I am currently dealing with some type of redirect virus.
After identifying the malware/spyware with Windows Defender, I selected the option to remove the malicious software with Windows Defender. Within fifteen minutes, the program reported that the problem had been removed, yet I can still see that the virus' effects seem to be persisting. I ran the Defender program several times again but nothing malicious is being identified anymore, that is when I began to search for solutions online and found this blog.
I found a topic that had also been posted today with the title, " firefox redirect / "Reported Web Forgery" ." The problem described within this topic is identical to the one I am experiencing, the only difference is that I am uing Firefox version 34.0.5. I am not experiencing any problems with IE, but I am experiencing the same problems in my Google Chrome browser. I will paste the symptoms described in this post since they are same as mine.
I'm currently experiencing what I think is a redirect type of virus with Firefox. I'm using Firefox 22.0. I'm not having any issues with IE though. What happens is, any website I try to visit on FF22,0 takes a long time to load, and in the lower left hand corner of the browser screen, where you usually see a little dialogue letting you know what's loading, there are a ton of unrelated links attempting to load. Eventually, I get taken to a "Reported Web Forgery" screen, giving me two button options: "Get Me Out of Here!" or "Why was this page blocked?"
The URL for this page is www,readtwos.com.... So right now I'm not sure if whatever has infected my system is trying to redirect me to this readytwos.com website and Firefox is stopping it, or if the Web Forgery sreen itself is the infection. Either case, there's a problem. Any help on this is much appreciated. I'm attached a screen cap of the screen I'm talking about.
I followed the instructions provided by the website's responder (BrianDrab) to this topic and scanned with the Farbar Recovery Scan Tool. Here are the FRST.txt & Additional Scan logs, and I am not aware of any intentional internet proxy being set on my computer. Thanks very much for your time, any help is appreciated.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Average Savage (administrator) on LAZLO on 26-12-2014 15:57:37
Running from C:\Users\Average Savage\Desktop
Loaded Profile: Average Savage (Available profiles: Average Savage)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Bootstrap Software Development) C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BSDAppUpdater] => C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe [1660232 2013-05-21] (Bootstrap Software Development)
HKLM-x32\...\Run: [OCDLMgr] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-03] (Google Inc.)
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Run: [APISupport] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Average Savage\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Run: [Google Update] => C:\Users\Average Savage\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-07] (Google Inc.)
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\RunOnce: [Adobe Speed Launcher] => 1419575899
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\MountPoints2: {5eadf00f-9fc7-11e3-8a66-24b6fd532c7b} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\MountPoints2: {fb9f219d-d2f6-11e3-9dd9-24b6fd532c7b} - E:\LaunchU3.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....&cc=US&unqvl=72
HKU\S-1-5-21-2731679655-819755991-414572229-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....&cc=US&unqvl=72
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=US&unqvl=72
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=US&unqvl=72
SearchScopes: HKU\S-1-5-21-2731679655-819755991-414572229-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-2731679655-819755991-414572229-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=US&unqvl=72
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121004020851.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121004020851.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2731679655-819755991-414572229-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Average Savage\AppData\Roaming\Mozilla\Firefox\Profiles\jfk9sti7.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=1928&r=2014/12/19&hid=9888276928212164740&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: www.theonion.com
FF Keyword.URL: hxxp://websearch.searchoholic.info/?pid=1928&r=2014/12/19&hid=9888276928212164740&lg=EN&cc=US&unqvl=72&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2731679655-819755991-414572229-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2731679655-819755991-414572229-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Average Savage\AppData\Roaming\Mozilla\Firefox\Profiles\jfk9sti7.default\searchplugins\WebSearch.xml
FF Extension: YoutuubeAddBlocke - C:\Users\Average Savage\AppData\Roaming\Mozilla\Firefox\Profiles\jfk9sti7.default\Extensions\[email protected] [2014-12-18]
FF Extension: DOwnuSave - C:\Users\Average Savage\AppData\Roaming\Mozilla\Firefox\Profiles\jfk9sti7.default\Extensions\[email protected] [2014-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (Google Cast) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-09-07]
CHR Extension: (MagicScroll Web Reader) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecldhagehndokdmaiaigoaecbmbnmfkc [2014-12-25]
CHR Extension: (Window Expander For YouTube) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog [2014-12-18]
CHR Extension: (AccuWeather) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmmfhnlekjcmmmlfkhmbhalnokjannj [2014-09-02]
CHR Extension: (Google Wallet) - C:\Users\Average Savage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-07]
CHR Extension: (BuyNsavve) - C:\ProgramData\habaikmcgnehdaefplmiephpkgojijob\ [2014-09-07]
CHR HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Chrome\Extension: [ldmmfhnlekjcmmmlfkhmbhalnokjannj] - C:\Users\Average Savage\AppData\Local\CRE\ldmmfhnlekjcmmmlfkhmbhalnokjannj.crx [2014-08-22]
CHR HKLM-x32\...\Chrome\Extension: [ldmmfhnlekjcmmmlfkhmbhalnokjannj] - C:\Users\Average Savage\AppData\Local\CRE\ldmmfhnlekjcmmmlfkhmbhalnokjannj.crx [2014-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173568 2012-10-09] (Dell Products, LP.) [File not signed]
R2 fc67e7a0; c:\Program Files (x86)\DeltaFix\DeltaFix.dll [4123648 2014-12-18] () [File not signed] <==== ATTENTION
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 15:57 - 2014-12-26 15:58 - 00019563 _____ () C:\Users\Average Savage\Desktop\FRST.txt
2014-12-26 15:57 - 2014-12-26 15:57 - 00000000 ___DC () C:\FRST
2014-12-26 15:56 - 2014-12-26 15:56 - 02122752 _____ (Farbar) C:\Users\Average Savage\Desktop\FRST64.exe
2014-12-26 15:54 - 2014-12-26 15:55 - 01114112 _____ (Farbar) C:\Users\Average Savage\Desktop\FRST.exe
2014-12-26 14:45 - 2014-12-26 14:45 - 08423856 _____ (McAfee, Inc.) C:\Users\Average Savage\Downloads\SecurityScan_Release.exe
2014-12-26 14:34 - 2014-12-26 14:34 - 00000000 ____D () C:\Program Files (x86)\BItSaver
2014-12-25 22:45 - 2014-12-26 14:34 - 00000000 ____D () C:\ProgramData\BItSaver
2014-12-25 22:45 - 2014-12-26 14:34 - 00000000 ____D () C:\ProgramData\4d09ce8d5400296d
2014-12-18 20:45 - 2014-12-18 20:45 - 00000000 __SHD () C:\Users\Average Savage\AppData\Local\EmieBrowserModeList
2014-12-18 20:39 - 2014-12-18 20:39 - 00000000 ____D () C:\Users\Average Savage\AppData\Roaming\SimpleFiles
2014-12-18 19:20 - 2014-12-25 23:28 - 00000000 ____D () C:\Program Files (x86)\YoutuubeAddBlocke
2014-12-18 19:20 - 2014-12-25 23:28 - 00000000 ____D () C:\Program Files (x86)\BuyNsaVe
2014-12-18 19:20 - 2014-12-18 19:20 - 00000000 ____D () C:\Program Files (x86)\Window Expander For YouTube
2014-12-18 19:20 - 2014-12-18 19:20 - 00000000 ____D () C:\Program Files (x86)\DeltaFix
2014-12-18 19:19 - 2014-12-18 19:19 - 00000000 ____D () C:\ProgramData\habaikmcgnehdaefplmiephpkgojijob
2014-12-18 19:19 - 2014-12-18 19:19 - 00000000 ____D () C:\ProgramData\5551195122105854317
2014-12-18 19:19 - 2014-12-18 19:19 - 00000000 ____D () C:\Program Files (x86)\BuyNsavve
2014-12-18 02:26 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-18 02:26 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-10 03:57 - 2014-12-10 03:57 - 03981488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-10 03:05 - 2014-10-17 19:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-10 03:05 - 2014-10-17 18:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-10 01:08 - 2014-11-26 18:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 01:08 - 2014-11-26 18:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 01:08 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 01:08 - 2014-11-21 20:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-10 01:08 - 2014-11-21 20:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-10 01:08 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-10 01:08 - 2014-11-21 19:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-10 01:08 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 01:08 - 2014-11-21 19:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-10 01:08 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-10 01:08 - 2014-11-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-10 01:08 - 2014-11-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-10 01:08 - 2014-11-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-10 01:08 - 2014-11-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-10 01:08 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 01:08 - 2014-11-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-10 01:08 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-10 01:08 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 01:08 - 2014-11-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-10 01:08 - 2014-11-21 19:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-10 01:08 - 2014-11-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 01:08 - 2014-11-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-10 01:08 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 01:08 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-10 01:08 - 2014-11-21 19:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-10 01:08 - 2014-11-21 19:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-10 01:08 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 01:08 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-10 01:08 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 01:08 - 2014-11-21 18:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-10 01:08 - 2014-11-21 18:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-10 01:08 - 2014-11-21 18:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-10 01:08 - 2014-11-21 18:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-10 01:08 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 01:08 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 01:08 - 2014-11-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-10 01:08 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 01:08 - 2014-11-21 18:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-10 01:08 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 01:08 - 2014-11-21 18:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 01:08 - 2014-11-21 18:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-10 01:08 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 01:08 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 01:08 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 01:08 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 01:08 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 01:08 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 01:08 - 2014-11-21 18:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-10 01:08 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 01:08 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 01:08 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-10 01:08 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 01:08 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 01:08 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-10 01:08 - 2014-11-10 20:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 01:08 - 2014-11-10 19:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 01:08 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-10 01:06 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-10 01:06 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-10 01:06 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-10 01:06 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-10 01:06 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-10 01:06 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:06 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-10 01:06 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-10 01:06 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-10 01:06 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-10 01:06 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:06 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:06 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-10 01:06 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 02:26 - 2014-12-26 14:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 00:56 - 2014-12-03 00:56 - 00001654 _____ () C:\Users\Average Savage\Desktop\tenant_removal_amendment.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 15:57 - 2012-06-03 00:13 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 15:51 - 2014-09-07 21:01 - 00000944 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000UA.job
2014-12-26 15:51 - 2012-10-03 17:23 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-26 15:37 - 2012-06-03 00:04 - 01754270 _____ () C:\windows\WindowsUpdate.log
2014-12-26 15:35 - 2013-09-07 00:57 - 00000000 ____D () C:\Users\Average Savage\Documents\UCDenver
2014-12-26 15:24 - 2009-07-13 22:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-26 15:22 - 2012-06-03 00:41 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-26 15:20 - 2009-07-13 21:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 15:20 - 2009-07-13 21:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 15:16 - 2014-04-03 00:27 - 00009216 ___SH () C:\Users\Average Savage\Downloads\Thumbs.db
2014-12-26 14:40 - 2012-10-03 17:15 - 00000422 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-12-26 14:38 - 2012-10-04 13:13 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-12-26 14:38 - 2012-10-03 17:15 - 00003460 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-12-25 23:39 - 2013-10-22 12:50 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-25 23:37 - 2012-10-03 17:23 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 23:37 - 2012-06-03 00:53 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-25 23:37 - 2012-06-03 00:53 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-25 23:37 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-25 23:37 - 2009-07-13 21:51 - 00085127 _____ () C:\windows\setupact.log
2014-12-25 22:05 - 2014-09-07 21:01 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000Core.job
2014-12-22 17:24 - 2010-11-20 20:47 - 00214092 _____ () C:\windows\PFRO.log
2014-12-18 20:45 - 2014-09-02 06:58 - 00000000 ____D () C:\Users\Average Savage\AppData\Local\tbccint
2014-12-18 20:45 - 2014-09-02 06:58 - 00000000 ____D () C:\Program Files (x86)\Tbccint
2014-12-13 14:07 - 2013-11-20 18:07 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-12-13 14:07 - 2012-06-03 00:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-13 04:01 - 2014-09-07 20:57 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 13:20 - 2012-10-13 17:54 - 00000000 ____D () C:\Users\Average Savage\AppData\Roaming\SoftGrid Client
2014-12-11 13:47 - 2012-10-03 17:12 - 00126136 _____ () C:\Users\Average Savage\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-10 04:22 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-12-10 03:57 - 2012-06-03 00:13 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 03:57 - 2012-06-03 00:13 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 03:57 - 2012-06-03 00:13 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 03:44 - 2012-10-03 20:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 03:43 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-10 03:27 - 2012-11-19 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:24 - 2013-08-18 02:02 - 00000000 ____D () C:\windows\system32\MRT
2014-12-10 03:11 - 2012-10-04 13:25 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-08 02:43 - 2012-10-03 17:15 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-12-07 04:00 - 2012-10-03 17:15 - 00004278 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-03 15:11 - 2012-06-03 02:56 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-30 12:20 - 2014-08-26 09:28 - 00000000 ____D () C:\Users\Average Savage\AppData\Roaming\GoPro
Some content of TEMP:
====================
C:\Users\Average Savage\AppData\Local\Temp\i4jdel0.exe
C:\Users\Average Savage\AppData\Local\Temp\Java(1).exe
C:\Users\Average Savage\AppData\Local\Temp\lowproc.exe
C:\Users\Average Savage\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Average Savage\AppData\Local\Temp\stubhelper.dll
C:\Users\Average Savage\AppData\Local\Temp\winziprosetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 18:44
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by Average Savage at 2014-12-26 15:58:26
Running from C:\Users\Average Savage\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Leawo Video Converter version 5.2.0.1 (HKLM-x32\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version: - )
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Becoming Human 1.0 (HKLM-x32\...\Becoming Human) (Version: 1.0 - Terra Incognita)
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BuyNsaVe (HKLM-x32\...\{842C4394-47F7-60DE-480B-C09116B63559}) (Version: - BuyNsave) <==== ATTENTION
ChromecastApp (HKU\S-1-5-21-2731679655-819755991-414572229-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ContentEdit (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}) (Version: - IncrementModule) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)
Dell Digital Delivery (HKLM-x32\...\{F91BF1B5-4213-440C-8539-C6EB2F1D1734}) (Version: 2.2.4000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.100.82.88 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
MediaWidget 7.0 (HKLM-x32\...\MediaWidget - Easy iPod Transfer_is1) (Version: - Bootstrap Development, LLC.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)
Window Expander For YouTube (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - )
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YoutuubeAddBlocke (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2731679655-819755991-414572229-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2731679655-819755991-414572229-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2731679655-819755991-414572229-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2731679655-819755991-414572229-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Average Savage\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
10-12-2014 03:00:54 Windows Update
12-12-2014 03:00:14 Windows Update
16-12-2014 17:45:43 Windows Update
18-12-2014 03:00:12 Windows Update
25-12-2014 00:29:17 Windows Update
25-12-2014 23:28:07 Windows Defender Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {065A0E99-4221-41BB-A1D5-555AAB30385E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03] (Google Inc.)
Task: {0C8208D8-692C-4531-967C-168D408002BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000UA => C:\Users\Average Savage\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-07] (Google Inc.)
Task: {0C8F52A1-8C01-451A-A91F-01B6F2EC0C55} - System32\Tasks\PCDEventLauncher => c:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {0E619A76-82E2-4450-AF60-7E482B42C96C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {2083FBB1-E4F4-4E9B-AEE3-90844634D4AC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2731679655-819755991-414572229-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {75266F56-36BE-4304-81BA-31E44CA256E4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {90B04579-7AAA-4BE9-A7F6-335FEE05E559} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2731679655-819755991-414572229-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A90F1EE6-5AD9-4E64-882B-B2A1E3CB7339} - System32\Tasks\PCDoctorBackgroundMonitorTask => c:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {DD68D7A2-7C45-4C05-8C6D-E050BC714163} - System32\Tasks\SystemToolsDailyTest => c:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {EEBB03A0-B95E-4B89-8A27-5555EC1623FC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F942309D-2FF4-4ED4-B902-955344E401E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03] (Google Inc.)
Task: {FF5A1A52-DC1C-4EF7-90B7-A1F830B2E115} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000Core => C:\Users\Average Savage\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-07] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000Core.job => C:\Users\Average Savage\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731679655-819755991-414572229-1000UA.job => C:\Users\Average Savage\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => c:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => c:\Program Files\Dell Support Center\pcdrcui.exe
==================== Loaded Modules (whitelisted) =============
2011-03-09 10:41 - 2011-03-09 10:41 - 01066896 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2011-03-09 10:41 - 2011-03-09 10:41 - 00491920 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2012-06-03 00:42 - 2012-01-26 19:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-06-03 02:33 - 2011-03-25 18:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-27 17:26 - 2011-06-27 17:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2011-06-29 06:52 - 2011-06-29 06:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2010-11-17 08:35 - 2010-11-17 08:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-18 19:20 - 2014-12-18 19:20 - 04123648 _____ () c:\Program Files (x86)\DeltaFix\DeltaFix.dll
2010-03-05 08:24 - 2010-03-05 08:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
2010-03-16 18:28 - 2010-03-16 18:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 13:52 - 2010-03-22 13:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 18:28 - 2010-03-16 18:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 18:28 - 2010-03-16 18:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-24 21:20 - 2011-06-24 21:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 17:25 - 2011-06-27 17:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-24 21:21 - 2011-06-24 21:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 17:52 - 2010-03-11 17:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 13:07 - 2010-03-05 13:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 13:07 - 2010-03-05 13:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 17:52 - 2010-03-11 17:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2010-11-24 20:44 - 2010-11-24 20:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-10-16 17:18 - 2014-10-16 17:18 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2012-06-03 00:13 - 2011-01-12 15:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2731679655-819755991-414572229-500 - Administrator - Disabled)
Average Savage (S-1-5-21-2731679655-819755991-414572229-1000 - Administrator - Enabled) => C:\Users\Average Savage
Guest (S-1-5-21-2731679655-819755991-414572229-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2731679655-819755991-414572229-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/25/2014 11:39:44 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Dell Digital Delivery -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , ,
Error: (12/25/2014 11:38:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 00:17:26 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
Error: (12/23/2014 07:27:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11357
Error: (12/23/2014 07:27:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11357
Error: (12/23/2014 07:27:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/23/2014 07:27:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10281
Error: (12/23/2014 07:27:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10281
Error: (12/23/2014 07:27:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/23/2014 07:27:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9267
System errors:
=============
Error: (12/25/2014 11:39:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/25/2014 01:27:12 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETUNIA
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{474D0832-46AF-4FEE-A308-AE3B3D90F3AC}.
The master browser is stopping or an election is being forced.
Error: (12/22/2014 05:28:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/18/2014 02:11:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error: (12/18/2014 02:11:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Google Software Updater service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.
Error: (12/14/2014 09:23:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error: (12/14/2014 09:23:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Google Software Updater service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.
Error: (12/12/2014 01:20:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (12/12/2014 01:19:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (12/10/2014 00:50:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:51:27 PM on 12/9/2014 was unexpected.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage of memory in use: 42%
Total physical RAM: 4004.27 MB
Available physical RAM: 2293.36 MB
Total Pagefile: 8006.73 MB
Available Pagefile: 6266.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:119.36 GB) NTFS
Drive y: (Recovery) (Fixed) (Total:19.53 GB) (Free:11.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7D6721EE)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================