\WRDSMTH on Instagram  “'sweet_files
2015-09-17 11:12 - 2015-09-17 11:12 - 00000000 ____D C:\Users\Mike\Downloads\WRDSMTH on Instagram  “action shot Photo Credit  @ilona_salmons #WRDSMTH”_files
2015-09-17 11:12 - 2015-09-17 11:12 - 00000000 ____D C:\Users\Mike\Downloads\Byron Katie on Instagram  “Happy Friday! Who's going to Spirit Rock this_files
2015-09-17 11:12 - 2015-09-17 11:12 - 00000000 ____D C:\Users\Mike\Downloads\Byron Katie on Instagram  “#byronkatie #q_files
2015-09-17 11:12 - 2015-09-17 11:12 - 00000000 ____D C:\Users\Mike\Downloads\Byron Katie on Instagram  “#beaut_files
2015-09-17 11:11 - 2015-09-17 11:11 - 00134004 _____ C:\Users\Mike\Downloads\WRDSMTH on Instagram  “Find your muse. Then hold on tight. #WRDSMTH”.htm
2015-09-17 11:11 - 2015-09-17 11:11 - 00113781 _____ C:\Users\Mike\Downloads\Byron Katie on Instagram.htm
2015-09-17 11:11 - 2015-09-17 11:11 - 00000000 ____D C:\Users\Mike\Downloads\WRDSMTH on Instagram  “Find your muse. Then hold on tight. #WRDSMTH”_files
2015-09-17 11:11 - 2015-09-17 11:11 - 00000000 ____D C:\Users\Mike\Downloads\Byron Katie on Instagram_files
2015-09-17 11:06 - 2015-09-17 11:06 - 02191360 _____ (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2015-09-17 08:30 - 2015-09-17 08:30 - 00000056 _____ C:\windows\setupact.log
2015-09-17 08:30 - 2015-09-17 08:30 - 00000000 _____ C:\windows\setuperr.log
2015-09-16 08:17 - 2015-09-16 15:50 - 00000000 ____D C:\Users\Mike\AppData\Local\Adobe
2015-09-16 08:17 - 2015-09-16 12:09 - 00000000 ____D C:\Users\Mike\AppData\Local\Apple Computer
2015-09-10 08:28 - 2015-08-04 11:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-09-10 08:28 - 2015-08-04 11:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-09-10 08:28 - 2015-08-04 10:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-09-10 08:28 - 2015-08-04 10:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-09-10 08:28 - 2015-08-04 10:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-09-10 08:28 - 2015-08-04 10:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-09-10 08:28 - 2015-08-04 10:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-09-10 08:28 - 2015-08-04 10:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-09-10 08:28 - 2015-08-04 09:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-09-09 09:02 - 2015-08-17 18:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-09-09 09:02 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-09-09 09:02 - 2015-08-14 23:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-09-09 09:02 - 2015-08-14 23:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-09-09 09:02 - 2015-08-14 23:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-09-09 09:02 - 2015-08-14 23:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-09-09 09:02 - 2015-08-14 23:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-09-09 09:02 - 2015-08-14 23:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-09-09 09:02 - 2015-08-14 23:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-09-09 09:02 - 2015-08-14 23:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-09-09 09:02 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-09-09 09:02 - 2015-08-14 23:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-09-09 09:02 - 2015-08-14 23:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-09-09 09:02 - 2015-08-14 23:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-09-09 09:02 - 2015-08-14 22:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:02 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-09-09 09:02 - 2015-08-14 22:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-09-09 09:02 - 2015-08-14 22:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:02 - 2015-08-14 22:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-09-09 09:02 - 2015-08-14 22:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-09-09 09:02 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-09-09 09:02 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-09-09 09:02 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-09-09 09:02 - 2015-08-14 22:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-09-09 09:02 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-09-09 09:02 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-09-09 09:02 - 2015-08-14 22:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-09-09 09:02 - 2015-08-14 22:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-09-09 09:02 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-09-09 09:02 - 2015-08-14 22:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-09-09 09:02 - 2015-08-14 22:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-09-09 09:02 - 2015-08-14 22:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-09-09 09:02 - 2015-08-14 22:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-09-09 09:02 - 2015-08-14 22:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-09-09 09:02 - 2015-08-14 22:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-09-09 09:02 - 2015-08-14 22:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-09-09 09:02 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:02 - 2015-08-14 22:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-09-09 09:02 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-09-09 09:02 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-09-09 09:02 - 2015-08-14 22:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-09-09 09:02 - 2015-08-14 22:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-09-09 09:02 - 2015-08-14 22:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-09-09 09:02 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-09-09 09:02 - 2015-08-14 22:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-09-09 09:02 - 2015-08-14 22:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-09-09 09:02 - 2015-08-14 21:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-09-09 09:02 - 2015-08-14 21:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-09-09 09:02 - 2015-08-14 21:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-09-09 09:02 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-09-09 09:02 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-09-09 08:55 - 2015-08-05 10:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-09-09 08:50 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-09-09 08:50 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-09-09 08:50 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-09-09 08:50 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-09-09 08:50 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-09-09 08:50 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-09-09 08:47 - 2015-07-22 17:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-09-09 08:47 - 2015-07-22 17:06 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-09-09 08:47 - 2015-07-22 17:06 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-09-09 08:47 - 2015-07-22 17:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-09-09 08:47 - 2015-07-22 17:02 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-09-09 08:47 - 2015-07-22 17:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-09-09 08:47 - 2015-07-22 17:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-09-09 08:47 - 2015-07-22 17:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-09-09 08:47 - 2015-07-22 17:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-09-09 08:47 - 2015-07-22 16:58 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-09-09 08:47 - 2015-07-22 16:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:51 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-09-09 08:47 - 2015-07-22 10:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-09-09 08:47 - 2015-07-22 10:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-09-09 08:47 - 2015-07-22 10:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-09-09 08:47 - 2015-07-22 10:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-09-09 08:47 - 2015-07-22 10:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-09-09 08:47 - 2015-07-22 10:47 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-09-09 08:47 - 2015-07-22 10:46 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-09-09 08:47 - 2015-07-22 09:45 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-09-09 08:47 - 2015-07-22 09:44 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-09-09 08:47 - 2015-07-22 09:44 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-09-09 08:47 - 2015-07-22 09:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-09-09 08:47 - 2015-07-22 09:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-09-09 08:47 - 2015-07-22 09:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 08:46 - 2015-08-27 11:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-09-09 08:46 - 2015-08-27 11:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-09-09 08:46 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-09-09 08:46 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-09-09 08:46 - 2015-08-27 10:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-09-09 08:46 - 2015-08-27 10:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-09-09 08:46 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-09-09 08:46 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-09-09 08:46 - 2015-06-25 03:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-09-09 08:46 - 2015-06-25 03:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-09-09 08:46 - 2015-06-25 03:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-09-09 08:46 - 2015-06-25 02:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-09-09 08:45 - 2015-09-01 19:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-09-09 08:45 - 2015-09-01 18:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-09-09 08:45 - 2015-09-01 18:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-09-09 08:45 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 03165696 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-09-09 08:45 - 2015-08-26 11:06 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-09-09 08:45 - 2015-08-26 11:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-09-09 08:45 - 2015-08-26 11:06 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-09-09 08:45 - 2015-08-26 11:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-09-09 08:45 - 2015-08-26 10:55 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-28 20:11 - 2015-08-28 20:13 - 06667640 _____ (Piriform Ltd) C:\Users\Mike\Downloads\ccsetup509.exe
2015-08-28 15:45 - 2015-08-28 15:45 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-08-28 15:45 - 2015-08-28 15:45 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-08-28 15:45 - 2015-08-28 15:44 - 00115152 _____ (AVAST Software) C:\windows\system32\Drivers\ngvss.sys
2015-08-27 16:17 - 2015-08-27 16:17 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-27 16:17 - 2015-08-27 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-27 16:16 - 2015-08-27 16:17 - 00000000 ____D C:\Program Files\iTunes
2015-08-27 16:16 - 2015-08-27 16:16 - 00000000 ____D C:\Program Files\iPod
2015-08-27 16:16 - 2015-08-27 16:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-19 13:28 - 2015-08-19 13:28 - 00002160 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2015-08-19 13:28 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM5912.dll
2015-08-19 12:37 - 2015-08-19 13:06 - 123809984 _____ C:\Users\Mike\Downloads\OJ8600_1315-1.exe
2015-08-19 12:20 - 2015-08-19 12:21 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\Mike\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-17 12:14 - 2015-02-06 14:00 - 00000000 ____D C:\FRST
2015-09-17 11:52 - 2013-03-19 08:52 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-09-17 11:44 - 2012-11-16 14:57 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-17 11:07 - 2009-07-13 21:45 - 00026192 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-17 11:07 - 2009-07-13 21:45 - 00026192 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-17 10:57 - 2011-10-25 16:31 - 01799097 _____ C:\windows\WindowsUpdate.log
2015-09-17 10:44 - 2012-11-16 14:57 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-17 08:31 - 2013-08-09 11:05 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-09-17 08:31 - 2011-03-10 17:59 - 00000000 ____D C:\Program Files (x86)\ATT
2015-09-17 08:30 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-16 16:07 - 2009-07-13 22:13 - 00782510 _____ C:\windows\system32\PerfStringBackup.INI
2015-09-16 13:46 - 2013-12-06 10:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-16 12:31 - 2011-03-10 19:07 - 00000000 ____D C:\Users\Mike\Mike's Stuff
2015-09-15 19:29 - 2014-05-19 09:59 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-15 11:46 - 2013-10-02 18:27 - 05797888 ___SH C:\Users\Mike\Documents\Thumbs.db
2015-09-15 10:39 - 2012-11-16 14:57 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 10:39 - 2012-11-16 14:57 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 12:30 - 2011-03-10 17:39 - 00000000 ____D C:\Users\Mike
2015-09-13 19:01 - 2015-01-04 00:10 - 00000000 ____D C:\Users\Mike\Documents\Sides
2015-09-11 15:05 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2015-09-10 07:53 - 2009-07-13 21:45 - 00289888 _____ C:\windows\system32\FNTCACHE.DAT
2015-09-10 07:50 - 2009-07-25 21:48 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 07:50 - 2009-07-13 20:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-09-09 23:45 - 2013-07-14 12:24 - 00000000 ____D C:\windows\system32\MRT
2015-09-09 12:59 - 2011-03-12 11:48 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype
2015-08-29 08:14 - 2014-11-17 10:29 - 00000000 ____D C:\windows\SysWOW64\vbox
2015-08-29 08:14 - 2014-11-17 10:29 - 00000000 ____D C:\windows\system32\vbox
2015-08-29 07:57 - 2012-04-26 12:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 23:34 - 2011-03-10 22:53 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-28 23:34 - 2011-03-10 22:53 - 00000000 ____D C:\Program Files\CCleaner
2015-08-28 15:48 - 2015-06-02 11:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 15:46 - 2013-08-09 11:06 - 01048344 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-08-28 15:45 - 2014-05-26 13:10 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-08-28 15:45 - 2013-12-29 12:12 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-08-28 15:45 - 2013-08-09 11:06 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-08-28 15:45 - 2013-08-09 11:06 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-08-28 15:45 - 2013-08-09 11:06 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-08-28 15:45 - 2013-08-09 11:05 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-08-28 15:45 - 2013-08-09 11:05 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-08-27 16:16 - 2011-03-10 19:55 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-26 18:37 - 2011-03-16 08:31 - 134753440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-19 13:39 - 2015-05-11 18:24 - 00002004 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-08-19 13:27 - 2012-01-16 15:28 - 00000000 ____D C:\ProgramData\HP
2015-08-19 13:27 - 2012-01-16 15:28 - 00000000 ____D C:\Program Files (x86)\HP
 
==================== Files in the root of some directories =======
 
2011-03-16 17:03 - 2011-03-16 17:08 - 41742792 _____ (Adobe Systems, Inc                                          ) C:\Program Files\Adobe_Contribute_4_Win.exe
2011-03-10 19:35 - 2008-01-29 00:27 - 0050688 _____ (Atribune.org) C:\Program Files\ATF_Cleaner.exe
2011-03-10 23:18 - 2010-10-17 15:17 - 4290744 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1136_upgrade.exe
2011-03-10 23:18 - 2010-11-09 10:17 - 4329496 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1153_upgrade.exe
2011-03-10 23:18 - 2009-11-18 15:25 - 0891248 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_9_40_cnet.exe
2011-03-10 19:35 - 2011-02-24 21:33 - 3033192 _____ (Piriform Ltd) C:\Program Files\ccsetup304.exe
2011-03-10 22:45 - 2006-08-20 16:59 - 0339257 _____ () C:\Program Files\CleanUp452.exe
2011-03-15 19:33 - 2011-02-18 09:52 - 3357488 _____ (Philipp Winterberg) C:\Program Files\InstallFreeRARExtractFrog.exe
2011-03-10 23:18 - 2008-09-10 14:49 - 2182784 _____ (Malwarebytes Corporation                                    ) C:\Program Files\mbam-setup.exe
2012-06-17 12:13 - 2012-06-17 12:13 - 3993600 _____ () C:\Program Files (x86)\GUT9399.tmp
2011-09-06 15:34 - 2011-09-06 15:34 - 0004096 ____H () C:\Users\Mike\AppData\Local\keyfile3.drm
2015-06-18 10:51 - 2015-06-18 10:51 - 0002740 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel
2011-03-12 12:37 - 2011-03-12 12:45 - 0000026 ____H () C:\ProgramData\.119889580931711767808769176
2012-01-16 15:27 - 2012-01-16 15:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-13 11:36 - 2011-04-13 11:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-03-12 12:21 - 2011-12-06 15:27 - 0001518 _____ () C:\ProgramData\hpzinstall.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-11 14:45
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Mike (2015-09-17 12:15:59)
Running from C:\Users\Mike\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-11 00:39:31)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3758289344-697551801-2976451627-500 - Administrator - Disabled)
Guest (S-1-5-21-3758289344-697551801-2976451627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3758289344-697551801-2976451627-1005 - Limited - Enabled)
Mike (S-1-5-21-3758289344-697551801-2976451627-1001 - Administrator - Enabled) => C:\Users\Mike
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop 5.5 (HKLM-x32\...\Adobe Photoshop 5.5) (Version: 5.5 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aiseesoft QuickTime Video Converter (HKLM-x32\...\Aiseesoft QuickTime Video Converter_is1) (Version:  - )
Amazon MP3 Downloader 1.0.12 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.12 - Amazon Services LLC)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Troubleshoot & Resolve (HKLM-x32\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.5.0.48 - AT&T)
att.net Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version:  - )
att.net Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
ATT-PRT22 (HKLM-x32\...\ATT-PRT22) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2225 - AVAST Software)
Best Buy pc app (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\48e4cff94f039634) (Version: 3.1.1.0 - Best Buy)
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{75C7BFBC-5FA8-47C9-9E6C-AD1954F63A53}) (Version: 1.0.109 - Citrix)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.4) (Version: 5.0.1.4 - Coupons.com Incorporated)
Dropbox (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
FanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Final Draft 7 (HKLM-x32\...\{78D62D17-D970-42DA-B8CF-5E5576293B33}) (Version: 7.1.1.19 - Final Draft, Inc.)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 2.50 - Philipp Winterberg)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPOJP8600FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2003 (HKLM-x32\...\{901B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Image Editor (HKLM-x32\...\{BE45D350-7BFF-4AC6-A958-65443346A40E}) (Version: 5.6 - Program4Pc Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Quicken 2010 (HKLM-x32\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.1.27 - Intuit)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30095 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TweetDeck (HKLM-x32\...\{FA6381E9-96D2-4F6F-866C-4D16E5986FF6}) (Version: 2.7.1 - Twitter, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1132\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
09-09-2015 23:29:01 Windows Update
10-09-2015 23:44:24 Windows Update
15-09-2015 09:29:17 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2013-08-10 11:07 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0355133D-C37D-4916-96E7-87213C72AF1C} - System32\Tasks\{1394EEF6-93C2-438D-8B51-98B9AFA718FD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.)
Task: {23794914-BC16-4B69-802F-549F3F0DDA22} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {39DA9E2C-7120-4B0D-9548-385A628B2843} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {3C1325F2-D996-4E44-BE3D-101048E07FC3} - System32\Tasks\{BC47F3C9-3073-4A81-A86F-E0DEE1CA7036} => Firefox.exe http://www.skype.com...#38;LastError=2
Task: {45A58D88-B063-4C73-80FB-675C5BBE8D38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {4F45946C-7A55-4DDB-A00F-E5DBD30D724D} - System32\Tasks\{097D5EB1-73A0-49FE-9262-4DB3F0FF9CC6} => Firefox.exe http://ui.skype.com/...?LastError=1603
Task: {626308B3-3D32-4E35-9873-6A1449E1CE33} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Mike => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22] (Adobe Systems Incorporated)
Task: {8DF7B080-1C21-4911-A660-BE7CD2F99187} - System32\Tasks\{CADCBA21-49F8-45AA-8A53-DC1B82EC95D2} => pcalua.exe -a C:\Users\Mike\Downloads\ltpb2setup.exe -d C:\Users\Mike\Downloads
Task: {8F4E1085-1F59-4D56-B077-927EF2E17513} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AAA2514A-C2E9-4C9C-9A7D-76FADEFDDD36} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B8EB83D0-B0DE-4DBB-8F24-FECDF0E8C28B} - System32\Tasks\{4A59F09D-E3A6-4D20-BC16-C44D834AA77B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.)
Task: {BAD60E54-6034-4235-9B52-32F6DA50255D} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {CA789963-7FFD-4840-AE97-C591FCC1147A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E1F5CB3D-D61C-4DE5-BA03-05F01D264340} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {E3CE389A-DF58-437E-B77F-6587454ACFCD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4FD4C3A-B2D2-43F9-8F77-55FF120504C7} - System32\Tasks\{54C7F1AD-595E-4432-8E2B-62D1FF8FA1CF} => pcalua.exe -a C:\Users\Mike\Downloads\ltpb1setup.exe -d C:\Users\Mike\Downloads
Task: {E72B302B-F836-423E-861C-0A6A267B8F5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E777D5CB-9233-48FB-9CD0-7B573623EC7D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-28] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-08-28 15:45 - 2015-08-28 15:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-28 15:45 - 2015-08-28 15:45 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-16 16:19 - 2015-09-16 16:19 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15091602\algo.dll
2015-09-17 08:33 - 2015-09-17 08:33 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15091702\algo.dll
2014-10-03 12:56 - 2014-10-03 12:56 - 00271360 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2014-10-03 12:56 - 2014-10-03 12:56 - 00244736 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-04-24 06:55 - 2013-04-24 06:55 - 01581056 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\libxmljs\build\Release\xmljs.node
2014-10-03 12:56 - 2014-10-03 12:56 - 00237056 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2010-12-28 19:12 - 2009-07-16 10:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-12-28 19:12 - 2007-12-31 11:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2015-03-18 17:07 - 2015-03-18 17:07 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-16 13:46 - 2015-09-11 17:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-16 13:46 - 2015-09-11 17:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-16 13:46 - 2015-09-11 17:22 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{570BF759-1450-4118-BB69-2CDD0F516ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{54CF2703-64D7-46DD-A89E-81E7B5E8883D}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{E284A2F4-69C5-4200-AADA-2D8C928BF9CE}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{25F1B24E-432E-45BE-995F-51B2B70FB80A}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{7930AF94-9A36-48A0-8258-637A61D398D3}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{BD6EC7A8-DDD8-4949-90FB-0F32E9A6E207}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{3C9E6304-65F0-4AE5-9E20-38A267CEA368}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{85680A97-BCDF-45F3-98DF-294F021E48DF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{E510B551-4DC5-426B-8BA7-3FB298F030CC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C972CBED-9ECF-4EF5-BC5E-719D659D9FB1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{8B7E4D56-2224-4EAA-B114-6689229C5700}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{1ADAC2B7-D5BA-45AE-AA6B-FA98EF8E5D52}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{37DC4EBA-73B3-4751-A2C3-3179778A9441}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{4EED157D-7020-42DF-B5D8-A8CB409EB47A}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{DD932FBA-1AA2-4B29-82F7-566D2FAF71D4}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{47FCF40A-23D8-429D-BB73-A84E859A4771}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{26838698-7B4B-4C57-B524-6334F8C52CDB}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{345F6C90-C2CC-45CF-9734-763DBE57D7D7}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{D4E8A139-9F4D-43D7-976B-14BDA3BF04CF}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{44CFB721-D3B1-46C8-8782-DD240D14BCE0}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{2273E658-F271-48EC-9CCF-ED6D4CEC4653}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{8E58EF57-01E9-47F2-BA03-980B2447031D}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{BE20D7B6-0CDF-4D19-B744-D9439913013C}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{A42C291F-FD15-4E3C-9442-DA948E796D07}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{0F66289A-FB1E-4CEE-BCBA-E33DDB442EA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [TCP Query User{7875A9D7-A4DB-4886-AF05-A09D85602C75}C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe] => (Allow) C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe
FirewallRules: [UDP Query User{818B8A5B-C537-460C-A48C-04B4C2035204}C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe] => (Allow) C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe
FirewallRules: [{FA48577F-DCA4-46D9-80E4-C69B223A1001}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60F0995A-A473-4039-8AF4-A8727436E249}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E69F3559-77DE-480F-AA2D-6FCDB41A33FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{610A7FA7-C78B-4A90-83C7-E52AEB4CBF75}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{81D46AA7-9A60-4ECF-94A9-B70007C808A4}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{FA0334D6-7E0F-4E1E-BEE9-EA3C9DC4F4A4}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [{5010B31D-419C-460D-8082-F434EDE156F6}] => (Allow) LPort=443
FirewallRules: [{653ADDCD-ECAA-41E5-AA52-301CF46A678C}] => (Allow) LPort=443
FirewallRules: [{4BB15081-1A8B-476C-A8E6-E25696E2E9D2}] => (Allow) LPort=37674
FirewallRules: [{CB7B1BD0-A044-47E3-875C-1352A3CBF242}] => (Allow) LPort=37674
FirewallRules: [{FC8C3018-0DA2-4B77-A5E6-184B2ACC6DEA}] => (Allow) LPort=37675
FirewallRules: [TCP Query User{C4A3323E-9B50-4179-8D08-E86394862B62}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{EDAA2843-3B7D-409C-8E56-3A2E23505B17}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [TCP Query User{3CAD2D4A-A592-4B1E-8D26-5653F0430B96}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4BD2396A-DDB5-40B7-84FB-F2614316351A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{261F77C3-C0AD-4871-BE82-DAC8FD1D6F0C}C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe] => (Allow) C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe
FirewallRules: [UDP Query User{26E36A31-B190-450D-85FE-587882EEF565}C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe] => (Allow) C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe
FirewallRules: [{339E7643-3CC8-4AF9-A10C-ED4B90F8AB25}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2871F22F-2845-4576-A8FF-37CF0CD36612}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C11943B4-6F9F-4D37-AE39-663B006DD9D6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{489309C9-9B17-44FF-86C0-BE926EFD7C55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77A7ADA8-693E-4792-889D-2EFF1710A22F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{748C61E4-31BC-4B1A-8D0B-04C244C5DB97}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsoB18A.tmp\CnetInstaller-10532704.exe
FirewallRules: [{24882E53-F1D8-4700-98FF-5BF8A8AD72AC}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsoB18A.tmp\CnetInstaller-10532704.exe
FirewallRules: [{11A0A468-416C-4B87-A82B-C31245976541}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf2C83.tmp\CnetInstaller-10536710.exe
FirewallRules: [{C78CE18E-F5C4-4EF1-B798-0107C7599A8B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf2C83.tmp\CnetInstaller-10536710.exe
FirewallRules: [{D460D60A-0B94-4653-BC25-881AA220BA76}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nskC690.tmp\CnetInstaller-10532704.exe
FirewallRules: [{17D40EEE-9B3C-4F77-B058-7D0DA7CD7110}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nskC690.tmp\CnetInstaller-10532704.exe
FirewallRules: [TCP Query User{6877928B-8265-4529-874A-41C7B2B743EA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D56E3CEC-D577-40C4-9538-E0A97718D361}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{04245D5C-470C-4ACF-BC24-EACF9DFBAFD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1A64CD0C-A2E3-47F8-811A-483A8F3CEA84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59D4FA73-459B-474A-9B3D-5F42AC8F610D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FA045712-F986-4393-97EF-F07FBA8ABA89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EBD15FA-F6FD-460B-929C-83C2F3B9F353}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS212F\HPDiagnosticCoreUI.exe
FirewallRules: [{A1FCB94B-08FC-477F-A7CA-33A217959150}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS212F\HPDiagnosticCoreUI.exe
FirewallRules: [{117899FF-B4C2-403D-BF3B-C0B8950FF2E3}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS162D\HPDiagnosticCoreUI.exe
FirewallRules: [{7F77561B-7C1C-45E7-8140-1C8CC96E2C51}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS162D\HPDiagnosticCoreUI.exe
FirewallRules: [{81B2729F-5AD7-4F55-86C0-50870BBAF405}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4CBC\HPDiagnosticCoreUI.exe
FirewallRules: [{6D21CE04-D293-4E4A-BBC1-0CD852B76173}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4CBC\HPDiagnosticCoreUI.exe
FirewallRules: [{47C4D05E-576E-4C1E-BDE9-0DE1B29D6BC2}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DAB\HPDiagnosticCoreUI.exe
FirewallRules: [{2E1BBA48-A0F4-4252-B3DB-CBB78444DCEE}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DAB\HPDiagnosticCoreUI.exe
FirewallRules: [{94D59269-84FA-4802-9451-AE6D22B0DEC9}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsp31BF.tmp\Installer-75758784.exe
FirewallRules: [{F7195BC4-9DE3-402E-8A95-5DC2021C928A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsp31BF.tmp\Installer-75758784.exe
FirewallRules: [{5AF1E27A-A7B2-4386-A133-71F5BD294C3A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf3299.tmp\Installer-75758784.exe
FirewallRules: [{B1D3386A-4A07-4822-8256-3B8ABC9AB9C7}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf3299.tmp\Installer-75758784.exe
FirewallRules: [{CED215B4-8566-4852-978B-F891C6BA3D9B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsa433C.tmp\Installer-75758784.exe
FirewallRules: [{A2A737A8-2A81-4CBC-A4C9-1D0011B43E0A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsa433C.tmp\Installer-75758784.exe
FirewallRules: [{CD3098E0-B20D-455D-96A0-EF745BC1EA0F}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsg24D4.tmp\Installer-75758784.exe
FirewallRules: [{00F50087-6DEB-4F7C-9471-647F608E4CDC}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsg24D4.tmp\Installer-75758784.exe
FirewallRules: [{4C1ED33A-145F-473D-A1D2-656162861410}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DC5\HPDiagnosticCoreUI.exe
FirewallRules: [{7ADB4D15-A431-4EC0-A1D6-C4B896F1CDC8}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DC5\HPDiagnosticCoreUI.exe
FirewallRules: [{0EFAD61C-0A7D-4F00-B077-6FD835F9468D}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS510C\HPDiagnosticCoreUI.exe
FirewallRules: [{499F1D7F-0004-4142-980F-E6E9D6E3F1B1}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS510C\HPDiagnosticCoreUI.exe
FirewallRules: [{F1462565-863F-44C3-8C93-5B15EFC1C886}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS5872\HPDiagnosticCoreUI.exe
FirewallRules: [{EBDC0087-A194-451B-ABFE-4E96174A828B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS5872\HPDiagnosticCoreUI.exe
FirewallRules: [{F4A29822-B984-4067-96D2-29D637EB0150}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS61A1\HPDiagnosticCoreUI.exe
FirewallRules: [{13E5A8AD-99FF-4841-A30B-04C798FB5C9B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS61A1\HPDiagnosticCoreUI.exe
FirewallRules: [{986C440F-4E5B-401E-BAD0-2702D77C46B2}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS0907\HPDiagnosticCoreUI.exe
FirewallRules: [{CFAAA29B-2911-4C13-BDBB-B71758C3AC47}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS0907\HPDiagnosticCoreUI.exe
FirewallRules: [{CAB2F508-1ADA-4D3B-A3C5-9E29990C4B37}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS14D0\HPDiagnosticCoreUI.exe
FirewallRules: [{E09F74B2-1BD8-45D0-BAA6-EEBD7212E95D}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS14D0\HPDiagnosticCoreUI.exe
FirewallRules: [{6F3428B0-4613-43CE-9DAA-6780D76A1EF8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{F769298F-60CF-4ACF-95C9-B072401E4D8D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{7BEBEEAA-55C2-4403-8141-7D28F287EFA8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{371CD150-9E82-4739-AAF9-CCC9EF9808C3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{18C6C03B-7EED-4316-9F16-4B3231D6DD94}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8282BDF9-A5C7-4256-91EF-0CFAACA6B07D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{915F6040-1CEC-46FB-9E7A-67883C36AE8C}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4891\HPDiagnosticCoreUI.exe
FirewallRules: [{F34E1DCD-D355-4634-B108-316D9A41B070}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4891\HPDiagnosticCoreUI.exe
FirewallRules: [{830D13F7-B487-4CA0-9BD3-B61DD8508ADE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4560C8F9-2FE7-4295-BFA3-40020F01E7C7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{027FD46B-CE22-40C8-8DEB-DFF896610F75}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4B451B24-C23B-487E-9729-71AAED2AA4C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/17/2015 08:31:59 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3416) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (09/17/2015 08:31:59 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3416) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/16/2015 08:18:12 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/16/2015 08:18:12 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/16/2015 08:18:12 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/16/2015 08:18:12 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (09/16/2015 08:17:59 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/16/2015 08:17:59 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (09/16/2015 08:17:59 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/16/2015 08:17:59 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (09/16/2015 08:18:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (09/16/2015 08:18:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (09/16/2015 08:18:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/16/2015 08:18:12 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (09/15/2015 09:23:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/15/2015 09:23:45 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (09/14/2015 11:41:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (09/13/2015 08:56:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/13/2015 08:56:17 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (09/10/2015 03:05:57 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PCMikeS-1-5-21-3758289344-697551801-2976451627-1001LocalHost (Using LRPC)
 
 
CodeIntegrity:
===================================
  Date: 2014-09-13 12:13:26.200
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 12:13:25.672
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 12:13:10.334
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 12:13:09.801
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 12:12:00.330
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 12:11:59.806
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-10 11:05:34.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-10 11:05:34.210
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-10 11:05:33.929
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-10 11:05:33.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 76%
Total physical RAM: 4061.18 MB
Available physical RAM: 974.39 MB
Total Virtual: 8120.55 MB
Available Virtual: 3947.27 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:906.34 GB) (Free:473.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5E0DFF55)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, do you still require assistance ? If so could you post a fresh FRST scan please
  • 0

#3
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

Yes, thank you - I still get more spinning circles instead of loading webpages. Ultimately they load but it takes longer on this computer than on my laptop... Here are the FRST reports

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Mike (administrator) on PC (22-09-2015 11:55:10)
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike (Available Profiles: Mike)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcatel-Lucent) C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\MAHostService.exe
(Joyent, Inc) C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\node.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcatel-Lucent) C:\Program Files\ATT\8.5.0.48\ma\bin\pcTrayApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [VX3000] => C:\windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [ATT_McciTrayApp] => C:\Program Files\ATT\8.5.0.48\ma\bin\pcTrayApp.exe [2886144 2015-01-22] (Alcatel-Lucent)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-21] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [pronto] => "C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe"
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-21] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A8A8C631-CC71-4F8E-9A12-1418D9D34BD9}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-3758289344-697551801-2976451627-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-atty
SearchScopes: HKU\S-1-5-21-3758289344-697551801-2976451627-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-atty
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788
FF DefaultSearchEngine: Yahoo!
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxps://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2009-01-07] (Motive, Inc.)
FF Plugin-x32: @Motive.com/NpMotive,version=1.1 -> C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\npMotive.dll [2015-01-22] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.1 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2014-08-27] (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3758289344-697551801-2976451627-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mike\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-06-24] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-11-04] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2010-03-27] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-12-03] (Coupons, Inc.)
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788\searchplugins\amazon-search-suggestions.xml [2015-07-09]
FF Extension: Classic Theme Restorer - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788\Extensions\[email protected] [2015-06-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2015-07-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-09]

Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch","hxxps://www.yahoo.com/?fr=hp-avast&type=odc179"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=926458&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-06]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-06]
CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-12-09]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-06]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-06]
CHR Extension: (Avast SafePrice) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-08]
CHR Extension: (Disconnect Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2014-04-03]
CHR Extension: (Disconnect) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-03-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-23]
CHR Extension: (Ghostery) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-06]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-06]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [kofilaoejfjbjfopdnckahcidedndnln] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2015-07-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.5.0.48\ma\bin\MAHostService.exe [321024 2015-01-22] (Alcatel-Lucent) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-21] (Avast Software)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-12-03] (Coupons.com Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2014-09-10] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2014-09-10] (Alcatel-Lucent) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-21] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-21] (AVAST Software)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-21] (Avast Software)
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-22 11:55 - 2015-09-22 11:55 - 18819272 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-22 11:55 - 2015-09-22 11:55 - 00022316 _____ C:\Users\Mike\Desktop\FRST.txt
2015-09-22 11:22 - 2015-09-22 11:22 - 02191360 _____ (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2015-09-22 10:54 - 2015-09-22 10:54 - 00000000 ____D C:\Users\Mike\AppData\Local\Apple
2015-09-22 10:02 - 2015-09-22 10:02 - 00000000 ____D C:\Users\Mike\AppData\Local\Adobe
2015-09-22 10:01 - 2015-09-22 10:01 - 00004782 _____ C:\windows\PFRO.log
2015-09-22 10:01 - 2015-09-22 10:01 - 00000056 _____ C:\windows\setupact.log
2015-09-22 10:01 - 2015-09-22 10:01 - 00000000 _____ C:\windows\setuperr.log
2015-09-21 15:01 - 2015-09-21 15:01 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-09-21 15:01 - 2015-09-21 15:01 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-09-17 12:15 - 2015-09-17 12:17 - 00045789 _____ C:\Users\Mike\Documents\Addition.txt
2015-09-17 12:14 - 2015-09-17 12:17 - 00064003 _____ C:\Users\Mike\Documents\FRST.txt
2015-09-16 08:17 - 2015-09-22 10:53 - 00000000 ____D C:\Users\Mike\AppData\Local\Apple Computer
2015-09-10 08:28 - 2015-08-04 11:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-09-10 08:28 - 2015-08-04 11:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-09-10 08:28 - 2015-08-04 10:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-09-10 08:28 - 2015-08-04 10:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-09-10 08:28 - 2015-08-04 10:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-09-10 08:28 - 2015-08-04 10:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-09-10 08:28 - 2015-08-04 10:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-09-10 08:28 - 2015-08-04 10:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-09-10 08:28 - 2015-08-04 09:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-09-09 09:02 - 2015-08-17 18:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-09-09 09:02 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-09-09 09:02 - 2015-08-14 23:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-09-09 09:02 - 2015-08-14 23:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-09-09 09:02 - 2015-08-14 23:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-09-09 09:02 - 2015-08-14 23:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-09-09 09:02 - 2015-08-14 23:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-09-09 09:02 - 2015-08-14 23:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-09-09 09:02 - 2015-08-14 23:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-09-09 09:02 - 2015-08-14 23:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-09-09 09:02 - 2015-08-14 23:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-09-09 09:02 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-09-09 09:02 - 2015-08-14 23:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-09-09 09:02 - 2015-08-14 23:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-09-09 09:02 - 2015-08-14 23:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-09-09 09:02 - 2015-08-14 23:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-09-09 09:02 - 2015-08-14 22:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:02 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-09-09 09:02 - 2015-08-14 22:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-09-09 09:02 - 2015-08-14 22:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:02 - 2015-08-14 22:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-09-09 09:02 - 2015-08-14 22:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-09-09 09:02 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-09-09 09:02 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-09-09 09:02 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-09-09 09:02 - 2015-08-14 22:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-09-09 09:02 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-09-09 09:02 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-09-09 09:02 - 2015-08-14 22:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-09-09 09:02 - 2015-08-14 22:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-09-09 09:02 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-09-09 09:02 - 2015-08-14 22:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-09-09 09:02 - 2015-08-14 22:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-09-09 09:02 - 2015-08-14 22:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-09-09 09:02 - 2015-08-14 22:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-09-09 09:02 - 2015-08-14 22:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-09-09 09:02 - 2015-08-14 22:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-09-09 09:02 - 2015-08-14 22:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-09-09 09:02 - 2015-08-14 22:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-09-09 09:02 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:02 - 2015-08-14 22:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-09-09 09:02 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-09-09 09:02 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-09-09 09:02 - 2015-08-14 22:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-09-09 09:02 - 2015-08-14 22:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-09-09 09:02 - 2015-08-14 22:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-09-09 09:02 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-09-09 09:02 - 2015-08-14 22:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-09-09 09:02 - 2015-08-14 22:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-09-09 09:02 - 2015-08-14 21:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-09-09 09:02 - 2015-08-14 21:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-09-09 09:02 - 2015-08-14 21:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-09-09 09:02 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-09-09 09:02 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-09-09 08:55 - 2015-08-05 10:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-09-09 08:55 - 2015-08-05 10:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-09-09 08:50 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-09-09 08:50 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-09-09 08:50 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-09-09 08:50 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-09-09 08:50 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-09-09 08:50 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-09-09 08:47 - 2015-07-22 17:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-09-09 08:47 - 2015-07-22 17:06 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-09-09 08:47 - 2015-07-22 17:06 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-09-09 08:47 - 2015-07-22 17:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-09-09 08:47 - 2015-07-22 17:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-09-09 08:47 - 2015-07-22 17:02 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-09-09 08:47 - 2015-07-22 17:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-09-09 08:47 - 2015-07-22 17:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-09-09 08:47 - 2015-07-22 17:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-09-09 08:47 - 2015-07-22 17:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-09-09 08:47 - 2015-07-22 17:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-09-09 08:47 - 2015-07-22 16:58 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-09-09 08:47 - 2015-07-22 16:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 16:51 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-09-09 08:47 - 2015-07-22 10:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-09-09 08:47 - 2015-07-22 10:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-09-09 08:47 - 2015-07-22 10:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-09-09 08:47 - 2015-07-22 10:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-09-09 08:47 - 2015-07-22 10:52 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-09-09 08:47 - 2015-07-22 10:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-09-09 08:47 - 2015-07-22 10:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-09-09 08:47 - 2015-07-22 10:47 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-09-09 08:47 - 2015-07-22 10:46 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-09-09 08:47 - 2015-07-22 09:45 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-09-09 08:47 - 2015-07-22 09:44 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-09-09 08:47 - 2015-07-22 09:44 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-09-09 08:47 - 2015-07-22 09:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-09-09 08:47 - 2015-07-22 09:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-09-09 08:47 - 2015-07-22 09:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 08:47 - 2015-07-22 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 08:46 - 2015-08-27 11:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-09-09 08:46 - 2015-08-27 11:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-09-09 08:46 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-09-09 08:46 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-09-09 08:46 - 2015-08-27 10:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-09-09 08:46 - 2015-08-27 10:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-09-09 08:46 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-09-09 08:46 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-09-09 08:46 - 2015-06-25 03:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-09-09 08:46 - 2015-06-25 03:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-09-09 08:46 - 2015-06-25 03:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-09-09 08:46 - 2015-06-25 02:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-09-09 08:45 - 2015-09-01 20:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-09-09 08:45 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-09-09 08:45 - 2015-09-01 19:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-09-09 08:45 - 2015-09-01 18:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-09-09 08:45 - 2015-09-01 18:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-09-09 08:45 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 03165696 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-09-09 08:45 - 2015-08-26 11:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-09-09 08:45 - 2015-08-26 11:06 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-09-09 08:45 - 2015-08-26 11:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-09-09 08:45 - 2015-08-26 11:06 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-09-09 08:45 - 2015-08-26 11:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-09-09 08:45 - 2015-08-26 10:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-09-09 08:45 - 2015-08-26 10:55 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-28 20:11 - 2015-08-28 20:13 - 06667640 _____ (Piriform Ltd) C:\Users\Mike\Downloads\ccsetup509.exe
2015-08-28 15:45 - 2015-09-21 15:01 - 00132656 _____ (AVAST Software) C:\windows\system32\Drivers\ngvss.sys
2015-08-27 16:17 - 2015-08-27 16:17 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-27 16:17 - 2015-08-27 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-27 16:16 - 2015-08-27 16:17 - 00000000 ____D C:\Program Files\iTunes
2015-08-27 16:16 - 2015-08-27 16:16 - 00000000 ____D C:\Program Files\iPod
2015-08-27 16:16 - 2015-08-27 16:16 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-22 11:55 - 2015-02-06 14:00 - 00000000 ____D C:\FRST
2015-09-22 11:55 - 2013-03-19 08:52 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-09-22 11:55 - 2013-03-19 08:52 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-09-22 11:55 - 2012-07-02 11:49 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-09-22 11:55 - 2012-07-02 11:49 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 11:44 - 2012-11-16 14:57 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 11:34 - 2011-10-25 16:31 - 02052872 _____ C:\windows\WindowsUpdate.log
2015-09-22 11:26 - 2009-07-13 21:45 - 00026192 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-22 11:26 - 2009-07-13 21:45 - 00026192 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-22 10:53 - 2012-11-16 14:57 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 10:03 - 2013-08-09 11:05 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-09-22 10:02 - 2011-03-10 17:59 - 00000000 ____D C:\Program Files (x86)\ATT
2015-09-22 10:02 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-21 15:01 - 2014-05-26 13:10 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-09-21 15:01 - 2013-12-29 12:12 - 00153744 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-09-21 15:01 - 2013-08-09 11:06 - 01049880 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2015-09-21 15:01 - 2013-08-09 11:06 - 00448968 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-09-21 15:01 - 2013-08-09 11:06 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-09-21 15:01 - 2013-08-09 11:06 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-09-21 15:01 - 2013-08-09 11:05 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-09-21 15:01 - 2013-08-09 11:05 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-09-21 14:59 - 2014-05-19 09:59 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-21 14:45 - 2015-01-04 00:10 - 00000000 ____D C:\Users\Mike\Documents\Sides
2015-09-21 14:43 - 2011-03-10 19:07 - 00000000 ____D C:\Users\Mike\Mike's Stuff
2015-09-19 19:20 - 2009-07-13 22:13 - 00782510 _____ C:\windows\system32\PerfStringBackup.INI
2015-09-17 17:17 - 2015-07-11 11:05 - 00000000 ____D C:\Users\Mike\Documents\IRS records
2015-09-16 13:46 - 2013-12-06 10:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-15 11:46 - 2013-10-02 18:27 - 05797888 ___SH C:\Users\Mike\Documents\Thumbs.db
2015-09-15 10:39 - 2012-11-16 14:57 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 10:39 - 2012-11-16 14:57 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 12:30 - 2011-03-10 17:39 - 00000000 ____D C:\Users\Mike
2015-09-11 15:05 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2015-09-10 07:53 - 2009-07-13 21:45 - 00289888 _____ C:\windows\system32\FNTCACHE.DAT
2015-09-10 07:50 - 2009-07-25 21:48 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 07:50 - 2009-07-13 20:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-09-09 23:45 - 2013-07-14 12:24 - 00000000 ____D C:\windows\system32\MRT
2015-09-09 12:59 - 2011-03-12 11:48 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype
2015-08-29 08:14 - 2014-11-17 10:29 - 00000000 ____D C:\windows\SysWOW64\vbox
2015-08-29 08:14 - 2014-11-17 10:29 - 00000000 ____D C:\windows\system32\vbox
2015-08-29 07:57 - 2012-04-26 12:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 23:34 - 2011-03-10 22:53 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-28 23:34 - 2011-03-10 22:53 - 00000000 ____D C:\Program Files\CCleaner
2015-08-28 15:48 - 2015-06-02 11:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-27 16:16 - 2011-03-10 19:55 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-26 18:37 - 2011-03-16 08:31 - 134753440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-03-16 17:03 - 2011-03-16 17:08 - 41742792 _____ (Adobe Systems, Inc                                          ) C:\Program Files\Adobe_Contribute_4_Win.exe
2011-03-10 19:35 - 2008-01-29 00:27 - 0050688 _____ (Atribune.org) C:\Program Files\ATF_Cleaner.exe
2011-03-10 23:18 - 2010-10-17 15:17 - 4290744 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1136_upgrade.exe
2011-03-10 23:18 - 2010-11-09 10:17 - 4329496 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1153_upgrade.exe
2011-03-10 23:18 - 2009-11-18 15:25 - 0891248 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_9_40_cnet.exe
2011-03-10 19:35 - 2011-02-24 21:33 - 3033192 _____ (Piriform Ltd) C:\Program Files\ccsetup304.exe
2011-03-10 22:45 - 2006-08-20 16:59 - 0339257 _____ () C:\Program Files\CleanUp452.exe
2011-03-15 19:33 - 2011-02-18 09:52 - 3357488 _____ (Philipp Winterberg) C:\Program Files\InstallFreeRARExtractFrog.exe
2011-03-10 23:18 - 2008-09-10 14:49 - 2182784 _____ (Malwarebytes Corporation                                    ) C:\Program Files\mbam-setup.exe
2012-06-17 12:13 - 2012-06-17 12:13 - 3993600 _____ () C:\Program Files (x86)\GUT9399.tmp
2011-09-06 15:34 - 2011-09-06 15:34 - 0004096 ____H () C:\Users\Mike\AppData\Local\keyfile3.drm
2015-06-18 10:51 - 2015-06-18 10:51 - 0002740 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel
2011-03-12 12:37 - 2011-03-12 12:45 - 0000026 ____H () C:\ProgramData\.119889580931711767808769176
2012-01-16 15:27 - 2012-01-16 15:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-13 11:36 - 2011-04-13 11:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-03-12 12:21 - 2011-12-06 15:27 - 0001518 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-21 08:55

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Mike (2015-09-22 11:56:31)
Running from C:\Users\Mike\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-11 00:39:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3758289344-697551801-2976451627-500 - Administrator - Disabled)
Guest (S-1-5-21-3758289344-697551801-2976451627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3758289344-697551801-2976451627-1005 - Limited - Enabled)
Mike (S-1-5-21-3758289344-697551801-2976451627-1001 - Administrator - Enabled) => C:\Users\Mike

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop 5.5 (HKLM-x32\...\Adobe Photoshop 5.5) (Version: 5.5 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aiseesoft QuickTime Video Converter (HKLM-x32\...\Aiseesoft QuickTime Video Converter_is1) (Version:  - )
Amazon MP3 Downloader 1.0.12 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.12 - Amazon Services LLC)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Troubleshoot & Resolve (HKLM-x32\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.5.0.48 - AT&T)
att.net Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version:  - )
att.net Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
ATT-PRT22 (HKLM-x32\...\ATT-PRT22) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Best Buy pc app (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\48e4cff94f039634) (Version: 3.1.1.0 - Best Buy)
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{75C7BFBC-5FA8-47C9-9E6C-AD1954F63A53}) (Version: 1.0.109 - Citrix)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.4) (Version: 5.0.1.4 - Coupons.com Incorporated)
Dropbox (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
FanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Final Draft 7 (HKLM-x32\...\{78D62D17-D970-42DA-B8CF-5E5576293B33}) (Version: 7.1.1.19 - Final Draft, Inc.)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 2.50 - Philipp Winterberg)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-3758289344-697551801-2976451627-1001\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPOJP8600FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2003 (HKLM-x32\...\{901B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Image Editor (HKLM-x32\...\{BE45D350-7BFF-4AC6-A958-65443346A40E}) (Version: 5.6 - Program4Pc Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Quicken 2010 (HKLM-x32\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.1.27 - Intuit)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30095 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TweetDeck (HKLM-x32\...\{FA6381E9-96D2-4F6F-866C-4D16E5986FF6}) (Version: 2.7.1 - Twitter, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1132\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3758289344-697551801-2976451627-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-08-10 11:07 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0355133D-C37D-4916-96E7-87213C72AF1C} - System32\Tasks\{1394EEF6-93C2-438D-8B51-98B9AFA718FD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.)
Task: {23794914-BC16-4B69-802F-549F3F0DDA22} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {386FCD10-CA3C-481C-A149-C5BEAA3295DF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-21] (AVAST Software)
Task: {39DA9E2C-7120-4B0D-9548-385A628B2843} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {3C1325F2-D996-4E44-BE3D-101048E07FC3} - System32\Tasks\{BC47F3C9-3073-4A81-A86F-E0DEE1CA7036} => Firefox.exe http://www.skype.com...#38;LastError=2
Task: {45A58D88-B063-4C73-80FB-675C5BBE8D38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {4F45946C-7A55-4DDB-A00F-E5DBD30D724D} - System32\Tasks\{097D5EB1-73A0-49FE-9262-4DB3F0FF9CC6} => Firefox.exe http://ui.skype.com/...?LastError=1603
Task: {626308B3-3D32-4E35-9873-6A1449E1CE33} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Mike => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22] (Adobe Systems Incorporated)
Task: {8DF7B080-1C21-4911-A660-BE7CD2F99187} - System32\Tasks\{CADCBA21-49F8-45AA-8A53-DC1B82EC95D2} => pcalua.exe -a C:\Users\Mike\Downloads\ltpb2setup.exe -d C:\Users\Mike\Downloads
Task: {8F4E1085-1F59-4D56-B077-927EF2E17513} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AAA2514A-C2E9-4C9C-9A7D-76FADEFDDD36} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B8EB83D0-B0DE-4DBB-8F24-FECDF0E8C28B} - System32\Tasks\{4A59F09D-E3A6-4D20-BC16-C44D834AA77B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.)
Task: {BAD60E54-6034-4235-9B52-32F6DA50255D} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {CA789963-7FFD-4840-AE97-C591FCC1147A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E1F5CB3D-D61C-4DE5-BA03-05F01D264340} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {E3CE389A-DF58-437E-B77F-6587454ACFCD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4FD4C3A-B2D2-43F9-8F77-55FF120504C7} - System32\Tasks\{54C7F1AD-595E-4432-8E2B-62D1FF8FA1CF} => pcalua.exe -a C:\Users\Mike\Downloads\ltpb1setup.exe -d C:\Users\Mike\Downloads
Task: {E72B302B-F836-423E-861C-0A6A267B8F5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-09-21 15:01 - 2015-09-21 15:01 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-21 15:01 - 2015-09-21 15:01 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-21 12:10 - 2015-09-21 12:10 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092101\algo.dll
2015-09-22 10:04 - 2015-09-22 10:04 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092200\algo.dll
2014-10-03 12:56 - 2014-10-03 12:56 - 00271360 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2014-10-03 12:56 - 2014-10-03 12:56 - 00244736 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-04-24 06:55 - 2013-04-24 06:55 - 01581056 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\libxmljs\build\Release\xmljs.node
2014-10-03 12:56 - 2014-10-03 12:56 - 00237056 _____ () C:\Program Files (x86)\ATT\8.5.0.48\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2010-12-28 19:12 - 2009-07-16 10:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-12-28 19:12 - 2007-12-31 11:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2015-09-21 15:01 - 2015-09-21 15:01 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-08-12 08:53 - 2015-08-12 08:53 - 17482952 ____N () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3758289344-697551801-2976451627-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{570BF759-1450-4118-BB69-2CDD0F516ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{54CF2703-64D7-46DD-A89E-81E7B5E8883D}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{E284A2F4-69C5-4200-AADA-2D8C928BF9CE}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{25F1B24E-432E-45BE-995F-51B2B70FB80A}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{7930AF94-9A36-48A0-8258-637A61D398D3}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{BD6EC7A8-DDD8-4949-90FB-0F32E9A6E207}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{3C9E6304-65F0-4AE5-9E20-38A267CEA368}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{85680A97-BCDF-45F3-98DF-294F021E48DF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{E510B551-4DC5-426B-8BA7-3FB298F030CC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C972CBED-9ECF-4EF5-BC5E-719D659D9FB1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{8B7E4D56-2224-4EAA-B114-6689229C5700}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{1ADAC2B7-D5BA-45AE-AA6B-FA98EF8E5D52}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{37DC4EBA-73B3-4751-A2C3-3179778A9441}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{4EED157D-7020-42DF-B5D8-A8CB409EB47A}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{DD932FBA-1AA2-4B29-82F7-566D2FAF71D4}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{47FCF40A-23D8-429D-BB73-A84E859A4771}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{26838698-7B4B-4C57-B524-6334F8C52CDB}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{345F6C90-C2CC-45CF-9734-763DBE57D7D7}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{D4E8A139-9F4D-43D7-976B-14BDA3BF04CF}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{44CFB721-D3B1-46C8-8782-DD240D14BCE0}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{2273E658-F271-48EC-9CCF-ED6D4CEC4653}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{8E58EF57-01E9-47F2-BA03-980B2447031D}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{BE20D7B6-0CDF-4D19-B744-D9439913013C}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{A42C291F-FD15-4E3C-9442-DA948E796D07}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{0F66289A-FB1E-4CEE-BCBA-E33DDB442EA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [TCP Query User{7875A9D7-A4DB-4886-AF05-A09D85602C75}C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe] => (Allow) C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe
FirewallRules: [UDP Query User{818B8A5B-C537-460C-A48C-04B4C2035204}C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe] => (Allow) C:\program files (x86)\adobe\adobe contribute cs5\app\contribute.exe
FirewallRules: [{FA48577F-DCA4-46D9-80E4-C69B223A1001}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60F0995A-A473-4039-8AF4-A8727436E249}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E69F3559-77DE-480F-AA2D-6FCDB41A33FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{610A7FA7-C78B-4A90-83C7-E52AEB4CBF75}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{81D46AA7-9A60-4ECF-94A9-B70007C808A4}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{FA0334D6-7E0F-4E1E-BEE9-EA3C9DC4F4A4}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [{5010B31D-419C-460D-8082-F434EDE156F6}] => (Allow) LPort=443
FirewallRules: [{653ADDCD-ECAA-41E5-AA52-301CF46A678C}] => (Allow) LPort=443
FirewallRules: [{4BB15081-1A8B-476C-A8E6-E25696E2E9D2}] => (Allow) LPort=37674
FirewallRules: [{CB7B1BD0-A044-47E3-875C-1352A3CBF242}] => (Allow) LPort=37674
FirewallRules: [{FC8C3018-0DA2-4B77-A5E6-184B2ACC6DEA}] => (Allow) LPort=37675
FirewallRules: [TCP Query User{C4A3323E-9B50-4179-8D08-E86394862B62}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{EDAA2843-3B7D-409C-8E56-3A2E23505B17}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [TCP Query User{3CAD2D4A-A592-4B1E-8D26-5653F0430B96}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4BD2396A-DDB5-40B7-84FB-F2614316351A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{261F77C3-C0AD-4871-BE82-DAC8FD1D6F0C}C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe] => (Allow) C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe
FirewallRules: [UDP Query User{26E36A31-B190-450D-85FE-587882EEF565}C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe] => (Allow) C:\users\mike\appdata\local\temp\7zs50d1\enterprisedu.exe
FirewallRules: [{339E7643-3CC8-4AF9-A10C-ED4B90F8AB25}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2871F22F-2845-4576-A8FF-37CF0CD36612}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C11943B4-6F9F-4D37-AE39-663B006DD9D6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{489309C9-9B17-44FF-86C0-BE926EFD7C55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77A7ADA8-693E-4792-889D-2EFF1710A22F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{748C61E4-31BC-4B1A-8D0B-04C244C5DB97}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsoB18A.tmp\CnetInstaller-10532704.exe
FirewallRules: [{24882E53-F1D8-4700-98FF-5BF8A8AD72AC}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsoB18A.tmp\CnetInstaller-10532704.exe
FirewallRules: [{11A0A468-416C-4B87-A82B-C31245976541}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf2C83.tmp\CnetInstaller-10536710.exe
FirewallRules: [{C78CE18E-F5C4-4EF1-B798-0107C7599A8B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf2C83.tmp\CnetInstaller-10536710.exe
FirewallRules: [{D460D60A-0B94-4653-BC25-881AA220BA76}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nskC690.tmp\CnetInstaller-10532704.exe
FirewallRules: [{17D40EEE-9B3C-4F77-B058-7D0DA7CD7110}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nskC690.tmp\CnetInstaller-10532704.exe
FirewallRules: [TCP Query User{6877928B-8265-4529-874A-41C7B2B743EA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D56E3CEC-D577-40C4-9538-E0A97718D361}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{04245D5C-470C-4ACF-BC24-EACF9DFBAFD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1A64CD0C-A2E3-47F8-811A-483A8F3CEA84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59D4FA73-459B-474A-9B3D-5F42AC8F610D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FA045712-F986-4393-97EF-F07FBA8ABA89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EBD15FA-F6FD-460B-929C-83C2F3B9F353}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS212F\HPDiagnosticCoreUI.exe
FirewallRules: [{A1FCB94B-08FC-477F-A7CA-33A217959150}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS212F\HPDiagnosticCoreUI.exe
FirewallRules: [{117899FF-B4C2-403D-BF3B-C0B8950FF2E3}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS162D\HPDiagnosticCoreUI.exe
FirewallRules: [{7F77561B-7C1C-45E7-8140-1C8CC96E2C51}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS162D\HPDiagnosticCoreUI.exe
FirewallRules: [{81B2729F-5AD7-4F55-86C0-50870BBAF405}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4CBC\HPDiagnosticCoreUI.exe
FirewallRules: [{6D21CE04-D293-4E4A-BBC1-0CD852B76173}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4CBC\HPDiagnosticCoreUI.exe
FirewallRules: [{47C4D05E-576E-4C1E-BDE9-0DE1B29D6BC2}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DAB\HPDiagnosticCoreUI.exe
FirewallRules: [{2E1BBA48-A0F4-4252-B3DB-CBB78444DCEE}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DAB\HPDiagnosticCoreUI.exe
FirewallRules: [{94D59269-84FA-4802-9451-AE6D22B0DEC9}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsp31BF.tmp\Installer-75758784.exe
FirewallRules: [{F7195BC4-9DE3-402E-8A95-5DC2021C928A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsp31BF.tmp\Installer-75758784.exe
FirewallRules: [{5AF1E27A-A7B2-4386-A133-71F5BD294C3A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf3299.tmp\Installer-75758784.exe
FirewallRules: [{B1D3386A-4A07-4822-8256-3B8ABC9AB9C7}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsf3299.tmp\Installer-75758784.exe
FirewallRules: [{CED215B4-8566-4852-978B-F891C6BA3D9B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsa433C.tmp\Installer-75758784.exe
FirewallRules: [{A2A737A8-2A81-4CBC-A4C9-1D0011B43E0A}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsa433C.tmp\Installer-75758784.exe
FirewallRules: [{CD3098E0-B20D-455D-96A0-EF745BC1EA0F}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsg24D4.tmp\Installer-75758784.exe
FirewallRules: [{00F50087-6DEB-4F7C-9471-647F608E4CDC}] => (Allow) C:\Users\Mike\AppData\Local\Temp\nsg24D4.tmp\Installer-75758784.exe
FirewallRules: [{4C1ED33A-145F-473D-A1D2-656162861410}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DC5\HPDiagnosticCoreUI.exe
FirewallRules: [{7ADB4D15-A431-4EC0-A1D6-C4B896F1CDC8}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4DC5\HPDiagnosticCoreUI.exe
FirewallRules: [{0EFAD61C-0A7D-4F00-B077-6FD835F9468D}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS510C\HPDiagnosticCoreUI.exe
FirewallRules: [{499F1D7F-0004-4142-980F-E6E9D6E3F1B1}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS510C\HPDiagnosticCoreUI.exe
FirewallRules: [{F1462565-863F-44C3-8C93-5B15EFC1C886}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS5872\HPDiagnosticCoreUI.exe
FirewallRules: [{EBDC0087-A194-451B-ABFE-4E96174A828B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS5872\HPDiagnosticCoreUI.exe
FirewallRules: [{F4A29822-B984-4067-96D2-29D637EB0150}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS61A1\HPDiagnosticCoreUI.exe
FirewallRules: [{13E5A8AD-99FF-4841-A30B-04C798FB5C9B}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS61A1\HPDiagnosticCoreUI.exe
FirewallRules: [{986C440F-4E5B-401E-BAD0-2702D77C46B2}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS0907\HPDiagnosticCoreUI.exe
FirewallRules: [{CFAAA29B-2911-4C13-BDBB-B71758C3AC47}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS0907\HPDiagnosticCoreUI.exe
FirewallRules: [{CAB2F508-1ADA-4D3B-A3C5-9E29990C4B37}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS14D0\HPDiagnosticCoreUI.exe
FirewallRules: [{E09F74B2-1BD8-45D0-BAA6-EEBD7212E95D}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS14D0\HPDiagnosticCoreUI.exe
FirewallRules: [{6F3428B0-4613-43CE-9DAA-6780D76A1EF8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{F769298F-60CF-4ACF-95C9-B072401E4D8D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{7BEBEEAA-55C2-4403-8141-7D28F287EFA8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{371CD150-9E82-4739-AAF9-CCC9EF9808C3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{18C6C03B-7EED-4316-9F16-4B3231D6DD94}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8282BDF9-A5C7-4256-91EF-0CFAACA6B07D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{915F6040-1CEC-46FB-9E7A-67883C36AE8C}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4891\HPDiagnosticCoreUI.exe
FirewallRules: [{F34E1DCD-D355-4634-B108-316D9A41B070}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zS4891\HPDiagnosticCoreUI.exe
FirewallRules: [{830D13F7-B487-4CA0-9BD3-B61DD8508ADE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4B451B24-C23B-487E-9729-71AAED2AA4C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C46E8023-B2CF-4135-899E-071B9D771D36}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C93C379A-91E0-4A40-A3D8-399FCC731BB4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2015 10:03:01 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:03:01 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:03:01 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:03:01 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (09/22/2015 10:02:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:02:57 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (09/22/2015 10:02:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:02:57 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/22/2015 10:02:57 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (09/22/2015 10:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3104) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS007C0.log.


System errors:
=============
Error: (09/22/2015 10:03:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/22/2015 10:03:01 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (09/16/2015 08:18:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (09/16/2015 08:18:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (09/16/2015 08:18:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/16/2015 08:18:12 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (09/15/2015 09:23:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/15/2015 09:23:45 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (09/14/2015 11:41:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (09/13/2015 08:56:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2014-09-13 12:13:26.200
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-13 12:13:25.672
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-13 12:13:10.334
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-13 12:13:09.801
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-13 12:12:00.330
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-13 12:11:59.806
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-10 11:05:34.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-10 11:05:34.210
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-10 11:05:33.929
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-10 11:05:33.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 4061.18 MB
Available physical RAM: 1476.81 MB
Total Virtual: 8120.55 MB
Available Virtual: 4868.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:480.04 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5E0DFF55)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt ============================


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a great deal showing, I will do the basic clean and then go from there. Is it just the network that is slow ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tnrux9cn.default-1435250756788\searchplugins\amazon-search-suggestions.xml [2015-07-09]
2011-03-10 23:18 - 2010-10-17 15:17 - 4290744 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1136_upgrade.exe
2011-03-10 23:18 - 2010-11-09 10:17 - 4329496 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_2011_1153_upgrade.exe
2011-03-10 23:18 - 2009-11-18 15:25 - 0891248 _____ (AVG Technologies) C:\Program Files\avg_free_stb_all_9_40_cnet.exe
2012-06-17 12:13 - 2012-06-17 12:13 - 3993600 _____ () C:\Program Files (x86)\GUT9399.tmp
2011-03-12 12:37 - 2011-03-12 12:45 - 0000026 ____H () C:\ProgramData\.119889580931711767808769176
Task: {39DA9E2C-7120-4B0D-9548-385A628B2843} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {BAD60E54-6034-4235-9B52-32F6DA50255D} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {E4FD4C3A-B2D2-43F9-8F77-55FF120504C7} - System32\Tasks\{54C7F1AD-595E-4432-8E2B-62D1FF8FA1CF} => pcalua.exe -a C:\Users\Mike\Downloads\ltpb1setup.exe -d C:\Users\Mike\Downloads
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP