Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus or Malware blocking internet access

internet malware virus blocking access

  • Please log in to reply

#1
Mshoney6

Mshoney6

    Member

  • Member
  • PipPip
  • 11 posts

Hello all,

 

Last week, I was on my laptop online and then out of nowhere it said my internet wasn't working when it showed I was connected but no sites would load. I knew I had a virus or malware, same thing happened to my desktop PC but I had to reinstall Windows and I'm trying not to do that here. 

 

I was able to go to a restore point and everything worked for a few days until last night it started acting up again. I downloaded Malwarebytes Anti-Malware and Gary Utilities 5 onto a USB drive and installed it on my laptop. Both programs found something and resolved it, least I thought but I still can't go online. Right now I'm on my PC typing this so if anyone can help me, please let me know what info you need and I will give you that.

 

 

Thanks!

 

Felicia


  • 0

Advertisements


#2
Ztruker

Ztruker

    Member 5k

  • Technician
  • 7,091 posts

Let's make sure you  are free of malware.

 

Go to the Virus, Spyware, Malware Removal forum, read the first post and follow instructions.

Come back here once you get a clean bill of health if you still have problems.
 


  • 0

#3
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Still having problems...here is the OTL log

 

 

 

OTL logfile created on: 8/18/2014 2:52:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.89 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 50.29% Memory free
4.58 Gb Paging File | 2.10 Gb Available in Paging File | 45.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 439.54 Gb Total Space | 128.94 Gb Free Space | 29.33% Space Free | Partition Type: NTFS
Drive D: | 25.10 Gb Total Space | 2.95 Gb Free Space | 11.74% Space Free | Partition Type: NTFS
Drive E: | 965.58 Mb Total Space | 934.21 Mb Free Space | 96.75% Space Free | Partition Type: FAT32
 
Computer Name: FELICIA | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/18 14:45:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2014/08/06 20:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/04 00:05:14 | 000,793,376 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
PRC - [2014/07/29 17:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Felicia\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/10 15:34:10 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/07/10 15:33:16 | 005,187,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/07/10 15:32:46 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2014/07/10 15:23:36 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/21 22:20:23 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/02 18:52:34 | 002,567,192 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2014/06/02 18:52:34 | 001,808,408 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
PRC - [2014/06/02 18:52:34 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/02/24 16:27:06 | 001,343,408 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013/12/21 12:29:14 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
PRC - [2013/06/27 14:23:31 | 000,366,040 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2013/06/27 14:23:29 | 000,279,000 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/06/27 14:23:27 | 000,165,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/06/27 14:23:27 | 000,131,032 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/07 17:33:08 | 000,581,024 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/07/27 18:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/03/28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/18 13:45:35 | 000,043,008 | ---- | M] () -- c:\users\felicia\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll
MOD - [2014/08/06 20:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/06 20:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/06 20:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
MOD - [2014/08/06 20:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
MOD - [2014/08/06 20:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/08/04 00:05:58 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
MOD - [2014/07/29 17:20:20 | 003,610,624 | ---- | M] () -- C:\Users\Felicia\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/06/02 18:52:34 | 002,567,192 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2014/06/02 18:52:34 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
MOD - [2014/03/20 18:01:48 | 001,603,608 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
MOD - [2013/08/23 12:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Felicia\AppData\Roaming\Dropbox\bin\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/29 15:59:38 | 000,604,512 | ---- | M] (Copyright 2013 SAMSUNG) [Auto | Running] -- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe -- (Samsung Link Service)
SRV:64bit: - [2014/06/19 03:56:34 | 002,356,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/06/11 18:19:38 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/06 04:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/02 19:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/23 19:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 19:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/13 23:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/07 22:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 00:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/24 16:27:06 | 001,343,408 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2014/02/22 08:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 02:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 02:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 02:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 02:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 02:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/21 12:31:20 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:64bit: - [2013/12/10 00:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/22 21:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/10/24 22:16:08 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/10/22 13:15:14 | 000,460,800 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 04:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 04:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 04:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 04:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 04:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 03:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 03:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 02:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 02:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 02:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 02:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 02:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 02:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 02:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 02:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/06/27 14:35:24 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/10 14:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2012/12/10 14:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2014/07/10 15:34:10 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/07/10 15:32:46 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2014/07/10 15:23:36 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/02 18:52:34 | 001,808,408 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/03/13 23:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/30 00:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/24 22:16:11 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/10/24 22:16:08 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/10/24 22:16:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 20:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 19:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/06/27 14:23:31 | 000,366,040 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2013/06/27 14:23:29 | 000,279,000 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/06/27 14:23:27 | 000,165,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/06/27 14:23:27 | 000,131,032 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/07/13 18:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/05/14 10:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 10:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 10:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/18 13:43:53 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/17 23:56:52 | 000,020,672 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/08/15 15:42:41 | 000,157,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys -- (ESETOlmarikOlmascoCleaner)
DRV:64bit: - [2014/07/18 00:11:34 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/30 12:43:18 | 000,270,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014/06/30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/06/02 18:52:34 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/05/31 03:07:07 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/01 06:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/31 23:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/23 19:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 19:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 19:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 20:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 05:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 13:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 09:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 08:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 08:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 08:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 08:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 08:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 05:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/30 00:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/11/10 19:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 04:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/25 18:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/17 03:46:02 | 003,858,944 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/10/05 08:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/29 21:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 20:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 20:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 10:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/17 14:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 14:17:38 | 000,239,296 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2013/09/17 14:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 14:17:38 | 000,157,432 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/09/04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/22 06:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 06:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 05:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 05:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 05:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 05:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 05:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 05:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 05:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 05:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 05:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 05:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 05:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 05:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 05:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 05:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 05:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 05:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 05:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 05:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 05:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 05:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 05:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 05:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 05:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 05:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 05:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 05:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 05:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 04:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 04:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 04:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 04:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 04:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 04:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 04:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 04:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 04:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 04:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 04:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 04:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 04:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 04:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 04:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 04:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 04:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 04:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 04:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 04:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 04:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 04:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 01:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 16:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 17:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 11:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 12:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/27 15:42:11 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/06/27 15:42:05 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/06/27 14:35:25 | 000,542,208 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/06/18 07:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/01/11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 15:48:02 | 000,044,544 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/31 09:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/08/24 02:38:26 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/31 12:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/06/19 08:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/02 13:05:26 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2010/02/02 13:05:26 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{8CE61BFA-8DC8-4D83-8C11-14B3E6F73861}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{8CE61BFA-8DC8-4D83-8C11-14B3E6F73861}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...E-28924A4165D1}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {b7fca997-d0fb-4fe0-8afd-255e89cf9671}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{8CE61BFA-8DC8-4D83-8C11-14B3E6F73861}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{A35B23F3-076C-4184-9F72-3686517AA8AA}: "URL" = http://search.condui...M=2&SSPV=TB_CS7
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...E-28924A4165D1}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\samsung.com/SamsungLinkPCPlugin: C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Felicia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2014/08/15 16:04:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/08/15 16:04:00 | 000,000,000 | ---D | M]
 
[2013/06/27 18:35:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Felicia\AppData\Roaming\mozilla\Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: https://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Angry Birds = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Spotify - Music for every moment = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: Google Search = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Netflix = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.227.0_0\
CHR - Extension: AdBlock = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.12_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.8.7_1\
CHR - Extension: AmazonSmile 1Button for Chrome = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba\1.1.1_0\
CHR - Extension: Google Play Music = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0\
CHR - Extension: Google Play = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Google Maps = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: AVG SafeGuard = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.5.512_0\
CHR - Extension: Google Wallet = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Samsung Link] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Copyright 2013 SAMSUNG)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [AVG-Secure-Search-Update_1113a] C:\Users\Felicia\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=3c408ba4734f47d39d18f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c /CMPID=1113a File not found
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_4540001CD637E23A530E9E360911AD4C] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [MusicManager] C:\Users\Felicia\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Felicia\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Felicia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38982AED-A535-4BC6-B3A5-491F4C4D78A7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79D60ABD-D8C5-4249-B17A-1063C836A8C9}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (BootDefrag.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/18 14:53:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Felicia\Desktop\OTL.exe
[2014/08/18 00:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/08/17 23:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/08/17 23:56:52 | 000,020,672 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2014/08/17 23:56:50 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\BootDefragDriver.sys
[2014/08/17 23:56:49 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\BootDefrag.exe
[2014/08/17 23:56:49 | 000,000,000 | ---D | C] -- C:\Users\Felicia\AppData\Roaming\GlarySoft
[2014/08/17 23:56:49 | 000,000,000 | ---D | C] -- C:\Users\Felicia\AppData\Roaming\DiskDefrag
[2014/08/17 23:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/08/17 23:54:30 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/17 23:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/17 23:51:59 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/08/17 23:51:59 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/08/17 23:51:59 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/08/17 23:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/17 23:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/15 16:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/08/15 15:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/08/15 15:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/08/14 20:24:21 | 000,000,000 | ---D | C] -- C:\Users\Felicia\AppData\Local\Diagnostics
[2014/08/01 19:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2014/08/01 19:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2014/07/30 19:04:50 | 000,000,000 | ---D | C] -- C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[1 C:\Users\Felicia\*.tmp files -> C:\Users\Felicia\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/18 14:45:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Felicia\Desktop\OTL.exe
[2014/08/18 14:25:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/18 13:46:29 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/18 13:44:19 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/18 13:43:53 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/18 13:43:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/18 13:41:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/18 13:41:34 | 3343,929,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/17 23:57:20 | 000,001,112 | ---- | M] () -- C:\Users\Felicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/08/17 23:57:20 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2014/08/17 23:56:54 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2014/08/17 23:56:52 | 000,020,672 | ---- | M] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2014/08/17 23:52:19 | 000,796,126 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/08/17 23:52:19 | 000,161,346 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/08/17 23:52:18 | 000,956,540 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/08/17 23:52:15 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/17 23:39:22 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForFelicia.job
[2014/08/15 22:43:42 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2014/08/15 15:42:41 | 000,157,384 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/08/15 15:02:24 | 000,001,100 | ---- | M] () -- C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/15 15:02:05 | 000,001,072 | ---- | M] () -- C:\Users\Felicia\Desktop\Dropbox.lnk
[2014/08/04 00:06:06 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\BootDefrag.exe
[2014/08/03 12:31:47 | 000,005,120 | ---- | M] () -- C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/02 11:31:12 | 000,001,503 | ---- | M] () -- C:\Users\Public\Desktop\The Sims 4 Create A Sim Demo.lnk
[2014/07/27 21:52:45 | 000,000,869 | ---- | M] () -- C:\Users\Felicia\Desktop\Samsung Link [email protected]
[1 C:\Users\Felicia\*.tmp files -> C:\Users\Felicia\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/17 23:57:20 | 000,001,112 | ---- | C] () -- C:\Users\Felicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/08/17 23:57:20 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/08/17 23:57:20 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2014/08/17 23:56:54 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2014/08/17 23:52:15 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/17 22:55:48 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForFelicia.job
[2014/08/15 22:43:42 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2014/08/15 16:20:12 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/08/15 15:42:41 | 000,157,384 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/08/03 12:31:37 | 000,005,120 | ---- | C] () -- C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/27 21:52:45 | 000,000,869 | ---- | C] () -- C:\Users\Felicia\Desktop\Samsung Link [email protected]
[2014/06/14 23:13:36 | 000,225,456 | ---- | C] () -- C:\Users\Felicia\AppData\Local\rx_image32.Cache
[2014/06/14 23:13:35 | 000,002,108 | ---- | C] () -- C:\Users\Felicia\AppData\Local\rx_audio.Cache
[2014/04/22 21:13:49 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 16:04:24 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/30 00:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/24 21:28:55 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/22 10:50:04 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\MediaDB.dll
[2013/10/22 10:48:02 | 000,707,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ContentDirectoryPresenter.dll
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/23 20:18:54 | 000,046,592 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_thread-vc90-mt-1_47.dll
[2013/07/23 20:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_date_time-vc90-mt-1_47.dll
[2013/07/23 20:18:42 | 000,704,000 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_regex-vc90-mt-1_47.dll
[2013/07/23 20:18:40 | 000,227,840 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_serialization-vc90-mt-1_47.dll
[2013/07/23 20:18:38 | 000,130,048 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_filesystem-vc90-mt-1_47.dll
[2013/07/23 20:18:38 | 000,012,800 | ---- | C] () -- C:\WINDOWS\SysWow64\boost_system-vc90-mt-1_47.dll
[2013/06/27 17:11:21 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
 
========== ZeroAccess Check ==========
 
[2013/11/06 11:09:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 09:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 08:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/05 22:00:32 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\.mono
[2013/06/27 18:23:58 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Ashampoo
[2013/09/23 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\AVG
[2013/09/14 10:33:07 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\AVG2014
[2014/08/16 00:55:54 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\BitTorrent
[2014/08/18 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\DiskDefrag
[2014/08/17 22:45:11 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Dropbox
[2013/12/30 19:12:43 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\EurekaLog
[2014/08/17 23:56:49 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\GlarySoft
[2013/12/30 19:12:43 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\iPod2PC4
[2014/07/24 23:41:10 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Mp3tag
[2014/04/30 22:22:40 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Oracle
[2013/06/20 12:17:02 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Origin
[2013/06/19 00:39:09 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\PerformerSoft
[2014/03/06 22:59:27 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\SAMSUNG
[2014/08/15 20:22:03 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Search Protection
[2014/08/03 12:22:25 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Spotify
[2013/06/18 17:59:39 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Synaptics
[2013/09/14 10:32:27 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\TuneUp Software
[2014/06/05 22:00:30 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\Unity
[2013/06/24 23:50:52 | 000,000,000 | ---D | M] -- C:\Users\Felicia\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Felicia\SkyDrive:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Felicia\SkyDrive (2).old:ms-properties
 
< End of report >
 
 
Here is a copy of the Extras log....
 

OTL Extras logfile created on: 8/18/2014 2:52:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.89 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 50.29% Memory free
4.58 Gb Paging File | 2.10 Gb Available in Paging File | 45.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 439.54 Gb Total Space | 128.94 Gb Free Space | 29.33% Space Free | Partition Type: NTFS
Drive D: | 25.10 Gb Total Space | 2.95 Gb Free Space | 11.74% Space Free | Partition Type: NTFS
Drive E: | 965.58 Mb Total Space | 934.21 Mb Free Space | 96.75% Space Free | Partition Type: FAT32
 
Computer Name: FELICIA | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05124046-1315-42F8-BBEF-4DB9065BF221}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port | 
"{0941E0DF-6F9B-4A6C-8F2E-6ABBB86C352A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{1BD41198-B009-4757-B05F-B8A60943C767}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{237919ED-E37A-4CE1-9570-935600DC08B9}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{298F9B5D-D3FA-466E-BF76-563771E6EDB4}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port | 
"{2A0E4EF4-A8F6-42E7-8756-B11E8F1EF8BA}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 | 
"{32BA69AA-3E7C-4735-B8F1-8DC7DA186611}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 | 
"{58FA820B-E9AD-4D74-8AFE-102E3E1462CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5DA1A5FE-8CFA-4838-A515-4783A047C81C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{70E43837-3738-4FDE-9B50-87B26A61D7F9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{7150DA5D-5683-4208-B7E1-F7E4D9900F50}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{88182902-E132-4163-AC65-9738196C6C22}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{8DEF0CB5-5D2D-4F2C-8600-B3E8EB3B2CA8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6B22759-1CDE-445C-BA87-5075E59A9148}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CE622A56-12F2-4AE7-8F9B-34DE149C516E}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 | 
"{D0282DF7-6B8C-4AAE-9D7E-E7517FDB36AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E0D4060E-F7C8-480A-8697-6992DF3CE5BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | 
"{E2516042-0D6D-4755-93E1-E5504DE3FECD}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 | 
"{E9F7A054-B674-4B10-B3DC-C29B1776AF72}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EB4EFE86-6F65-4E63-B85A-D08B77DEB616}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F43C4779-DFA0-4AA5-A0CB-5171C4F1D8F7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{FC9F8592-97D2-4C83-9227-709899DFA0C8}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0066B4E6-9240-406A-93AA-3D45F79FDDF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{00CEF9E1-EE2D-45C8-9273-6A7D4E509934}" = dir=in | name=juniper networks junos pulse | 
"{02416A7B-F086-4F20-98BE-CFF1B5C972E1}" = dir=in | name=skype | 
"{03AA3C27-C4DC-4B3D-99D0-0F7CF85A8B24}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{058083C3-B237-458E-B4C7-F59048B79795}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{095143A3-29CA-4B66-9458-6EC646564653}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{0D05444B-EC86-4AF7-A532-66804A45BF87}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{17903187-F1F4-4BF0-BCE1-061E37E861C1}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{179BBEA1-B623-4807-A63C-851DD528BD07}" = dir=in | name=f5 vpn | 
"{184FEE46-1F1F-4397-8430-E8190BA0840F}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 | 
"{1BC1550C-726C-4717-B48D-79C3FC5F015A}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{1C5F5938-F823-4AFB-9A59-21A4C030B0CC}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{2879A544-0B1B-45AC-B83A-EEC2F9E20593}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{28911C8B-477D-414B-9F86-F3C25B895832}" = dir=out | name=hp all-in-one printer remote | 
"{29736090-9B7F-4314-887E-0B745FF53E5B}" = protocol=17 | dir=in | app=c:\users\felicia\appdata\roaming\bittorrent\bittorrent.exe | 
"{29C7E323-BE44-4EB7-93AC-5368D0283EAB}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{2AE9824A-3637-4535-8B63-875BD2D724F1}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{2B12C318-365F-43D7-B35E-E18C1B9DA192}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{2CA45CAF-3D6C-404C-8EF9-10CA67E17F2E}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{2D4D0942-E758-4C40-88CE-B821DF3F3CD7}" = dir=out | name=iheartradio | 
"{2E38E166-1AA4-43DB-AB85-ED634B36EF9F}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{2EA8A4CC-F5FB-4BEC-BC02-AD5608D96B0E}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{2F457B98-1869-4777-BABD-4D4AF7E1DECE}" = dir=out | name=microsoft solitaire collection | 
"{2F9F6A6A-3EB1-43A2-A2CD-6DEF5EB50758}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{2FC73AB4-F937-4004-9D08-A16B9C948986}" = dir=out | name=@{microsoft.zunevideo_2.6.215.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{30B99218-C394-48D0-B46F-7EF8F4B488FA}" = dir=out | name=vlc for windows 8 | 
"{3138898B-4F68-4C5E-BCEB-68632681CD00}" = dir=in | name=microsoft mahjong | 
"{31B28674-49CF-4506-BE80-87E7EE84F895}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{3283620D-317A-43F9-8E99-F32B255E7416}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\the sims 4 create a sim demo\game\bin\ts4cas.exe | 
"{334AF2B7-A799-40A8-8397-C76FDD7900A3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{33F44362-AF73-4373-8C78-698D55D807CC}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{34535075-4741-4391-8BA3-9409B2E6159C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 | 
"{38C3BA91-7EA2-4271-AE68-4033EF6B8C94}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{38D6C7A1-CDC4-4ABA-877D-04E2DB09501A}" = dir=in | name=sonicwall mobile connect | 
"{38E51806-E76E-4F36-81B3-8E0C03726B09}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{3CF6E1EC-C675-4E9E-896B-5720846E904F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{3E80D5A1-FE6E-4FA9-9E8C-3B643C7BFF7B}" = dir=out | name=netflix | 
"{3F575C57-1E7F-4CDE-8914-105158FEF33F}" = dir=out | name=check point vpn | 
"{415D7F62-1AAC-4EDB-9718-D2AEE6D4BD24}" = dir=out | name=instagram now | 
"{4237CD89-3C51-4433-AA4D-7295DE342575}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{423837FC-F3F3-4BAF-A2DB-9225B7E2D3C1}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{43B00067-BCDB-4152-99A6-BD94F72BC404}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{4497EBC1-DAAA-4863-B55C-E132AA4BFD4F}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{44C08654-0557-4ABE-A3B7-6E5CE107D7B0}" = dir=out | name=microsoft mahjong | 
"{4543D237-1CFC-4656-AF4E-3EBE17FC5E68}" = protocol=17 | dir=in | app=c:\users\felicia\appdata\roaming\dropbox\bin\dropbox.exe | 
"{454A6DF9-51C6-4350-B3C0-C0A15B29CEBF}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{4615CB0F-F79E-4260-BF2B-3510A5CF9AC4}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{46D571E1-15CD-4C4F-B76F-BB66BDE7B999}" = protocol=6 | dir=out | app=system | 
"{48212C13-9A28-461A-960F-009071318DE4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4C849062-E913-45E0-BF6F-84433BB8D953}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4D9D8025-EB6F-4BC6-BE5F-4310C026FB42}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe | 
"{4E58A269-EDA7-42E2-B25E-6A5447B2ED71}" = dir=out | name=check point vpn | 
"{4EC8F651-A1F0-405B-93C8-7D3DDFEEDE65}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{4F4E1774-E8A8-49C0-9D3D-D4C0B5AE1C1A}" = dir=out | name=kindle | 
"{502990AE-B63C-43A9-A55B-D59B880F404B}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{5106C841-2064-4A6B-86C4-876022C38C2F}" = dir=out | name=kindle | 
"{5187D147-FCE6-4E10-A8E1-1EB5B29EB84C}" = dir=out | name=iheartradio | 
"{530E59DE-E801-4289-9E90-3F498A6A63F7}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{53B4603B-35EE-4509-A316-868EDB87B11D}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.21\allshareframeworkdms.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{57353ED7-FFF5-4356-B5C7-C2156FCCDE63}" = dir=in | name=microsoft solitaire collection | 
"{573A25A2-73D9-4032-9F0C-16131EF6F4D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A613DC5-5DEE-4F5F-BF62-116B427E48FB}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{5AAC3264-E130-4AF4-A044-53784FA2138E}" = dir=out | name=skype | 
"{5B5B2E8E-88CD-48AB-9BA8-76ECD35365B1}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{5BBB10D0-A3FF-43EB-A1D5-FA841012A71F}" = dir=in | name=check point vpn | 
"{5BC856E0-563A-4A0D-A629-37D9F81A7140}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{5CE76DB5-053B-467A-9D15-D94E2C6B98F2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\the sims 4 create a sim demo\game\bin\ts4cas.exe | 
"{5D66D724-C99E-4475-B7B6-3BE02B3D27EC}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{5E1E5333-547B-4259-A430-376E2D7A8D47}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{61AFF68D-0B6A-45B1-B2F1-A5F7E02A1323}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{6439E4B5-D66F-4EAD-87AC-CE54816DDA04}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{66107E8A-1E92-49CB-B496-5DC7D6B85B22}" = dir=out | name=skype | 
"{6A17A0E9-6461-4E40-A90F-0B14027E108C}" = protocol=6 | dir=in | app=c:\users\felicia\appdata\roaming\bittorrent\bittorrent.exe | 
"{6CC0C736-35A5-4927-964D-6C80BCA5E47E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{6F9195B0-B3D6-4318-B3FE-9B7FE0BEDA20}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{714E0B80-CE5F-4E89-B68B-4197A40C821A}" = dir=out | name=f5 vpn | 
"{71AEF859-2900-4747-B877-4ABE13FA31A7}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{71F1CEBE-492B-4859-AAD2-2E310D3C9A8D}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{7383E07A-CFCC-46DD-B505-5A03B5D2B1BB}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{74151C18-BC6C-4FAA-B5B2-34FEF8BB8989}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{7553A2D3-A80E-4F45-85F4-0530EBE95240}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} | 
"{75874A3B-A5FA-4855-9032-645C1F43B1D7}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{76A46E3A-F463-4039-95F0-AB53FA5E4019}" = dir=out | name=hp registration | 
"{7809FBC9-CBC1-4ADA-8899-C51C9677B795}" = dir=out | name=@{35135twoguysandaapp.youtubenow_1.0.0.7_neutral__xc3b11gcg8yyg?ms-resource://35135twoguysandaapp.youtubenow/resources/displayname} | 
"{7885AD45-5FB0-41E4-96DB-A488CB326186}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{7A96C598-B0B6-4C7C-9469-F856B984C20A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7E0C1121-6983-4850-B738-7B06C4C39C99}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{7E5F5CB7-4BED-4DC2-A8C3-98730B96F833}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{80D0DC84-05A7-4C49-9520-C9AA19169918}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{816CAF8A-0DB0-4901-9E56-E203DA38081A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{819B12DC-8C81-4ACF-A347-EBA2F4BCE1D5}" = dir=in | name=juniper networks junos pulse | 
"{834B66D1-4581-403F-B412-3E70DA0053AA}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{835D87ED-C7E5-4DE8-BC0D-FD34CCA1CEBD}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{86D277AB-2462-425F-82E3-626318F506A5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{89B5980E-379C-4B90-96FC-8888E1CE76BC}" = dir=out | name=hp connected photo powered by snapfish | 
"{89BD2410-729F-48EC-B311-544DC76CA57A}" = dir=in | name=ebay | 
"{8A21F825-38A9-413F-9E7B-8F55864CB95A}" = dir=in | name=hp all-in-one printer remote | 
"{8CE2684C-6D3F-4A13-858E-72B44D3DB009}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{8DB53D88-BF6C-4746-8DA3-A5F0308E53F8}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{8FBF84BD-7DAB-41E3-A7B1-51B6BC27A640}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{90288DC4-36B4-4EFE-A7A2-737E1740E54D}" = dir=out | name=windows_ie_ac_001 | 
"{90C4F05E-FB52-4C04-AAA4-086823B9535B}" = dir=in | name=hp connected photo | 
"{97630257-6FCD-427C-BA60-5D89A0DC7A31}" = dir=in | name=check point vpn | 
"{98018565-5A1B-4A28-9418-31C8285E834E}" = dir=out | name=sonicwall mobile connect | 
"{9889E470-8C49-4933-8D9B-4358A71C0DF3}" = dir=out | name=sonicwall mobile connect | 
"{996ACC1C-63F2-4206-BE63-71557FC80BC1}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{9B892A28-EAEC-4BFB-8E69-4D10B9823929}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9D324CBA-E82F-4607-9C78-98A792D73090}" = dir=out | name=@{microsoft.bingsports_3.0.2.317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{A1BCFA56-83A0-47BF-AB6E-3BF576D14332}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{A3101896-66A5-45A4-870C-F7ECE2FDA7C1}" = dir=out | name=movie planet | 
"{A4E20F19-9E8B-4335-8F76-D89B6F5F9B7C}" = protocol=6 | dir=in | app=c:\users\felicia\appdata\roaming\dropbox\bin\dropbox.exe | 
"{A5542C47-55DC-4D5C-ADE4-9DE408338FE2}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{A76614D8-41C1-4B3E-9974-958C1A57352D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A77701E0-388B-4FA3-A3FD-3938174CC945}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A7B474E2-D06D-4381-8C0F-D26002ADEF87}" = dir=out | name=ebay | 
"{A8E9C872-5F91-4F62-A74E-52B4A3698B56}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{A96DC9E8-4C9D-4792-BE0E-ECE33F3C0398}" = dir=out | name=getting started with windows 8 | 
"{A9988800-DBE3-4B38-88F6-2C7B96E3F35B}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{AA17E4B3-D56E-4E3B-8417-D5C6BA22B1DC}" = dir=in | name=hp+ | 
"{AB4C2831-5F19-4D34-A66D-C411E07A984F}" = dir=out | name=windows_ie_ac_001 | 
"{AD8ABB0D-8550-4B54-9BB4-3A144AA475EC}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} | 
"{B7B7FDF3-E4EA-48EA-9C79-7020C97F38FA}" = dir=out | name=@{microsoft.zunevideo_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{B7D0621E-C785-452E-B5AE-EF6C4F66D32E}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{BA10A9BA-A84E-44AE-9C74-5E7856F55DE7}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{BBA514BF-292B-4B2B-9791-CEC204184782}" = dir=in | name=kindle | 
"{BBBFFA6B-204C-4548-9F11-B6BBD581B037}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{BC3C9FA2-780A-40AB-8C40-26F75AF7F109}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{BD494D2A-9A74-4451-B3F9-C4E485D1C3FA}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{BD5B71D3-44E7-449D-9BAE-FFCD049DE49E}" = dir=out | name=@{microsoft.zunemusic_2.2.931.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{BD9DA5A2-F6AD-4573-A077-4466766DD470}" = dir=out | name=@{microsoft.zunemusic_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{BE50CB51-5FE3-47D1-813D-AA810AF3C6F5}" = dir=out | name=microsoft mahjong | 
"{C0119DC7-351C-47D1-BD82-4D421B1DBB2F}" = dir=out | name=f5 vpn | 
"{C03EFEB8-0152-4AD1-9315-6EBD77CB1368}" = dir=in | name=f5 vpn | 
"{C1D9C890-DBF5-4FBD-8A48-16F5573D0987}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{C267D089-0269-4E6E-8D3B-7D7143AD056E}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{C2A8C8C8-A311-467B-A2AE-77294C4DCDA5}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.21\allshareframeworkdms.exe | 
"{C489CC79-6824-43B5-8CA6-22AFEF461AF3}" = dir=out | name=hp+ | 
"{C49A823D-2D46-4857-99BB-695D1872B5AD}" = dir=out | name=facebook | 
"{C758124D-4684-4BBB-BA60-4986963A8ADC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{C790227F-8A16-4B5C-B02F-497E933FCF9C}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{C8CE602F-A4C8-429A-9491-FC4C699C346A}" = dir=out | name=hp+ | 
"{C92AA962-1E5B-4C1E-9F38-D25D57E3EFCC}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{C982D45A-4703-46E1-A55A-3B1DC0726EEC}" = dir=out | name=norton studio | 
"{CD3EFAC8-E8D4-4BDB-B90B-3D59E66A608A}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{CF79BE13-39D9-4D57-89F1-04C7B4CA124F}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{D0E3085E-5D87-4FCA-90F8-5DEC805A99FD}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DBFAAEBF-4B9B-4E2E-B470-B6FA8EFD42D1}" = dir=in | name=sonicwall mobile connect | 
"{DC829020-47BB-4E03-9093-74B233E5C9D9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{DCC2DAB5-84FB-4830-A8BF-FDE02576EFFA}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | 
"{DDC028F8-CE7E-43A8-9BD9-79EFF0A6037A}" = dir=out | name=microsoft solitaire collection | 
"{E0265778-7C0F-48B4-9A7D-B6F0C221227F}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe | 
"{E0FA9DD3-CBD0-48A5-A2B4-02569652847F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{E13A50E3-627B-4037-ACFC-FADAD33568F6}" = dir=out | name=windows 8 cheat keys | 
"{E3F3373C-1339-451E-B753-06F47A7886A1}" = dir=out | name=netflix | 
"{E447B3E0-809D-4CF7-A265-50A2133AABB2}" = dir=out | name=tmz | 
"{E453ECD7-5DAC-4A64-9CDF-C2F90D46D966}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{E5E29AAA-E6A7-484D-93D0-5F633939F978}" = dir=in | name=skype | 
"{E6418490-6634-484D-BD66-B3CED2A644EE}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E959F138-7DAE-41BA-8AB5-EF57C3D3326C}" = dir=out | name=hp connected photo | 
"{E9C53AEA-AC7F-4B02-AA7B-A026759A11F1}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{EA58DCCE-5513-48DB-8440-725B31922807}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{EBB16B3E-4658-4C6E-82B0-785D0CECEFAE}" = dir=out | name=juniper networks junos pulse | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EDB2770C-5457-4625-BCCA-895F6370E523}" = dir=out | name=juniper networks junos pulse | 
"{EE437F3C-A265-4447-A406-39B0685931BF}" = dir=out | name=twitter | 
"{EF633543-FB30-4F98-A44D-CDC1E034B48C}" = dir=out | name=hp registration | 
"{F3C67A2A-F1B7-4468-9B2C-3B73B5C942E8}" = dir=in | name=vlc for windows 8 | 
"{F3EEF10E-A73B-433D-BDAE-5FF440422D09}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{F6139886-B832-4EA9-9BC1-C3E43B70B098}" = dir=out | name=hulu plus | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F6AA4555-7493-4488-8DFC-1DA65D254B69}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F8AED6E7-4BB5-48C0-84A3-01213C799B73}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe | 
"{FD60775F-8FD5-476D-B2A2-9DF843683B96}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FD99938A-F966-4AE7-862C-0B1E18960FB8}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FE5097E3-770E-422E-BDCE-67B09246E237}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe | 
"TCP Query User{07BFA0A5-E3A8-4622-ACF7-94F911B7AD5D}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe | 
"TCP Query User{284531E9-AAB0-4BF8-B4B7-4F4524A4ECB5}C:\users\felicia\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\felicia\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{6154C1A2-9E82-4BF8-A238-1CDC0713B6A9}C:\users\felicia\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\felicia\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{DC111132-0715-4231-9D78-095DE64650DC}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{E08DF7C5-7212-482C-90AC-1B118CE6F7EA}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{9304A268-F869-4087-A8D8-A7F4CDAEB8EE}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe | 
"UDP Query User{97A9F413-2AFE-4D2C-9EBF-76527043C07F}C:\users\felicia\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\felicia\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{A08938C7-D024-4E85-B715-99B13BDCDCFE}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{BEDCCA79-D576-4B73-AD35-9C719C12E3C8}C:\users\felicia\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\felicia\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{E593E528-81F7-4046-A90F-0B94C13B2538}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6C9778CB-2167-402E-B37E-10431C01F4C4}" = AVG 2014
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{83232C27-8C3F-44A5-9EB2-BB7161228ADD}" = AllShare Framework DMS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{F763D68B-B8D6-4C16-84EE-A2D990C5C639}" = AVG 2014
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"{FBC0F617-1AA0-4483-8153-3FD97FE01D9E}" = ESET NOD32 Antivirus
"8474-7877-9059-0204" = Samsung Link 2.0.0.1407291559
"AVG" = AVG 2014
"O365HomePremRetail - en-us" = Microsoft Office 365 - en-us
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 55
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}" = Roxio Creator Premier 10
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F8C5AA-91BD-423D-BF05-09A80F39898F}" = HP CoolSense
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6908ED99-F02B-4E99-A202-3FAC99C510ED}" = The Sims™ 4 Create A Sim Demo
"{6B240712-47E6-43A6-930D-F7568A70086F}" = HP MyRoom
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75939021-3B68-419D-8DC1-E9823BFF9658}" = Google Drive
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A9FC225-75F6-4B5D-911C-0ED230565643}" = HP Product Detection
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D044EBE7-94E7-4C49-90FC-9069E3F374E1}" = HP Documentation
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5823036-6F09-4D0A-B05C-E2BAA129288A}" = HP Quick Launch
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Glary Utilities 5" = Glary Utilities 5.5
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"iPod2PC_is1" = iPod2PC 4.0.0.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Basic)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mp3tag" = Mp3tag v2.55a
"Origin" = Origin
"PS3 Media Server" = PS3 Media Server
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"VLC media player" = VLC media player 2.0.7
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-03c088e5-6f05-4c5f-824a-e7ef0622b000" = Peggle Nights
"WTA-0687b7b5-eeca-440b-8956-aa5e76eef61d" = Governor of Poker 2 Premium Edition
"WTA-08717eef-7172-41c7-8045-65f1a1541463" = Penguins!
"WTA-25a1e915-1619-4be2-af65-979a6ecd1e12" = Jewel Match 3
"WTA-323a33cc-5be4-424b-9ede-0d6c5f392791" = Build-a-lot 4 - Power Source
"WTA-324523b6-fcd8-4f95-9866-0674324cef10" = John Deere Drive Green
"WTA-37126795-e154-4107-ac82-ef2acae023ce" = Polar Golfer
"WTA-3f2a869f-38c6-476d-95ea-1d3d3c41d434" = Polar Bowler
"WTA-4ef39da8-440c-4f33-a274-6ec70307fbfe" = Cradle Of Egypt Collector's Edition
"WTA-50974db8-9605-4c57-b7ae-f6b21a48b225" = Cradle of Rome 2
"WTA-567f3a53-e988-4704-8a21-4deb85fcdab7" = Mahjongg Dimensions Deluxe: Tiles in Time
"WTA-69f1ae75-2f1f-456a-b752-1e88b2bd5bd0" = FATE: The Cursed King
"WTA-6a827e16-27da-492a-ac78-9d14be743865" = Final Drive Fury
"WTA-7401ee2f-a80e-4e24-acb0-6a65a88c4d29" = Vacation Quest™ - Australia
"WTA-79e02c81-8030-4b00-9d81-23b3781ad890" = Luxor Evolved
"WTA-81ce5905-9d1c-4ff1-bcb7-0786a76a6a47" = Bejeweled 3
"WTA-8aceb4b0-4dfb-468c-95ad-355aab45e4f0" = Zuma's Revenge
"WTA-9fd02237-2711-41dc-ab97-199572032ea7" = Farm Frenzy
"WTA-a1c29d3b-2faf-43b2-9535-039e5c3a51c4" = Hoyle Card Games
"WTA-ba1f01f3-6ca1-4bc2-bdee-5aecd8570cf7" = Mortimer Beckett and the Crimson Thief Premium Edition
"WTA-baa2e49c-40d3-4240-a1e3-8244f3a21cd2" = Tales of Lagoona
"WTA-bae0b55c-cb5f-4f3f-92f7-9dd44fd62a42" = 4 Elements II
"WTA-c63029a2-238f-45db-85c4-6ea662de22ba" = Chuzzle Deluxe
"WTA-d3877317-a157-4968-9d17-0144a6d2397b" = Roads of Rome 3
"WTA-e430bb87-ea8c-4f48-b511-3e7b084f3b0b" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-e54ad352-d840-47a7-9e48-36a77e7e17f4" = FlatOut 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"404b9336c7552828" = Flixster
"BitTorrent" = BitTorrent
"Dropbox" = Dropbox
"HPConnectedMusic" = HP Connected Music (Meridian - player)
"MusicManager" = Music Manager
"Search Protection" = Search Protection
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/18/2014 1:44:56 AM | Computer Name = Felicia | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped 
interacting with Windows and was closed. To see if more information about the problem
 is available, check the problem history in the Action Center control panel.    Process
 ID: 1608    Start Time: 01cfbaa6c68edbfb    Termination Time: 4294967295    Application Path:
 C:\WINDOWS\system32\backgroundTaskHost.exe    Report Id: bdddf51e-269a-11e4-bedf-28924a4165d1
 
Faulting
 package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt    Faulting package-relative
 application ID: App  
 
Error - 8/18/2014 1:50:11 AM | Computer Name = Felicia | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 8/18/2014 1:55:06 AM | Computer Name = Felicia | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 8/18/2014 1:55:06 AM | Computer Name = Felicia | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 8/18/2014 1:56:03 AM | Computer Name = Felicia | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 8/18/2014 2:30:13 AM | Computer Name = Felicia | Source = Application Error | ID = 1000
Description = Faulting application name: egui.exe, version: 7.0.317.0, time stamp:
 0x530b636e  Faulting module name: ToastNotify.dll, version: 7.0.317.0, time stamp:
 0x530b63fa  Exception code: 0xc0000005  Fault offset: 0x000000000000dbca  Faulting process
 id: 0x113c  Faulting application start time: 0x01cfbaa75f268387  Faulting application
 path: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe  Faulting module path: 
C:\Program Files\ESET\ESET NOD32 Antivirus\ToastNotify.dll  Report Id: 1b977d65-26a1-11e4-bedf-28924a4165d1
Faulting
 package full name:   Faulting package-relative application ID: 
 
Error - 8/18/2014 2:31:14 AM | Computer Name = Felicia | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 8/18/2014 2:31:14 AM | Computer Name = Felicia | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13922
 
Error - 8/18/2014 2:31:14 AM | Computer Name = Felicia | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13922
 
Error - 8/18/2014 9:28:56 AM | Computer Name = Felicia | Source = Application Error | ID = 1000
Description = Faulting application name: Hpservice.exe, version: 4.2.9.1, time stamp:
 0x50607d15  Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp:
 0x53649e73  Exception code: 0xc0000008  Fault offset: 0x00000000000f3b3c  Faulting process
 id: 0x4d8  Faulting application start time: 0x01cfb9f21ed16125  Faulting application
 path: C:\WINDOWS\system32\Hpservice.exe  Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report
 Id: 9a3e2f18-26db-11e4-bedf-28924a4165d1  Faulting package full name:   Faulting package-relative
 application ID: 
 
[ System Events ]
Error - 8/11/2014 3:23:35 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/11/2014 3:23:35 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/11/2014 3:23:42 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/12/2014 3:49:05 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/12/2014 3:49:05 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/12/2014 3:49:05 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/12/2014 3:49:12 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/12/2014 3:49:13 AM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/14/2014 11:50:58 PM | Computer Name = Felicia | Source = DCOM | ID = 10010
Description = 
 
Error - 8/14/2014 11:51:46 PM | Computer Name = Felicia | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the ClickToRunSvc service.
 
 
< End of report >
 

Edited by Mshoney6, 18 August 2014 - 04:17 PM.

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Mshoney6,

Welcome to the Geekstogo Malware Removal forum.

I can see some stuff in those logs that we should deal with but before we do I would like some more information.

Please download Rkill by Grinler and save it to your desktop.

  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • When the scan is done Notepad will open with rKill log. Please copy and past that in your reply.

Note: rKill.txt log can also be found on your desktop.

After that

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

So when you return please post

  • rKill.txt
  • FRST.txt
  • Addition.txt

 


  • 0

#5
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

rKill:

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/18/2014 08:19:51 PM in x64 mode.
Windows Version: Windows 8.1 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * HdAudAddService [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/18/2014 08:21:11 PM
Execution time: 0 hours(s), 1 minute(s), and 19 seconds(s)
 
 
 
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Felicia (administrator) on FELICIA on 18-08-2014 20:23:44
Running from C:\Users\Felicia\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Dropbox, Inc.) C:\Users\Felicia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\MemfilesService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-27] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-06-27] (Synaptics Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [596320 2014-07-29] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-14] (Sonic Solutions)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-02] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-08-02] (Electronic Arts)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [Spotify] => C:\Users\Felicia\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-23] (Spotify Ltd)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GoogleChromeAutoLaunch_4540001CD637E23A530E9E360911AD4C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-08-04] (Glarysoft Ltd)
HKU\S-1-5-21-3063917891-727150995-71849236-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *  BootDefrag.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {8CE61BFA-8DC8-4D83-8C11-14B3E6F73861} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...E-28924A4165D1}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {8CE61BFA-8DC8-4D83-8C11-14B3E6F73861} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...E-28924A4165D1}
SearchScopes: HKCU - DefaultScope {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKCU - {8CE61BFA-8DC8-4D83-8C11-14B3E6F73861} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKCU - {A35B23F3-076C-4184-9F72-3686517AA8AA} URL = http://search.condui...M=2&SSPV=TB_CS7
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...E-28924A4165D1}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felicia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR StartupUrls: "hxxp://search.easylifeapp.com/", "hxxp://search.conduit.com/?ctid=CT3227981&SearchSource=48&CUI=UN30787751171803018&UM=2&sspv=TB_TH2", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={FE2C1E2D-DF86-11E2-BE7E-28924A4165D1}", "hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN10543546958101235&UM=2", "hxxp://mysearch.avg.com/?cid={8B68805B-1A27-4851-97C1-FE68245992D4}&mid=154bebe5136347d39d20f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c&lang=en&ds=AVG&pr=pr&d=2013-09-14 10:32:23&v=15.4.0.5&pid=safeguard&sg=0&sap=hp", "hxxp://search.easylifeapp.com/|hxxp://search.conduit.com/?ctid={C9C9CE47-A095-4D16-9E30-6B9E99BD86C2}&SearchSource=48&CUI=UN30787751171803018&UM=2&sspv=18.0.5.292&st=12&crg=3.5000006.10045&barid={FE2C1E2D-DF86-11E2-BE7E-28924A4165D1}|hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN10543546958101235&UM=2|hxxp://mysearch.avg.com/?cid={C9C9CE47-A095-4D16-9E30-6B9E99BD86C2}&mid=3c408ba4734f47d39d18f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c&lang=en&ds=AVG&pr=pr&d=2013-09-14 10:32:23&v=15.4.0.5&pid=safeguard&sg=0&sap=hp", "hxxp://mysearch.avg.com?cid={C9C9CE47-A095-4D16-9E30-6B9E99BD86C2}&mid=3c408ba4734f47d39d18f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-12 12:18:37&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={C9C9CE47-A095-4D16-9E30-6B9E99BD86C2}&mid=3c408ba4734f47d39d18f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-12 12:18:37&v=18.1.5.512&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={C9C9CE47-A095-4D16-9E30-6B9E99BD86C2}&mid=3c408ba4734f47d39d18f9db0ca58c22-33a866a0906dbcbc29e06916ab4b8e1cda037c9c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-12 12:18:37&v=18.1.7.598&pid=safeguard&sg=&sap=hp"
CHR Extension: (Angry Birds) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-21]
CHR Extension: (Google Docs) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-21]
CHR Extension: (Google Drive) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-21]
CHR Extension: (Facebook) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-21]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-21]
CHR Extension: (Google Search) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-21]
CHR Extension: (Netflix) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-03-21]
CHR Extension: (Google Play Music) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-30]
CHR Extension: (AdBlock) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-21]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-03-21]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-05-29]
CHR Extension: (Google Play Music) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-03-21]
CHR Extension: (Google Play) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-03-21]
CHR Extension: (Google Maps) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-03-21]
CHR Extension: (AVG SafeGuard) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-21]
CHR Extension: (Gmail) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-21]
CHR HKCU\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx [2014-03-21]
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165336 2013-06-27] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [604512 2014-07-29] (Copyright 2013 SAMSUNG)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-02] (AVG Secure Search)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 ESETOlmarikOlmascoCleaner; C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [157384 2014-08-15] ()
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20672 2014-08-17] (Glarysoft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 20:23 - 2014-08-18 20:24 - 00032412 _____ () C:\Users\Felicia\Desktop\FRST.txt
2014-08-18 20:23 - 2014-08-18 20:23 - 00000000 ____D () C:\FRST
2014-08-18 20:19 - 2014-08-18 20:21 - 00002702 _____ () C:\Users\Felicia\Desktop\Rkill.txt
2014-08-18 20:19 - 2014-08-18 20:19 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill64.com
2014-08-18 20:18 - 2014-08-18 20:18 - 00000612 _____ () C:\Users\Felicia\Desktop\FRST64.exe - Shortcut.lnk
2014-08-18 20:18 - 2014-08-18 19:44 - 02101760 _____ (Farbar) C:\Users\Felicia\Desktop\FRST64.exe
2014-08-18 20:18 - 2014-08-18 19:44 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.exe
2014-08-18 20:18 - 2014-08-18 19:32 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.com
2014-08-18 15:24 - 2014-08-18 15:24 - 00000000 ___HD () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-08-18 14:53 - 2014-08-18 14:45 - 00602112 _____ (OldTimer Tools) C:\Users\Felicia\Desktop\OTL.exe
2014-08-18 00:43 - 2014-08-18 00:43 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-17 23:57 - 2014-08-17 23:57 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00001088 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-17 23:56 - 2014-08-18 13:41 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\DiskDefrag
2014-08-17 23:56 - 2014-08-17 23:56 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-08-17 23:56 - 2014-08-17 23:56 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-08-17 23:56 - 2014-08-17 23:56 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-08-17 23:56 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\GlarySoft
2014-08-17 23:56 - 2014-08-04 00:06 - 00118048 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2014-08-17 23:56 - 2014-07-18 00:11 - 00017600 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys
2014-08-17 23:55 - 2014-08-17 23:57 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-17 23:54 - 2014-08-18 13:43 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 23:52 - 2014-08-17 23:52 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 23:52 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 23:51 - 2014-08-17 23:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 23:51 - 2014-08-17 23:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 23:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-17 23:51 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-17 23:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-17 23:39 - 2014-08-17 23:39 - 00000000 ____H () C:\Users\Felicia\BITC54A.tmp
2014-08-17 22:55 - 2014-08-17 23:39 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job
2014-08-17 01:08 - 2014-08-01 17:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-17 01:08 - 2014-08-01 17:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 23:13 - 2014-08-15 23:14 - 91691704 _____ (Copyright 2013 SAMSUNG) C:\Users\Felicia\Downloads\SamsungLink_Installer64.exe
2014-08-15 22:43 - 2014-08-15 22:43 - 00000998 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-08-15 16:31 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 16:31 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 16:31 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 16:31 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 16:31 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 16:31 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 16:31 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 16:31 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 16:31 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 16:31 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 16:28 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 16:28 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 16:23 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 16:23 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 16:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 16:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 16:23 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 16:23 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 16:23 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 16:23 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 16:23 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 16:23 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 16:23 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 16:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 16:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 16:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 16:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 16:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 16:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 16:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 16:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 16:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 16:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 16:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 16:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 16:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 16:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 16:22 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 16:22 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 16:22 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 16:22 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 16:22 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 16:22 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 16:21 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 16:21 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 16:20 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 16:20 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 16:20 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 16:20 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 16:20 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 16:20 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 16:20 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 16:20 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 16:20 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 16:20 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 16:20 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 16:20 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 16:20 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 16:20 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 16:20 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 16:20 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 16:20 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 16:20 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 16:20 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 16:20 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 16:20 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 16:20 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 16:20 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 16:20 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 16:20 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 16:20 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 16:20 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 16:20 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 16:20 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 16:20 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 16:20 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 16:20 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 16:20 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 16:20 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 16:20 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-15 15:42 - 2014-08-15 15:42 - 00157384 _____ () C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\ProgramData\ESET
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\Program Files\ESET
2014-08-03 12:31 - 2014-08-03 12:31 - 00005120 _____ () C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-01 19:37 - 2014-08-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-08-01 19:36 - 2014-08-01 19:37 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-08-01 19:31 - 2014-08-01 19:35 - 54431910 _____ () C:\Users\Felicia\Downloads\pms-1.90.1-setup-full-x64.exe
2014-07-27 21:52 - 2014-07-27 21:52 - 00000869 _____ () C:\Users\Felicia\Desktop\Samsung Link [email protected]
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 20:24 - 2014-08-18 20:23 - 00032412 _____ () C:\Users\Felicia\Desktop\FRST.txt
2014-08-18 20:23 - 2014-08-18 20:23 - 00000000 ____D () C:\FRST
2014-08-18 20:21 - 2014-08-18 20:19 - 00002702 _____ () C:\Users\Felicia\Desktop\Rkill.txt
2014-08-18 20:19 - 2014-08-18 20:19 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill64.com
2014-08-18 20:18 - 2014-08-18 20:18 - 00000612 _____ () C:\Users\Felicia\Desktop\FRST64.exe - Shortcut.lnk
2014-08-18 20:17 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-18 19:44 - 2014-08-18 20:18 - 02101760 _____ (Farbar) C:\Users\Felicia\Desktop\FRST64.exe
2014-08-18 19:44 - 2014-08-18 20:18 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.exe
2014-08-18 19:32 - 2014-08-18 20:18 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.com
2014-08-18 19:25 - 2013-06-18 18:40 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 17:52 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-18 17:48 - 2013-06-18 18:01 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{237D341E-28DE-46DC-8794-EA214BDDCE88}
2014-08-18 17:44 - 2013-09-14 10:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-18 15:50 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-18 15:24 - 2014-08-18 15:24 - 00000000 ___HD () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-08-18 14:54 - 2013-10-24 22:02 - 01928998 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-18 14:45 - 2014-08-18 14:53 - 00602112 _____ (OldTimer Tools) C:\Users\Felicia\Desktop\OTL.exe
2014-08-18 14:19 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-18 14:09 - 2013-06-18 18:09 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3063917891-727150995-71849236-1001
2014-08-18 13:46 - 2014-03-21 23:13 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-18 13:44 - 2014-04-13 14:14 - 00000000 __RDO () C:\Users\Felicia\SkyDrive
2014-08-18 13:44 - 2013-06-18 18:40 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 13:43 - 2014-08-17 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 13:41 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\DiskDefrag
2014-08-18 13:41 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-18 06:29 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-18 00:45 - 2014-03-03 01:07 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-18 00:45 - 2013-10-24 22:22 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-18 00:43 - 2014-08-18 00:43 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-17 23:57 - 2014-08-17 23:57 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00001088 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-17 23:57 - 2014-08-17 23:55 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-08-17 23:56 - 2014-08-17 23:56 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-08-17 23:56 - 2014-08-17 23:56 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-08-17 23:56 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\GlarySoft
2014-08-17 23:52 - 2014-08-17 23:52 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 23:52 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 23:52 - 2014-08-17 23:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 23:52 - 2013-09-29 21:04 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-17 23:51 - 2014-08-17 23:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 23:39 - 2014-08-17 23:39 - 00000000 ____H () C:\Users\Felicia\BITC54A.tmp
2014-08-17 23:39 - 2014-08-17 22:55 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job
2014-08-17 23:39 - 2013-10-24 21:32 - 00000000 ____D () C:\Users\Felicia
2014-08-17 23:29 - 2013-06-20 13:47 - 01469440 ___SH () C:\Users\Felicia\Downloads\Thumbs.db
2014-08-17 22:49 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-17 22:45 - 2013-06-18 19:48 - 00000000 ___RD () C:\Users\Felicia\Dropbox
2014-08-17 22:45 - 2013-06-18 19:21 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Dropbox
2014-08-17 22:43 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-17 01:02 - 2014-07-14 15:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 01:01 - 2013-06-27 18:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 01:00 - 2013-07-15 21:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-17 00:54 - 2013-06-20 14:51 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-16 00:55 - 2014-01-26 21:46 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\BitTorrent
2014-08-16 00:55 - 2013-06-19 00:35 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\vlc
2014-08-15 23:19 - 2013-11-03 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-08-15 23:14 - 2014-08-15 23:13 - 91691704 _____ (Copyright 2013 SAMSUNG) C:\Users\Felicia\Downloads\SamsungLink_Installer64.exe
2014-08-15 23:09 - 2013-09-24 22:21 - 00000000 ____D () C:\ProgramData\PMS
2014-08-15 22:43 - 2014-08-15 22:43 - 00000998 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-08-15 20:22 - 2014-07-14 15:55 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Search Protection
2014-08-15 20:21 - 2013-06-19 00:35 - 00000000 ____D () C:\Users\Felicia\AppData\Local\CRE
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-15 15:42 - 2014-08-15 15:42 - 00157384 _____ () C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-15 15:16 - 2013-06-18 22:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\ProgramData\ESET
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\Program Files\ESET
2014-08-15 15:02 - 2013-06-18 19:48 - 00001072 _____ () C:\Users\Felicia\Desktop\Dropbox.lnk
2014-08-15 15:02 - 2013-06-18 19:26 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-15 14:45 - 2013-10-24 21:32 - 00000000 ____D () C:\Users\Administrator
2014-08-15 14:44 - 2014-07-16 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Create A Sim Demo
2014-08-15 14:41 - 2013-09-29 20:51 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-08-15 14:41 - 2013-09-29 20:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-08-15 14:41 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-08-15 14:41 - 2012-08-16 22:27 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-08-15 14:40 - 2014-06-05 21:59 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Unity
2014-08-15 14:40 - 2014-06-02 18:52 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-15 14:40 - 2014-03-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-15 14:40 - 2014-02-12 13:18 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-15 14:40 - 2013-06-19 10:57 - 00000000 ____D () C:\ProgramData\Origin
2014-08-15 14:40 - 2013-06-19 10:57 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-15 14:40 - 2013-06-18 17:58 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Packages
2014-08-15 14:40 - 2012-08-16 22:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-15 14:24 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\registration
2014-08-15 14:11 - 2013-09-14 10:31 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-15 14:11 - 2012-08-03 17:02 - 00000000 ____D () C:\SWSetup
2014-08-15 14:09 - 2013-08-17 13:13 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-08-15 14:09 - 2012-08-16 22:11 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-06 15:38 - 2014-08-15 16:23 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 13:01 - 2013-06-26 09:59 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-08-04 00:06 - 2014-08-17 23:56 - 00118048 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2014-08-03 12:31 - 2014-08-03 12:31 - 00005120 _____ () C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-03 12:22 - 2013-06-18 20:14 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Spotify
2014-08-03 11:17 - 2013-06-18 20:15 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Spotify
2014-08-02 11:31 - 2014-07-16 19:03 - 00001503 _____ () C:\Users\Public\Desktop\The Sims 4 Create A Sim Demo.lnk
2014-08-01 22:44 - 2014-08-15 16:23 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:11 - 2014-08-15 16:22 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 19:37 - 2014-08-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-08-01 19:37 - 2014-08-01 19:36 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-08-01 19:35 - 2014-08-01 19:31 - 54431910 _____ () C:\Users\Felicia\Downloads\pms-1.90.1-setup-full-x64.exe
2014-08-01 17:17 - 2014-08-17 01:08 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2014-08-17 01:08 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-29 21:52 - 2013-07-09 17:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 21:52 - 2013-07-09 17:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 21:52 - 2014-07-27 21:52 - 00000869 _____ () C:\Users\Felicia\Desktop\Samsung Link [email protected]
2014-07-24 23:41 - 2013-06-19 13:49 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Mp3tag
2014-07-24 21:05 - 2013-07-09 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
Files to move or delete:
====================
C:\ProgramData\uninstaller.exe
 
 
Some content of TEMP:
====================
C:\Users\Felicia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-18 14:09
 
==================== End Of Log ============================
 
 
 
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Felicia at 2014-08-18 20:24:55
Running from C:\Users\Felicia\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2817 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EMCGadgets64 (Version: 1.1.501 - Sonic) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET NOD32 Antivirus (HKLM\...\{FBC0F617-1AA0-4483-8153-3FD97FE01D9E}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Flixster (HKCU\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
Glary Utilities 5.5 (HKLM-x32\...\Glary Utilities 5) (Version: 5.5.0.12 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 87) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{D044EBE7-94E7-4C49-90FC-9069E3F374E1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{6B240712-47E6-43A6-930D-F7568A70086F}) (Version: 9.5.0229 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iPod2PC 4.0.0.0 (HKLM-x32\...\iPod2PC_is1) (Version: 4.0.0.0 - CasiCakes)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mp3tag v2.55a (HKLM-x32\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Premier (HKLM-x32\...\{469EF13B-4AD0-48D7-AF89-6B92278293E2}) (Version: 10.1 - Roxio)
Roxio Creator Premier (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Premier 10 (x32 Version: 10.2.606 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler (x32 Version: 3.2 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Samsung Link 2.0.0.1407291559 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1407291559 - Copyright 2013 SAMSUNG)
Search Protection (HKCU\...\Search Protection) (Version: 9.4.0.2 - Spigot, Inc.) <==== ATTENTION
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.207.190 - Electronic Arts, Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{0C3BA0B1-BC14-4B55-98DC-F1E913C1DA10}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{6FFA7438-3E00-4176-9717-B3BBE2E704AB}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
15-08-2014 03:48:22 Restore Operation
18-08-2014 21:10:27 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0832DDE0-4B5E-4692-9BA3-E51EA2CF6509} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {0AA006F7-9B77-44FF-ACD3-CFB070CEE01A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-27] (Synaptics Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EA85890-988B-4167-9E64-83528375EBE6} - System32\Tasks\{ECA138D4-DC01-42EB-8A37-726110D986DF} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {34864081-1218-4E89-AB60-C62FED51A384} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D518454-17B8-4095-9466-3843529F3FE7} - System32\Tasks\{435E19EC-79B4-40C9-9196-22E3C4285579} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57922C4D-2E48-4E4A-80DC-836997407550} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {57F2AF71-D2BC-4492-B37F-8E5CB48008A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {65BDD8E7-97FB-41C0-8FFB-A45A316647A1} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-08-04] (Glarysoft Ltd)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {73DC610F-6CF0-438F-ABB1-9B368AD94464} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E391EBD-F5F7-4500-9C91-5749B60EE755} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-08-04] (Glarysoft Ltd)
Task: {82C1EA9B-D8AF-4527-8E16-DC65CDFCD258} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {96812F4C-A62E-48F9-9A3D-56D1068A065A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9AB5EEBE-9656-4890-9FE1-DC371687740C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A564A56F-2679-4515-9E55-79A45C7899F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {ACBCE68D-EC2B-4677-8747-5F2DB026C8F7} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {AEC109AC-2ED6-4F52-9F2E-4BF2BB5C89D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {B7C62BD3-B5A2-4130-AFB8-0914EE11A8D7} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {B870427D-83A9-4189-9612-815596EAEC3D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {C479F066-31BD-47F5-9DC2-C9A2D4DD0D9A} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {C5FD9061-B4DD-42FE-AECE-6C7337B63492} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-17] (Microsoft Corporation)
Task: {CE455F7D-135C-4927-8A2F-4ED1E20337A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D02F159E-DDB4-4DC7-A9B6-A687CAAE1195} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {D0CFB220-5DB1-4418-9978-034B7F712EF2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D3436AE4-084B-455D-ADC2-1C0B4D59B860} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {D597FBFA-AD64-4D87-9E8C-7304632AF5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DAACA951-D0AE-4C2A-B256-86D085185DC5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {E463E165-A4A8-47D8-B420-2C80C093AFBD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EAE88AE5-A6DD-4F0F-92C7-1F16D56B628B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3063917891-727150995-71849236-1001Core1ce7c3a7ac6a2b7.job => C:\Users\Felicia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-20 17:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 02149376 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 01630720 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2014-06-02 18:52 - 2014-06-02 18:52 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2014-07-11 21:30 - 2014-05-20 09:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-12 13:18 - 2014-06-02 18:52 - 02567192 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-02 18:52 - 2014-06-02 18:52 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2014-08-04 00:05 - 2014-08-04 00:05 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-08-18 13:45 - 2014-08-18 13:45 - 00043008 _____ () c:\users\felicia\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Felicia\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-12 13:18 - 2014-03-20 18:01 - 01603608 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2012-09-20 20:24 - 2013-06-27 14:23 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Felicia\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Felicia\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Felicia\Downloads\Drake - 0 to 100 & The Catch Up.mp3:Roxio EMC Stream
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKCU\...\StartupApproved\Run: => "Google Update"
HKCU\...\StartupApproved\Run: => "MusicManager"
HKCU\...\StartupApproved\Run: => "EADM"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4540001CD637E23A530E9E360911AD4C"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 07:03:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 9c4
 
Start Time: 01cfbb50f2f12a84
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: e8df571c-2744-11e4-bee0-28924a4165d1
 
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (08/18/2014 06:15:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1c10
 
Start Time: 01cfbb4a428f4c13
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: 36c7556d-273e-11e4-bee0-28924a4165d1
 
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (08/18/2014 06:02:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b4c
 
Start Time: 01cfbb47cd67ece6
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: c185a389-273b-11e4-bee0-28924a4165d1
 
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (08/18/2014 05:51:22 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302
 
Error: (08/18/2014 05:41:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6356937
 
Error: (08/18/2014 05:41:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6356937
 
Error: (08/18/2014 05:41:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/18/2014 03:55:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1359
 
Error: (08/18/2014 03:55:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1359
 
Error: (08/18/2014 03:55:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/18/2014 08:06:06 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
 
The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x300000004efce.  The name of the file is "<unable to determine file name>".
 
Error: (08/18/2014 08:05:37 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
 
The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x300000004f002.  The name of the file is "<unable to determine file name>".
 
Error: (08/18/2014 01:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error: 
%%1053
 
Error: (08/18/2014 01:46:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
 
Error: (08/18/2014 06:28:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (08/18/2014 06:28:04 AM) (Source: DCOM) (EventID: 10010) (User: FELICIA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (08/18/2014 06:28:04 AM) (Source: DCOM) (EventID: 10010) (User: FELICIA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (08/18/2014 06:28:04 AM) (Source: DCOM) (EventID: 10010) (User: FELICIA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (08/18/2014 06:28:02 AM) (Source: DCOM) (EventID: 10010) (User: FELICIA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (08/18/2014 06:28:02 AM) (Source: DCOM) (EventID: 10010) (User: FELICIA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-27 14:32:59.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:26:43.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:26:43.169
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:21:37.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:23:15.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:23:11.308
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:04:38.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:43:10.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:22:35.913
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:20:23.501
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU 997 @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 3986.28 MB
Available physical RAM: 2022.83 MB
Total Pagefile: 4882.28 MB
Available Pagefile: 2248.28 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:439.54 GB) (Free:127.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.1 GB) (Free:2.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (USB DISK) (Removable) (Total:0.94 GB) (Free:0.91 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 963AB19A)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 967.5 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=967 MB) - (Type=0C)
 
==================== End Of Log ============================

Edited by Mshoney6, 18 August 2014 - 09:41 PM.

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Mshoney6,

Bit to do in this post. :)

Now

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

After that

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Finally in this post

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

  • AdwCleaner log
  • JRT.txt
  • FRST.txt
  • Addition.txt

 


  • 0

#7
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

AdwCleaner log:

 

# AdwCleaner v3.307 - Report created 18/08/2014 at 21:47:28

# Updated 17/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Felicia - FELICIA
# Running from : C:\Users\Felicia\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater18.1.7
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\SweetIM
[!] Folder Deleted : C:\Users\Felicia\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Felicia\AppData\Local\Conduit
Folder Deleted : C:\Users\Felicia\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Felicia\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Felicia\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Felicia\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Felicia\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\uninstaller.exe
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.143
 
*************************
 
AdwCleaner[R0].txt - [8469 octets] - [18/08/2014 21:39:38]
AdwCleaner[S0].txt - [6866 octets] - [18/08/2014 21:47:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6926 octets] ##########
 
 

 

JRT.txt:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Felicia on Mon 08/18/2014 at 22:27:40.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3063917891-727150995-71849236-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8CE61BFA-8DC8-4D83-8C11-14B3E6F73861}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A35B23F3-076C-4184-9F72-3686517AA8AA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8CE61BFA-8DC8-4D83-8C11-14B3E6F73861}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/18/2014 at 22:39:56.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01

Ran by Felicia (administrator) on FELICIA on 18-08-2014 22:51:28
Running from C:\Users\Felicia\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Users\Felicia\AppData\Local\Google\Update\GoogleUpdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-27] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-06-27] (Synaptics Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [596320 2014-07-29] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-14] (Sonic Solutions)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-08-02] (Electronic Arts)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [Spotify] => C:\Users\Felicia\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-23] (Spotify Ltd)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GoogleChromeAutoLaunch_4540001CD637E23A530E9E360911AD4C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-3063917891-727150995-71849236-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-08-04] (Glarysoft Ltd)
HKU\S-1-5-21-3063917891-727150995-71849236-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
BootExecute: autocheck autochk *  BootDefrag.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - {8CE61BFA-8DC8-4D83-8C11-14B3E6F73861} URL = http://www.amazon.co...s={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Felicia\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felicia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR Extension: (Angry Birds) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-21]
CHR Extension: (Google Docs) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-21]
CHR Extension: (Google Drive) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-21]
CHR Extension: (Facebook) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-21]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-21]
CHR Extension: (Google Search) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-21]
CHR Extension: (Netflix) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-03-21]
CHR Extension: (Google Play Music) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-30]
CHR Extension: (AdBlock) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-21]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-03-21]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-05-29]
CHR Extension: (Google Play Music) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-03-21]
CHR Extension: (Google Play) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-03-21]
CHR Extension: (Google Maps) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-03-21]
CHR Extension: (No Name) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-21]
CHR Extension: (Gmail) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-21]
CHR HKCU\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx [2014-03-21]
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165336 2013-06-27] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [604512 2014-07-29] (Copyright 2013 SAMSUNG)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 ESETOlmarikOlmascoCleaner; C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [157384 2014-08-15] ()
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20672 2014-08-17] (Glarysoft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 22:49 - 2014-08-18 22:49 - 00000843 _____ () C:\WINDOWS\setupact.log
2014-08-18 22:49 - 2014-08-18 22:49 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-18 22:39 - 2014-08-18 22:39 - 00001348 _____ () C:\Users\Felicia\Desktop\JRT.txt
2014-08-18 22:27 - 2014-08-18 22:27 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-18 22:19 - 2014-08-18 22:09 - 01016261 _____ (Thisisu) C:\Users\Felicia\Desktop\JRT.exe
2014-08-18 22:06 - 2014-08-18 22:06 - 00000000 ____H () C:\Users\Felicia\BIT838A.tmp
2014-08-18 21:59 - 2014-08-18 21:59 - 00000820 _____ () C:\WINDOWS\PFRO.log
2014-08-18 21:38 - 2014-08-18 21:47 - 00000000 ____D () C:\AdwCleaner
2014-08-18 21:38 - 2014-08-18 21:32 - 01361671 _____ () C:\Users\Felicia\Desktop\AdwCleaner.exe
2014-08-18 20:24 - 2014-08-18 20:25 - 00055550 _____ () C:\Users\Felicia\Desktop\Addition.txt
2014-08-18 20:23 - 2014-08-18 22:51 - 00026033 _____ () C:\Users\Felicia\Desktop\FRST.txt
2014-08-18 20:23 - 2014-08-18 22:51 - 00000000 ____D () C:\FRST
2014-08-18 20:19 - 2014-08-18 20:21 - 00002702 _____ () C:\Users\Felicia\Desktop\Rkill.txt
2014-08-18 20:19 - 2014-08-18 20:19 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill64.com
2014-08-18 20:18 - 2014-08-18 20:18 - 00000612 _____ () C:\Users\Felicia\Desktop\FRST64.exe - Shortcut.lnk
2014-08-18 20:18 - 2014-08-18 19:44 - 02101760 _____ (Farbar) C:\Users\Felicia\Desktop\FRST64.exe
2014-08-18 20:18 - 2014-08-18 19:44 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.exe
2014-08-18 15:24 - 2014-08-18 15:24 - 00000000 ___HD () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-08-18 14:53 - 2014-08-18 14:45 - 00602112 _____ (OldTimer Tools) C:\Users\Felicia\Desktop\OTL.exe
2014-08-18 00:43 - 2014-08-18 00:43 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-17 23:57 - 2014-08-17 23:57 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00001088 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-17 23:56 - 2014-08-18 13:41 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\DiskDefrag
2014-08-17 23:56 - 2014-08-17 23:56 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-08-17 23:56 - 2014-08-17 23:56 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-08-17 23:56 - 2014-08-17 23:56 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-08-17 23:56 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\GlarySoft
2014-08-17 23:56 - 2014-08-04 00:06 - 00118048 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2014-08-17 23:56 - 2014-07-18 00:11 - 00017600 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys
2014-08-17 23:55 - 2014-08-17 23:57 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-17 23:54 - 2014-08-18 22:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 23:52 - 2014-08-17 23:52 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 23:52 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 23:51 - 2014-08-17 23:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 23:51 - 2014-08-17 23:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 23:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-17 23:51 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-17 23:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-17 22:55 - 2014-08-18 22:06 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job
2014-08-17 01:08 - 2014-08-01 17:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-17 01:08 - 2014-08-01 17:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 23:13 - 2014-08-15 23:14 - 91691704 _____ (Copyright 2013 SAMSUNG) C:\Users\Felicia\Downloads\SamsungLink_Installer64.exe
2014-08-15 22:43 - 2014-08-15 22:43 - 00000998 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-08-15 16:31 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 16:31 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 16:31 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 16:31 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 16:31 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 16:31 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 16:31 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 16:31 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 16:31 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 16:31 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 16:29 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 16:29 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 16:29 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 16:29 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 16:29 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 16:29 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 16:28 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 16:28 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 16:28 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 16:28 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 16:28 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 16:28 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 16:28 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 16:28 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 16:28 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 16:28 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 16:28 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 16:28 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 16:28 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 16:28 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 16:28 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 16:28 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 16:28 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 16:28 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 16:28 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 16:28 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 16:28 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 16:28 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 16:28 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 16:28 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 16:28 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 16:28 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 16:28 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 16:28 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 16:28 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 16:28 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 16:28 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 16:23 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 16:23 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 16:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 16:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 16:23 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 16:23 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 16:23 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 16:23 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 16:23 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 16:23 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 16:23 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 16:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 16:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 16:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 16:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 16:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 16:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 16:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 16:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 16:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 16:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 16:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 16:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 16:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 16:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 16:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 16:22 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 16:22 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 16:22 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 16:22 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 16:22 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 16:22 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 16:21 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 16:21 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 16:20 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 16:20 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 16:20 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 16:20 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 16:20 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 16:20 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 16:20 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 16:20 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 16:20 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 16:20 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 16:20 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 16:20 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 16:20 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 16:20 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 16:20 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 16:20 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 16:20 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 16:20 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 16:20 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 16:20 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 16:20 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 16:20 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 16:20 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 16:20 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 16:20 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 16:20 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 16:20 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 16:20 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 16:20 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 16:20 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 16:20 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 16:20 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 16:20 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 16:20 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 16:20 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 16:20 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 16:20 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-15 15:42 - 2014-08-15 15:42 - 00157384 _____ () C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\ProgramData\ESET
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\Program Files\ESET
2014-08-03 12:31 - 2014-08-03 12:31 - 00005120 _____ () C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-01 19:37 - 2014-08-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-08-01 19:36 - 2014-08-01 19:37 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-08-01 19:31 - 2014-08-01 19:35 - 54431910 _____ () C:\Users\Felicia\Downloads\pms-1.90.1-setup-full-x64.exe
2014-07-27 21:52 - 2014-07-27 21:52 - 00000869 _____ () C:\Users\Felicia\Desktop\Samsung Link [email protected]
2014-07-24 21:08 - 2014-07-24 21:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 22:51 - 2014-08-18 20:23 - 00026033 _____ () C:\Users\Felicia\Desktop\FRST.txt
2014-08-18 22:51 - 2014-08-18 20:23 - 00000000 ____D () C:\FRST
2014-08-18 22:50 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-18 22:49 - 2014-08-18 22:49 - 00000843 _____ () C:\WINDOWS\setupact.log
2014-08-18 22:49 - 2014-08-18 22:49 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-18 22:40 - 2013-06-18 18:09 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3063917891-727150995-71849236-1001
2014-08-18 22:39 - 2014-08-18 22:39 - 00001348 _____ () C:\Users\Felicia\Desktop\JRT.txt
2014-08-18 22:32 - 2013-06-18 18:01 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{237D341E-28DE-46DC-8794-EA214BDDCE88}
2014-08-18 22:31 - 2013-10-24 22:02 - 01075335 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-18 22:27 - 2014-08-18 22:27 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-18 22:27 - 2014-03-21 23:13 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-18 22:25 - 2013-06-18 18:40 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 22:25 - 2013-06-18 18:40 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 22:09 - 2014-08-18 22:19 - 01016261 _____ (Thisisu) C:\Users\Felicia\Desktop\JRT.exe
2014-08-18 22:06 - 2014-08-18 22:06 - 00000000 ____H () C:\Users\Felicia\BIT838A.tmp
2014-08-18 22:06 - 2014-08-17 22:55 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job
2014-08-18 22:06 - 2013-10-24 21:32 - 00000000 ____D () C:\Users\Felicia
2014-08-18 22:03 - 2013-09-14 10:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-18 22:02 - 2014-04-13 14:14 - 00000000 __RDO () C:\Users\Felicia\SkyDrive
2014-08-18 22:01 - 2014-08-17 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 21:59 - 2014-08-18 21:59 - 00000820 _____ () C:\WINDOWS\PFRO.log
2014-08-18 21:59 - 2014-02-12 13:18 - 00000000 ____D () C:\Users\Felicia\AppData\Local\AVG SafeGuard toolbar
2014-08-18 21:59 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-18 21:49 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-18 21:47 - 2014-08-18 21:38 - 00000000 ____D () C:\AdwCleaner
2014-08-18 21:37 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-18 21:32 - 2014-08-18 21:38 - 01361671 _____ () C:\Users\Felicia\Desktop\AdwCleaner.exe
2014-08-18 20:25 - 2014-08-18 20:24 - 00055550 _____ () C:\Users\Felicia\Desktop\Addition.txt
2014-08-18 20:21 - 2014-08-18 20:19 - 00002702 _____ () C:\Users\Felicia\Desktop\Rkill.txt
2014-08-18 20:19 - 2014-08-18 20:19 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill64.com
2014-08-18 20:18 - 2014-08-18 20:18 - 00000612 _____ () C:\Users\Felicia\Desktop\FRST64.exe - Shortcut.lnk
2014-08-18 19:44 - 2014-08-18 20:18 - 02101760 _____ (Farbar) C:\Users\Felicia\Desktop\FRST64.exe
2014-08-18 19:44 - 2014-08-18 20:18 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Felicia\Desktop\rkill.exe
2014-08-18 17:52 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-18 15:24 - 2014-08-18 15:24 - 00000000 ___HD () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-08-18 14:45 - 2014-08-18 14:53 - 00602112 _____ (OldTimer Tools) C:\Users\Felicia\Desktop\OTL.exe
2014-08-18 14:19 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-18 13:41 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\DiskDefrag
2014-08-18 06:29 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-18 00:45 - 2014-03-03 01:07 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-18 00:45 - 2013-10-24 22:22 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-18 00:43 - 2014-08-18 00:43 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-17 23:57 - 2014-08-17 23:57 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00001088 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-17 23:57 - 2014-08-17 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-17 23:57 - 2014-08-17 23:55 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-08-17 23:56 - 2014-08-17 23:56 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-08-17 23:56 - 2014-08-17 23:56 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-08-17 23:56 - 2014-08-17 23:56 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-08-17 23:56 - 2014-08-17 23:56 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\GlarySoft
2014-08-17 23:52 - 2014-08-17 23:52 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 23:52 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 23:52 - 2014-08-17 23:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 23:52 - 2013-09-29 21:04 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-17 23:51 - 2014-08-17 23:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 23:29 - 2013-06-20 13:47 - 01469440 ___SH () C:\Users\Felicia\Downloads\Thumbs.db
2014-08-17 22:49 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-17 22:45 - 2013-06-18 19:48 - 00000000 ___RD () C:\Users\Felicia\Dropbox
2014-08-17 22:45 - 2013-06-18 19:21 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Dropbox
2014-08-17 22:43 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-17 01:02 - 2014-07-14 15:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 01:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 01:01 - 2013-06-27 18:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 01:00 - 2013-07-15 21:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-17 00:54 - 2013-06-20 14:51 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-16 00:55 - 2014-01-26 21:46 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\BitTorrent
2014-08-16 00:55 - 2013-06-19 00:35 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\vlc
2014-08-15 23:19 - 2013-11-03 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-08-15 23:14 - 2014-08-15 23:13 - 91691704 _____ (Copyright 2013 SAMSUNG) C:\Users\Felicia\Downloads\SamsungLink_Installer64.exe
2014-08-15 23:09 - 2013-09-24 22:21 - 00000000 ____D () C:\ProgramData\PMS
2014-08-15 22:43 - 2014-08-15 22:43 - 00000998 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-08-15 20:21 - 2013-06-19 00:35 - 00000000 ____D () C:\Users\Felicia\AppData\Local\CRE
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-15 15:42 - 2014-08-15 15:42 - 00157384 _____ () C:\WINDOWS\system32\Drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-15 15:16 - 2013-06-18 22:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\ProgramData\ESET
2014-08-15 15:14 - 2014-08-15 15:14 - 00000000 ____D () C:\Program Files\ESET
2014-08-15 15:02 - 2013-06-18 19:48 - 00001072 _____ () C:\Users\Felicia\Desktop\Dropbox.lnk
2014-08-15 15:02 - 2013-06-18 19:26 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-15 14:45 - 2013-10-24 21:32 - 00000000 ____D () C:\Users\Administrator
2014-08-15 14:44 - 2014-07-16 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Create A Sim Demo
2014-08-15 14:41 - 2013-09-29 20:51 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-08-15 14:41 - 2013-09-29 20:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-15 14:41 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-08-15 14:41 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-08-15 14:41 - 2012-08-16 22:27 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-08-15 14:40 - 2014-06-05 21:59 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Unity
2014-08-15 14:40 - 2014-03-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-15 14:40 - 2013-06-19 10:57 - 00000000 ____D () C:\ProgramData\Origin
2014-08-15 14:40 - 2013-06-19 10:57 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-15 14:40 - 2013-06-18 17:58 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Packages
2014-08-15 14:40 - 2012-08-16 22:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-15 14:24 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\registration
2014-08-15 14:11 - 2013-09-14 10:31 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-15 14:11 - 2012-08-03 17:02 - 00000000 ____D () C:\SWSetup
2014-08-15 14:09 - 2013-08-17 13:13 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-08-15 14:09 - 2012-08-16 22:11 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-06 15:38 - 2014-08-15 16:23 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 13:01 - 2013-06-26 09:59 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-08-04 00:06 - 2014-08-17 23:56 - 00118048 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2014-08-03 12:31 - 2014-08-03 12:31 - 00005120 _____ () C:\Users\Felicia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-03 12:22 - 2013-06-18 20:14 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Spotify
2014-08-03 11:17 - 2013-06-18 20:15 - 00000000 ____D () C:\Users\Felicia\AppData\Local\Spotify
2014-08-02 11:31 - 2014-07-16 19:03 - 00001503 _____ () C:\Users\Public\Desktop\The Sims 4 Create A Sim Demo.lnk
2014-08-01 22:44 - 2014-08-15 16:23 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:11 - 2014-08-15 16:22 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 19:37 - 2014-08-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-08-01 19:37 - 2014-08-01 19:36 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-08-01 19:35 - 2014-08-01 19:31 - 54431910 _____ () C:\Users\Felicia\Downloads\pms-1.90.1-setup-full-x64.exe
2014-08-01 17:17 - 2014-08-17 01:08 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2014-08-17 01:08 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-29 21:52 - 2013-07-09 17:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 21:52 - 2013-07-09 17:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 21:52 - 2014-07-27 21:52 - 00000869 _____ () C:\Users\Felicia\Desktop\Samsung Link [email protected]
2014-07-25 07:52 - 2014-08-15 16:29 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 06:51 - 2014-08-15 16:29 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 06:28 - 2014-08-15 16:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 06:25 - 2014-08-15 16:28 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 06:25 - 2014-08-15 16:28 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 05:59 - 2014-08-15 16:28 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 05:40 - 2014-08-15 16:28 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 05:34 - 2014-08-15 16:28 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 05:30 - 2014-08-15 16:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 05:28 - 2014-08-15 16:29 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 05:28 - 2014-08-15 16:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 05:21 - 2014-08-15 16:28 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 05:17 - 2014-08-15 16:28 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 05:10 - 2014-08-15 16:28 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 05:08 - 2014-08-15 16:28 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 05:06 - 2014-08-15 16:29 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 04:52 - 2014-08-15 16:28 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 04:47 - 2014-08-15 16:28 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 04:43 - 2014-08-15 16:28 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 04:43 - 2014-08-15 16:28 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 04:42 - 2014-08-15 16:28 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 04:39 - 2014-08-15 16:28 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 04:34 - 2014-08-15 16:28 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 04:29 - 2014-08-15 16:28 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 04:23 - 2014-08-15 16:29 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 04:13 - 2014-08-15 16:28 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 04:09 - 2014-08-15 16:28 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 04:07 - 2014-08-15 16:28 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 04:03 - 2014-08-15 16:29 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 03:52 - 2014-08-15 16:28 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 03:26 - 2014-08-15 16:28 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 03:17 - 2014-08-15 16:28 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 03:09 - 2014-08-15 16:28 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 03:05 - 2014-08-15 16:28 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 03:00 - 2014-08-15 16:28 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-24 23:41 - 2013-06-19 13:49 - 00000000 ____D () C:\Users\Felicia\AppData\Roaming\Mp3tag
2014-07-24 21:08 - 2014-07-24 21:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-24 21:05 - 2013-07-09 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
Some content of TEMP:
====================
C:\Users\Felicia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll
C:\Users\Felicia\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-18 22:24
 
==================== End Of Log ============================
 
 
 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01

Ran by Felicia at 2014-08-18 22:52:19
Running from C:\Users\Felicia\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2817 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EMCGadgets64 (Version: 1.1.501 - Sonic) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET NOD32 Antivirus (HKLM\...\{FBC0F617-1AA0-4483-8153-3FD97FE01D9E}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Flixster (HKCU\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
Glary Utilities 5.5 (HKLM-x32\...\Glary Utilities 5) (Version: 5.5.0.12 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 87) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{D044EBE7-94E7-4C49-90FC-9069E3F374E1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{6B240712-47E6-43A6-930D-F7568A70086F}) (Version: 9.5.0229 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iPod2PC 4.0.0.0 (HKLM-x32\...\iPod2PC_is1) (Version: 4.0.0.0 - CasiCakes)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mp3tag v2.55a (HKLM-x32\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Premier (HKLM-x32\...\{469EF13B-4AD0-48D7-AF89-6B92278293E2}) (Version: 10.1 - Roxio)
Roxio Creator Premier (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Premier 10 (x32 Version: 10.2.606 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler (x32 Version: 3.2 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Samsung Link 2.0.0.1407291559 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1407291559 - Copyright 2013 SAMSUNG)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.207.190 - Electronic Arts, Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{0C3BA0B1-BC14-4B55-98DC-F1E913C1DA10}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{6FFA7438-3E00-4176-9717-B3BBE2E704AB}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Felicia\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3063917891-727150995-71849236-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felicia\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
15-08-2014 03:48:22 Restore Operation
18-08-2014 21:10:27 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0832DDE0-4B5E-4692-9BA3-E51EA2CF6509} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {0AA006F7-9B77-44FF-ACD3-CFB070CEE01A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-27] (Synaptics Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EA85890-988B-4167-9E64-83528375EBE6} - System32\Tasks\{ECA138D4-DC01-42EB-8A37-726110D986DF} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {34864081-1218-4E89-AB60-C62FED51A384} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D518454-17B8-4095-9466-3843529F3FE7} - System32\Tasks\{435E19EC-79B4-40C9-9196-22E3C4285579} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57922C4D-2E48-4E4A-80DC-836997407550} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {57F2AF71-D2BC-4492-B37F-8E5CB48008A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {65BDD8E7-97FB-41C0-8FFB-A45A316647A1} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-08-04] (Glarysoft Ltd)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {73DC610F-6CF0-438F-ABB1-9B368AD94464} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E391EBD-F5F7-4500-9C91-5749B60EE755} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-08-04] (Glarysoft Ltd)
Task: {82C1EA9B-D8AF-4527-8E16-DC65CDFCD258} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {96812F4C-A62E-48F9-9A3D-56D1068A065A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9AB5EEBE-9656-4890-9FE1-DC371687740C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A564A56F-2679-4515-9E55-79A45C7899F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {ACBCE68D-EC2B-4677-8747-5F2DB026C8F7} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {AEC109AC-2ED6-4F52-9F2E-4BF2BB5C89D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {B7C62BD3-B5A2-4130-AFB8-0914EE11A8D7} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {B870427D-83A9-4189-9612-815596EAEC3D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {C479F066-31BD-47F5-9DC2-C9A2D4DD0D9A} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {C5FD9061-B4DD-42FE-AECE-6C7337B63492} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-17] (Microsoft Corporation)
Task: {CE455F7D-135C-4927-8A2F-4ED1E20337A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D02F159E-DDB4-4DC7-A9B6-A687CAAE1195} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {D0CFB220-5DB1-4418-9978-034B7F712EF2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D3436AE4-084B-455D-ADC2-1C0B4D59B860} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {D597FBFA-AD64-4D87-9E8C-7304632AF5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DAACA951-D0AE-4C2A-B256-86D085185DC5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {E463E165-A4A8-47D8-B420-2C80C093AFBD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EAE88AE5-A6DD-4F0F-92C7-1F16D56B628B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3063917891-727150995-71849236-1001Core1ce7c3a7ac6a2b7.job => C:\Users\Felicia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFelicia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-20 17:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 02149376 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 01630720 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-11-03 23:20 - 2014-07-29 15:59 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-11 21:30 - 2014-05-20 09:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-04 00:05 - 2014-08-04 00:05 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2012-09-20 20:24 - 2013-06-27 14:23 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Felicia\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Felicia\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Felicia\Downloads\Drake - 0 to 100 & The Catch Up.mp3:Roxio EMC Stream
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKCU\...\StartupApproved\Run: => "Google Update"
HKCU\...\StartupApproved\Run: => "MusicManager"
HKCU\...\StartupApproved\Run: => "EADM"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4540001CD637E23A530E9E360911AD4C"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 10:50:15 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server
 
Error: (08/18/2014 10:49:52 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-27 14:32:59.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:26:43.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:26:43.169
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 14:21:37.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:23:15.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:23:11.308
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 13:04:38.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:43:10.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:22:35.913
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-27 12:20:23.501
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU 997 @ 1.60GHz
Percentage of memory in use: 41%
Total physical RAM: 3986.28 MB
Available physical RAM: 2333.47 MB
Total Pagefile: 4690.28 MB
Available Pagefile: 2647.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:439.54 GB) (Free:127.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.1 GB) (Free:2.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (USB DISK) (Removable) (Total:0.94 GB) (Free:0.9 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 963AB19A)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 967.5 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=967 MB) - (Type=0C)
 
==================== End Of Log ============================
 

  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Mshoney6,

Making some progress I think. :)

Now

You appear to have both AVG and ESET anti-virus programs running on your machine.

Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Please unistall either AVG or ESET.

If ESET is paid for I would recommend keeping it and uninstalling AVG.

Also, please unistall the following program which, while not malicious, has cleaning (in particular a Registry Cleaner) and tune up utilities which may cause problems on your machine:

Glary Utilities 5.5

Next

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

When you return please post

  • Fixlog.txt

 


  • 0

#9
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Fixlist:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by Felicia at 2014-08-19 19:23:22 Run:1
Running from C:\Users\Felicia\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
CHR Extension: (No Name) - C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-16]
CHR HKLM-x32\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx [2014-03-21]
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-03-21]
C:\Users\Felicia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll
C:\Users\Felicia\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\Users\Felicia\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Felicia\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Felicia\Downloads\Drake - 0 to 100 & The Catch Up.mp3:Roxio EMC Stream
Hosts:
EmptyTemp:
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
C:\Users\Felicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh" => Key deleted successfully.
"C:\Users\Felicia\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx" => File/Directory not found.
"HKCU\SOFTWARE\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim" => Key deleted successfully.
"C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim" => Key deleted successfully.
"C:\Users\Felicia\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx" => File/Directory not found.
C:\Users\Felicia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpli3hmf.dll => Moved successfully.
C:\Users\Felicia\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Felicia\SkyDrive => ":ms-properties" ADS removed successfully.
"C:\Users\Felicia\SkyDrive (2).old" => ":ms-properties" ADS not found.
C:\Users\Felicia\Downloads\Drake - 0 to 100 & The Catch Up.mp3 => ":Roxio EMC Stream" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 254.4 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again Mshoney6,

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 


  • 0

Advertisements


#11
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

So don't run the ESET scanner I have already? (before I download that one)...haha nevermind I answered my own question. Okay downloading it now


Edited by Mshoney6, 19 August 2014 - 09:58 PM.

  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

No if it is ESET AV that you kept (good decision I think) then please update your copy and use that to run a scan and paste the results back here if you can.

 

Also after that, tell me how your machine is. :)


  • 0

#13
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

So it found no threats and I can finally go to websites!!! OMG thank you soooooo much! LOL i was soooo hoping all of that would work and it did!!!

:prop:


  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

So it found no threats and I can finally go to websites!!!

 
I take it that means you computer is working fine now. :)
 
Assuming it does, we have a couple of last steps to perform and then you're all set.

To clear away the tools we have been using download Delfix from here.

Put a check (tick) in the following boxes:

  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.
-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

You also need to unininstall older versions of Java.

  • Open Control Panel by swiping in from the right edge of the screen, tapping Search (or if you're using a mouse, pointing to the upper-right corner of the screen, moving the mouse pointer down, and then clicking Search)
  • Enter Control Panel in the search box and then tap or click Control Panel.
  • Control Panel > Uninstall a Program
      
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

  • Open Control Panel by swiping in from the right edge of the screen, tapping Search (or if you're using a mouse, pointing to the upper-right corner of the screen, moving the mouse pointer down, and then clicking Search)
  • Enter Control Panel in the search box, and then tap or click Control Panel.
  • Click/tap System and Security > Windows Update
  • Under Windows Update click on Turn automatic updating on or off
  • Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!


  • 0

#15
Mshoney6

Mshoney6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
# DelFix v10.8 - Logfile created 20/08/2014 at 14:13:59
# Updated 29/07/2014 by Xplode
# Username : Felicia - FELICIA
# Operating System : Windows 8.1  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Felicia\Desktop\Addition.txt
Deleted : C:\Users\Felicia\Desktop\AdwCleaner.exe
Deleted : C:\Users\Felicia\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Users\Felicia\Desktop\Fixlog.txt
Deleted : C:\Users\Felicia\Desktop\FRST.txt
Deleted : C:\Users\Felicia\Desktop\FRST64.exe
Deleted : C:\Users\Felicia\Desktop\FRST64.exe - Shortcut.lnk
Deleted : C:\Users\Felicia\Desktop\JRT.exe
Deleted : C:\Users\Felicia\Desktop\JRT.txt
Deleted : C:\Users\Felicia\Desktop\OTL.exe
Deleted : C:\Users\Felicia\Desktop\rkill.exe
Deleted : C:\Users\Felicia\Desktop\Rkill.txt
Deleted : C:\Users\Felicia\Desktop\rkill64.com
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #66 [Restore Operation | 08/15/2014 03:48:22]
Deleted : RP #67 [Windows Update | 08/18/2014 21:10:27]
 
New restore point created !
 
########## - EOF - ##########
 
 
I have deleted Java from my computer as well, and yes it's working fine. I have purchased ESET as well since AVG sucked and I will look into the other information you gave me regarding keeping my computer free from viruses. Again, thank you so much saved me money from taking it to get it fixed. I will definitely recommend this site to anyone I know with a computer problem,
 
Thanks you!!! :D

  • 0






Similar Topics


Also tagged with one or more of these keywords: internet, malware, virus, blocking, access

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP