Solved Chrome malware ( according to staples guy)

tinassmith

New Member
Thread author
Jan 31, 2015
14

  • Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
    Ran by Smith (administrator) on ENVY on 01-02-2015 14:49:55
    Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC
    Loaded Profiles: Smith (Available profiles: Smith)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
    () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
    () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
    () C:\Windows\System32\valWBFPolicyService.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
    (Smartbar) C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe
    (System Alerts LLC) C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
    (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
    (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-05-29] (IDT, Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2013-04-03] (Synaptics Incorporated)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
    HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-03-11] (Sophos Limited)
    HKLM-x32\...\Run: [AllstateGateway32] => c:\program files (x86)\allstate\go gateway install\gogatewaymove.exe [40624 2009-06-26] (Allstate)
    HKLM-x32\...\Run: [AllstateGateway] => c:\program files\allstate\go gateway install\gogatewaymove.exe
    HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [WinCheck] => C:\Users\Smith\AppData\Local\wincheck\wincheck.exe [528896 2014-12-24] ()
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-30] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-03-12] (Hewlett-Packard)
    Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [UpdateAdmin] => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [225552 2014-10-16] (DownloadAdmin)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] ()
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe [28688 2014-11-19] (Smartbar)
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
    AppInit_DLLs: C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [71680 2014-12-24] ()
    Startup: C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
    ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Search Page =http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =http://www.msn.com/?ocid=iehp
    SearchScopes: HKLM -> {0656767C-4B32-44CB-9B4F-FEC3F26E4761} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
    SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
    BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
    BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
    BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
    BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
    Toolbar: HKLM - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
    Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
    Toolbar: HKLM-x32 - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
    Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
    Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258}http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://allstate.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc.cab
    DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://officespace4r.ra.allstate.com/dana-cached/sc/JuniperSetupClient.cab
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Winsock: Catalog9 01 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Winsock: Catalog9 02 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Winsock: Catalog9 03 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Winsock: Catalog9 04 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Winsock: Catalog9 05 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Winsock: Catalog9 16 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
    FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @tnt2npapi.com/Plugin -> C:\Users\Smith\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll No File
    FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smith\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: hp.com/HPDetect -> C:\Users\Smith\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\confmgr.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\npicaN.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-12-25]
    FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
    FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-01-31]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30]
    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
    CHR HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]
    CHR HKLM-x32\...\Chrome\Extension: [ikifpllgjmnbnanggkjcdlbfghbhblkk] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]
    CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2015-01-08]
    ==================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
    R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-15] (HP)
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-28] (WildTangent)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
    R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
    R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-05] (Symantec Corporation)
    R2 RGMUpdater; C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
    R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2014-03-30] (Sophos Limited)
    R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2014-03-30] (Sophos Limited)
    R2 serverca; C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe [143872 2014-12-24] () [File not signed]
    R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2013-03-11] (Sophos Limited)
    R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-03-11] (Sophos Limited)
    R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2013-03-11] (Sophos Limited)
    R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-09-06] (Sophos Limited)
    R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2878016 2014-03-30] (Sophos Limited)
    S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2014-03-30] (Sophos Limited)
    R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
    R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed]
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
    S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-30] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-30] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-30] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
    R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation)
    R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
    R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-25] (Symantec Corporation)
    R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141226.001\IDSvia64.sys [637656 2014-12-24] (Symantec Corporation)
    S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\ENG64.SYS [129752 2014-12-25] (Symantec Corporation)
    S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\EX64.SYS [2137304 2014-12-25] (Symantec Corporation)
    R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2013-05-29] (Realtek Semiconductor Corp.)
    R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2013-09-06] (Sophos Limited)
    S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [36640 2013-09-06] (Sophos Limited)
    R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)
    S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
    S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2013-09-06] (Sophos Plc)
    S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
    S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
    R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-25] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
    S1 wpnfd_1_10_0_2; system32\drivers\wpnfd_1_10_0_2.sys [X]
    ==================== NetSvcs (Whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-01-31 21:10 - 2015-02-01 14:49 - 00000000 ____D () C:\FRST
    2015-01-31 20:05 - 2015-01-31 20:05 - 00000658 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk
    2015-01-31 20:05 - 2014-10-31 05:32 - 00815248 _____ (Microsoft Corporation) C:\Users\Smith\Desktop\iexplore.exe
    2015-01-31 19:28 - 2015-01-31 19:29 - 00000000 ____D () C:\ProgramData\ETTB
    2015-01-30 22:01 - 2015-01-30 22:02 - 00280800 _____ () C:\WINDOWS\Minidump\013015-186890-01.dmp
    2015-01-30 21:54 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
    2015-01-30 21:54 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
    2015-01-30 21:41 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2015-01-30 21:41 - 2014-11-17 15:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2015-01-30 21:41 - 2014-11-14 01:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
    2015-01-30 21:41 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2015-01-30 21:41 - 2014-11-14 01:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
    2015-01-30 21:41 - 2014-11-14 01:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2015-01-30 21:41 - 2014-11-14 01:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
    2015-01-30 21:41 - 2014-11-13 23:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2015-01-30 21:38 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2015-01-30 21:38 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2015-01-30 21:38 - 2014-11-14 09:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-01-30 21:38 - 2014-11-14 02:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-01-30 21:38 - 2014-11-14 01:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2015-01-30 21:38 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-01-30 21:38 - 2014-11-14 01:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2015-01-30 21:38 - 2014-11-14 01:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2015-01-30 21:38 - 2014-11-14 01:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2015-01-30 21:38 - 2014-11-14 01:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-01-30 21:38 - 2014-11-14 01:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2015-01-30 21:38 - 2014-11-14 00:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2015-01-30 21:38 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-01-30 21:38 - 2014-11-14 00:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2015-01-30 21:38 - 2014-11-14 00:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-01-30 21:38 - 2014-11-14 00:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2015-01-30 21:38 - 2014-11-10 19:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-01-30 21:38 - 2014-11-10 19:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-01-30 21:38 - 2014-11-10 13:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-01-30 21:38 - 2014-11-10 13:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2015-01-30 21:38 - 2014-11-10 13:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-01-30 21:38 - 2014-11-10 13:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2015-01-30 21:38 - 2014-11-09 21:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
    2015-01-30 21:38 - 2014-11-09 20:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2015-01-30 21:38 - 2014-11-09 20:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2015-01-30 21:38 - 2014-11-09 20:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2015-01-30 21:38 - 2014-11-09 20:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2015-01-30 21:38 - 2014-11-09 20:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2015-01-30 21:38 - 2014-11-09 20:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2015-01-30 21:38 - 2014-11-09 20:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2015-01-30 21:38 - 2014-11-09 19:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2015-01-30 21:38 - 2014-11-09 19:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2015-01-30 21:38 - 2014-11-08 05:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2015-01-30 21:38 - 2014-11-08 05:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2015-01-30 21:38 - 2014-11-07 23:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
    2015-01-30 21:38 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
    2015-01-30 21:38 - 2014-11-07 22:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
    2015-01-30 21:38 - 2014-11-07 22:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2015-01-30 21:38 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
    2015-01-30 21:38 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
    2015-01-30 21:38 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
    2015-01-30 21:38 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
    2015-01-30 21:38 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
    2015-01-30 21:38 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
    2015-01-30 21:38 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
    2015-01-30 21:38 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
    2015-01-30 21:38 - 2014-11-07 21:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2015-01-30 21:38 - 2014-11-07 21:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2015-01-30 21:38 - 2014-11-07 21:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
    2015-01-30 21:38 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2015-01-30 21:38 - 2014-11-07 20:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
    2015-01-30 21:38 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2015-01-30 21:38 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2015-01-30 21:38 - 2014-11-06 22:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2015-01-30 21:38 - 2014-11-06 22:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2015-01-30 21:38 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
    2015-01-30 21:38 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
    2015-01-30 21:38 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2015-01-30 21:38 - 2014-11-04 20:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2015-01-30 21:38 - 2014-11-04 20:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2015-01-30 21:38 - 2014-11-04 20:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
    2015-01-30 21:38 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
    2015-01-30 21:38 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
    2015-01-30 21:38 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2015-01-30 21:38 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
    2015-01-30 21:38 - 2014-11-04 20:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2015-01-30 21:38 - 2014-11-04 20:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
    2015-01-30 21:38 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
    2015-01-30 21:38 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
    2015-01-30 21:38 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2015-01-30 21:38 - 2014-11-04 14:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
    2015-01-30 21:38 - 2014-11-04 14:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
    2015-01-30 21:38 - 2014-11-04 01:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
    2015-01-30 21:38 - 2014-11-04 01:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
    2015-01-30 21:38 - 2014-11-04 01:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
    2015-01-30 21:38 - 2014-11-04 01:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
    2015-01-30 21:38 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2015-01-30 21:38 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2015-01-30 21:38 - 2014-10-30 19:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-01-30 21:38 - 2014-10-30 19:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-01-30 21:38 - 2014-10-30 00:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-01-30 21:38 - 2014-10-30 00:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2015-01-30 21:38 - 2014-10-30 00:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-01-30 21:38 - 2014-10-28 22:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2015-01-30 21:38 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2015-01-30 21:38 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
    2015-01-30 21:38 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
    2015-01-30 21:38 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
    2015-01-30 21:38 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
    2015-01-30 21:38 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
    2015-01-30 21:38 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
    2015-01-30 21:38 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
    2015-01-30 21:38 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
    2015-01-30 21:38 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
    2015-01-30 21:38 - 2014-10-26 17:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
    2015-01-30 21:38 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
    2015-01-30 21:38 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
    2015-01-30 21:38 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
    2015-01-30 21:38 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
    2015-01-30 21:38 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
    2015-01-30 21:38 - 2014-10-20 19:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2015-01-30 21:38 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
    2015-01-30 21:38 - 2014-10-16 23:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2015-01-30 21:38 - 2014-10-16 23:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2015-01-30 21:38 - 2014-10-16 23:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2015-01-30 21:38 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2015-01-30 18:10 - 2015-01-30 18:10 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
    2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
    2015-01-30 18:05 - 2015-01-30 18:05 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2015-01-30 18:05 - 2015-01-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
    2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files\iTunes
    2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-01-30 18:03 - 2015-01-30 18:03 - 00000000 ____D () C:\Program Files\iPod
    2015-01-30 17:49 - 2015-01-30 17:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
    2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
    2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
    2015-01-30 17:49 - 2015-01-30 17:49 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2015-01-30 17:49 - 2015-01-30 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-01-30 15:11 - 2015-01-30 15:11 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\Users\Smith\AppData\Roaming\AVAST Software
    2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-01-30 15:10 - 2015-01-30 15:11 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2015-01-30 15:09 - 2015-01-30 15:10 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
    2015-01-30 15:09 - 2015-01-30 15:10 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2015-01-30 15:09 - 2015-01-30 15:09 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
    2015-01-30 15:09 - 2015-01-30 15:09 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
    2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Users\Smith\AppData\Local\Google
    2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-01-30 15:07 - 2015-01-30 15:07 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-01-30 15:06 - 2015-01-30 15:07 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-01-30 15:06 - 2015-01-30 15:06 - 04864952 _____ (AVAST Software) C:\Users\Smith\Downloads\avast_free_antivirus_setup_online.exe
    2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ () C:\WINDOWS\system32\Drivers\rtlh64.sys
    2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ () C:\WINDOWS\system32\RtNicProp64.dll
    2015-01-16 11:00 - 2015-01-16 11:00 - 00000000 ____D () C:\Users\Smith\AppData\Local\{EBCEFE63-8695-472F-910A-57A763F4788B}
    2015-01-13 14:55 - 2015-01-24 15:55 - 04070576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2015-01-13 14:18 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-01-13 14:17 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2015-01-13 14:17 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
    2015-01-13 14:17 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2015-01-13 14:17 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
    2015-01-13 14:17 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2015-01-13 14:17 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2015-01-13 14:17 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-01-13 14:17 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2015-01-13 14:17 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-01-13 14:17 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2015-01-13 14:17 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2015-01-13 14:17 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2015-01-13 14:17 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-01-13 14:17 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2015-01-13 14:17 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2015-01-13 14:17 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2015-01-13 14:17 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2015-01-13 14:17 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2015-01-13 14:17 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-01-13 14:17 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2015-01-13 14:17 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2015-01-13 14:17 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2015-01-13 14:17 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
    2015-01-13 14:17 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-01-13 14:17 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
    2015-01-10 18:33 - 2015-01-10 18:33 - 00002501 _____ () C:\Users\Smith\Downloads\desc (2).m3u8
    2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc.m3u8
    2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc (1).m3u8
    2015-01-07 17:37 - 2015-01-08 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
    2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Users\Smith\AppData\Local\speed browser
    2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Program Files (x86)\speed browser
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-02-01 14:49 - 2014-01-23 16:13 - 01409966 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-02-01 14:49 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2015-01-31 21:55 - 2014-12-25 12:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-01-31 21:51 - 2013-03-11 15:54 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{297DE414-B35A-421D-AFC3-F9C6CE882328}
    2015-01-31 20:22 - 2014-12-25 16:40 - 00000000 ____D () C:\Users\Smith\AppData\Local\DesktopTemperature
    2015-01-31 20:07 - 2013-03-11 16:01 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3284848147-45456043-49688854-1002
    2015-01-31 20:03 - 2013-08-15 16:22 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-01-31 20:00 - 2013-08-22 09:46 - 00302176 _____ () C:\WINDOWS\setupact.log
    2015-01-31 20:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-01-31 19:59 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
    2015-01-31 19:48 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2015-01-31 19:28 - 2013-11-14 02:28 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-01-30 22:28 - 2014-01-23 15:50 - 00000000 ____D () C:\Users\Smith
    2015-01-30 22:06 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
    2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
    2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
    2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
    2015-01-30 22:01 - 2014-03-08 20:54 - 00000000 ____D () C:\WINDOWS\Minidump
    2015-01-30 22:00 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
    2015-01-30 21:59 - 2013-04-03 10:13 - 957826971 _____ () C:\WINDOWS\MEMORY.DMP
    2015-01-30 20:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2015-01-30 20:01 - 2014-12-25 21:07 - 00000000 ____D () C:\Users\Smith\AppData\Local\CrashDumps
    2015-01-30 19:49 - 2013-11-14 02:20 - 00069900 _____ () C:\WINDOWS\PFRO.log
    2015-01-30 19:42 - 2013-03-11 15:52 - 00000000 ____D () C:\Users\Smith\AppData\Local\VirtualStore
    2015-01-30 18:03 - 2013-03-28 18:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-01-30 18:02 - 2014-08-10 17:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2015-01-30 17:49 - 2013-03-13 14:38 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-01-30 16:50 - 2014-12-24 16:23 - 00000000 ____D () C:\Users\Smith\AppData\Local\ConvertAd
    2015-01-30 16:47 - 2014-12-25 17:22 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job
    2015-01-30 16:47 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2015-01-30 15:19 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\RGMService
    2015-01-30 02:05 - 2014-11-29 11:01 - 00000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG
    2015-01-28 08:51 - 2014-12-25 17:22 - 00003156 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForSmith
    2015-01-24 15:55 - 2014-12-25 12:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-01-24 15:20 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-01-24 15:20 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-23 14:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2015-01-21 18:10 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Smith\AppData\Local\wincheck
    2015-01-18 16:10 - 2014-11-29 12:51 - 00000000 ____D () C:\Program Files (x86)\LPT
    2015-01-18 16:10 - 2014-11-29 12:50 - 00000000 ____D () C:\Users\Smith\AppData\Local\LPT
    2015-01-18 16:10 - 2014-11-28 17:01 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone
    2015-01-15 14:45 - 2013-08-03 10:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-01-15 14:25 - 2013-03-12 18:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-01-11 17:34 - 2013-02-15 21:31 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
    2015-01-08 13:51 - 2014-01-23 16:21 - 00002348 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-01-08 12:47 - 2013-08-22 08:25 - 00000194 _____ () C:\WINDOWS\win.ini
    2015-01-08 12:35 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\Chrome
    ==================== Files in the root of some directories =======
    2014-11-29 11:01 - 2015-01-30 02:05 - 0000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG
    2014-11-28 17:01 - 2014-11-28 17:01 - 0000064 _____ () C:\Users\Smith\AppData\Local\bb22664f901a5339338d23029cb3f563
    2013-03-13 19:22 - 2013-03-13 19:22 - 0000057 _____ () C:\ProgramData\Ament.ini
    Some content of TEMP:
    ====================
    C:\Users\Smith\AppData\Local\Temp\1ar4mbn-.dll
    C:\Users\Smith\AppData\Local\Temp\5tofxv5e.dll
    C:\Users\Smith\AppData\Local\Temp\77161uninstall.exe
    C:\Users\Smith\AppData\Local\Temp\7q_1gcsb.dll
    C:\Users\Smith\AppData\Local\Temp\bjmmnr8l.dll
    C:\Users\Smith\AppData\Local\Temp\blh_xph-.dll
    C:\Users\Smith\AppData\Local\Temp\e3o4dcu6.dll
    C:\Users\Smith\AppData\Local\Temp\Extract.exe
    C:\Users\Smith\AppData\Local\Temp\g9r9ms-e.dll
    C:\Users\Smith\AppData\Local\Temp\install.exe
    C:\Users\Smith\AppData\Local\Temp\install_temp.exe
    C:\Users\Smith\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Users\Smith\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Users\Smith\AppData\Local\Temp\Kraus.exe
    C:\Users\Smith\AppData\Local\Temp\m8kexy5m.dll
    C:\Users\Smith\AppData\Local\Temp\olbpbp3l.dll
    C:\Users\Smith\AppData\Local\Temp\Package_en_ww.exe
    C:\Users\Smith\AppData\Local\Temp\qogu9vzj.dll
    C:\Users\Smith\AppData\Local\Temp\SP63599.exe
    C:\Users\Smith\AppData\Local\Temp\sp64126.exe
    C:\Users\Smith\AppData\Local\Temp\SP65048.exe
    C:\Users\Smith\AppData\Local\Temp\Sqlite3.dll
    C:\Users\Smith\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Smith\AppData\Local\Temp\szsxqcyx.dll
    C:\Users\Smith\AppData\Local\Temp\tuv4y9e2.dll
    C:\Users\Smith\AppData\Local\Temp\UninstallHPSA.exe
    C:\Users\Smith\AppData\Local\Temp\uop9xxj9.dll
    C:\Users\Smith\AppData\Local\Temp\_od6oytp.dll

    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-12-25 16:16
    ==
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
    Ran by Smith at 2015-02-01 14:51:15
    Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Sophos Anti-Virus (Enabled - Out of date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton AntiVirus (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Norton AntiVirus (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    AS: Sophos Anti-Virus (Enabled - Out of date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
    5 Realms of Cards (HKLM-x32\...\5 Realms of Cards_is1) (Version: 1.0 - Media Contact LLC)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
    Ask Toolbar Updater (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION
    AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Citrix XenApp Web Plugin (HKLM-x32\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
    Common dictionary (HKLM-x32\...\Common dictionary) (Version: 1 - Common dictionary) <==== ATTENTION!
    ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION!
    Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
    CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Desktop Temperature Monitor (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC)
    Download &amp; Install Packages (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Download &amp; Install Packages) (Version: - ) <==== ATTENTION
    Driver Pro v3.2.0.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2.0.2 - PC Utilities Software Limited) <==== ATTENTION
    Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
    Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
    FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Findwide Toolbar (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{727F21DE-FD02-44FE-BFEE-4CA379A41950}) (Version: - Freshy)
    FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Go Gateway - 1 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\ab5e6492a7c4f440) (Version: 3.0.1.2 - Allstate)
    Go Gateway Install (HKLM-x32\...\{C165C324-8139-4FA5-B99B-3321B4F4C918}) (Version: 2.1.1 - Allstate)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.917 - Citrix Online, a division of Citrix Systems, Inc.)
    Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
    HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
    HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
    HP Connected Music (Meridian - player) (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)
    HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)
    HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
    HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
    HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
    HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.257 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
    HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
    HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
    Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION
    Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
    Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Juniper Networks Secure Meeting 7.1.0 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper Secure Meeting 7.1.0) (Version: 7.1.0.20169 - Juniper Networks)
    Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper_Setup_Client) (Version: 7.1.6.17115 - Juniper Networks, Inc.)
    KNCTR (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.)
    LizardSales (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - LizardSales) <==== ATTENTION
    Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mario Forever v 2.16 ! (HKLM-x32\...\Mario Forever v 2.16 !) (Version: - )
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
    Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29034 - Realtek Semiconductor Corp.)
    Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Savifier (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Savifier) (Version: 1 - Savifier.com)
    Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
    ShowPass Smartbar (HKLM-x32\...\{E10AF25A-EB67-4904-9211-DA0CDFE6051C}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION
    ShowPass Smartbar Engine (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{8b6d666e-8bc3-42e1-8b30-921fa628f032}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION
    Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.2.4 - Sophos Limited)
    Sophos AutoUpdate (HKLM-x32\...\{15C418EB-7675-42be-B2B3-281952DA014D}) (Version: 2.9.0.344 - Sophos Limited)
    Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
    speed browser (HKLM-x32\...\speed browser) (Version: 40.0.2214.45 - Smart Applications)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.15.0 - Synaptics Incorporated)
    Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
    Unity Web Player (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin)
    Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
    Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION
    Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Perion)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
    WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION!
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
    ==================== Custom CLSID (selected items): ==========================
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
    CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
    ==================== Restore Points =========================
    14-12-2014 18:54:41 Windows Update
    18-12-2014 13:35:02 Windows Update
    24-12-2014 16:04:04 PerforMax Cleaner
    08-01-2015 12:56:08 PerforMax Cleaner
    08-01-2015 13:01:11 PerforMax Cleaner
    15-01-2015 14:22:29 Windows Update
    27-01-2015 15:56:48 Windows Update
    30-01-2015 15:07:27 avast! antivirus system restore point
    31-01-2015 19:43:34 Windows Modules Installer
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
    ==================== Scheduled Tasks (whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
    Task: {01CD023E-F7B4-4619-8D02-B2A20B18C2D2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
    Task: {031AF880-0B4D-4AD0-9C13-7ED57BA03B37} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
    Task: {119C490E-B4CA-4CA1-959A-0F9613133C2B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
    Task: {18BCBB9D-527C-47E2-97C0-DEED5EEF12C8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
    Task: {195B2A8C-1652-4D2C-B07D-AE0F27329D12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
    Task: {23808472-E472-4786-9420-5719F13AD7C1} - System32\Tasks\TidyNetwork Update => C:\Users\Smith\AppData\Local\TidyNetwork\update.exe
    Task: {3211270E-C710-4179-A426-FE237FC950BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {339F59FB-365D-4D33-A4EB-69C511DEE034} - System32\Tasks\UpdateAdmin => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [2014-10-16] (DownloadAdmin)
    Task: {34A13AC4-B81C-45EF-9C69-F70A554BF093} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
    Task: {36F38DBF-E6D7-4519-A46C-F6807E8A7695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
    Task: {454E553C-52FB-4D63-8728-AE2FBBBA59BB} - System32\Tasks\Check Updates => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe
    Task: {4D2B8F82-EDC1-4042-8A35-DDBB7812C375} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2AJB4H8005KD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {4FF3C4EC-D189-47DA-A8BA-20CEDC9F8741} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe <==== ATTENTION
    Task: {5E636264-7878-40EC-85BB-12ED017EF589} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
    Task: {63E1DCCB-9BBB-4537-9286-1CD3396551CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6563202B-DEC5-48E9-8A51-BDF8C0B8A4E7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {6D2E80B1-F73F-4EC4-A540-83845CEF0745} - System32\Tasks\HPCeeScheduleForSmith => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {7659FA2F-B53F-477B-B732-7EA8285E422F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
    Task: {7D359755-7F74-41EB-A671-B67781AD01EA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
    Task: {7E2B69A3-368D-4976-A291-FCBA922A53C9} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {7FC6C41F-4B98-42B3-9FA0-CCADDE39BBF3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    Task: {7FDC2FDB-2B18-4A3A-AFEC-F6C60292CC3A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-03] (Synaptics Incorporated)
    Task: {955F1A56-D96B-4395-9754-0FAA082132DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {A4BA14A8-26B6-4111-9350-675F7FCA101F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {B0EAA0AA-A598-481D-A293-65A1EB59541B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {BB51CE7A-0D51-4912-A4BD-03B95C6111B1} - System32\Tasks\Validate Installation => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe
    Task: {BCA94F22-D328-446C-A85D-16073460A915} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-30] (AVAST Software)
    Task: {CD44659F-29E0-44AF-A77F-3B3ECD7BEE6C} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {CDFE9302-8314-4EA3-878A-621DEAE1F039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {E0345A8D-3CC4-4AA9-8CC2-727B2C0D60F1} - \GeniusBox No Task File <==== ATTENTION
    Task: {E06C967A-D9B4-49EA-945B-5682AB8B5DE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {FDCCAA07-A0EA-4556-B848-16EA0EF6BF9B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    ==================== Loaded Modules (whitelisted) =============
    2012-08-08 13:36 - 2012-08-08 13:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2014-03-16 11:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-10-27 10:04 - 2014-10-27 10:04 - 00028160 _____ () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe
    2014-12-24 16:23 - 2014-12-24 16:23 - 00143872 _____ () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe
    2012-09-06 04:47 - 2012-09-06 04:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
    2014-11-22 14:19 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2012-10-15 00:08 - 2012-10-15 00:08 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
    2014-12-24 15:13 - 2014-12-24 15:13 - 00528896 _____ () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe
    2012-08-08 13:36 - 2012-08-08 13:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-11-19 17:09 - 2014-11-19 17:09 - 00024080 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe
    2014-11-25 10:48 - 2014-11-25 10:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2015-01-30 15:09 - 2015-01-30 15:09 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013000\algo.dll
    2014-12-16 20:06 - 2014-12-16 20:06 - 00307224 _____ () C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll
    2015-01-31 21:13 - 2015-01-31 21:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013101\algo.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
    2013-03-11 16:15 - 2013-03-11 16:15 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
    2013-03-11 16:15 - 2013-03-11 16:15 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
    2013-03-11 16:15 - 2013-03-11 16:15 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
    2013-03-11 16:15 - 2013-03-11 16:15 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
    2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
    2013-05-08 09:17 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2013-05-08 09:17 - 2013-01-27 09:13 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
    2013-05-08 09:17 - 2012-09-25 03:32 - 01320048 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
    2013-05-08 09:17 - 2013-01-27 09:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00051216 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00086544 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srau.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00166416 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 02506768 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00067600 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\spbl.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00158736 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00014864 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\siem.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00068112 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sppsm.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00697360 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00015376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00079376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00027664 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00071184 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srut.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00030224 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srsbs.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00066064 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00151056 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smti.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00074256 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smsp.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00012304 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sidc.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00031248 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smtu.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00039440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smta.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00031760 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srom.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00048144 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srbu.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00024592 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgml.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00062480 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00025616 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srpdm.dll
    2014-11-19 17:09 - 2014-11-19 17:09 - 00044048 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00035856 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
    2014-11-19 17:10 - 2014-11-19 17:10 - 00193552 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgmu.dll
    2014-05-12 10:21 - 2014-05-12 10:21 - 00061440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
    2014-11-19 17:11 - 2014-11-19 17:11 - 00256016 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srns.dll
    2015-01-30 15:09 - 2015-01-30 15:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-11-19 17:09 - 2014-11-19 17:09 - 00033808 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\lrcnt.dll
    ==================== Alternate Data Streams (whitelisted) =========
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
    ==================== EXE Association (whitelisted) =============
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========
    (Currently there is no automatic fix for this section.)
    HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
    HKLM\...\StartupApproved\Run32: => "AllstateGateway32"
    HKLM\...\StartupApproved\Run32: => "PerforMax Cleaner"
    HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\StartupApproved\Run: => "Itibiti.exe"
    ========================= Accounts: ==========================
    Administrator (S-1-5-21-3284848147-45456043-49688854-500 - Administrator - Disabled)
    Guest (S-1-5-21-3284848147-45456043-49688854-501 - Limited - Disabled)
    Smith (S-1-5-21-3284848147-45456043-49688854-1002 - Administrator - Enabled) => C:\Users\Smith
    SophosSAUEnvy0 (S-1-5-21-3284848147-45456043-49688854-1003 - Limited - Enabled)
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 2028
    Start Time: 01d03dc8633ca6f2
    Termination Time: 155
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 80e7e134-a9c0-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 177c
    Start Time: 01d03dc97d658e0e
    Termination Time: 1770
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 23f523a9-a9bd-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 1f38
    Start Time: 01d03dc68f33fe3b
    Termination Time: 464
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: f9559699-a9b9-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 368
    Start Time: 01d03dc2a6e43697
    Termination Time: 164
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: f45ce8c3-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 17b4
    Start Time: 01d03dc28207b542
    Termination Time: 292
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: e227b6bc-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 1fb4
    Start Time: 01d03dc2691f1d12
    Termination Time: 111
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: bd1cdcfe-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 21e4
    Start Time: 01d03dc2519d34a2
    Termination Time: 3168
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 9dd547db-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 1398
    Start Time: 01d03dc1f809a3cc
    Termination Time: 2140
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 8930a2ae-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 2314
    Start Time: 01d03dc1cd2b0b18
    Termination Time: 31
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 3384ad98-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 1228
    Start Time: 01d03dc193d11d88
    Termination Time: 188
    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Report Id: 074800a2-a9b5-11e4-bf28-082e5f7c147d
    Faulting package full name:
    Faulting package-relative application ID:

    System errors:
    =============
    Error: (01/31/2015 08:08:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    Error: (01/31/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    Error: (01/31/2015 08:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
    %%31
    Error: (01/31/2015 08:00:50 PM) (Source: APXACC) (EventID: 1003) (User: )
    Description: The NDIS6 LWF initialization has failed. (0xC0000001)
    Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
    Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
    Error: (01/30/2015 10:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
    %%31
    Error: (01/30/2015 10:29:45 PM) (Source: APXACC) (EventID: 1003) (User: )
    Description: The NDIS6 LWF initialization has failed. (0xC0000001)
    Error: (01/30/2015 10:28:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Software Protection service hung on starting.
    Error: (01/30/2015 10:27:59 PM) (Source: DCOM) (EventID: 10010) (User: Envy)
    Description: {5C068441-8DC5-4C20-A101-AB9C5B0F7721}

    Microsoft Office Sessions:
    =========================
    Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17416202801d03dc8633ca6f2155C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE80e7e134-a9c0-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17416177c01d03dc97d658e0e1770C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE23f523a9-a9bd-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.174161f3801d03dc68f33fe3b464C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf9559699-a9b9-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.1741636801d03dc2a6e43697164C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf45ce8c3-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.1741617b401d03dc28207b542292C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe227b6bc-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.174161fb401d03dc2691f1d12111C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEbd1cdcfe-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.1741621e401d03dc2519d34a23168C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9dd547db-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17416139801d03dc1f809a3cc2140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8930a2ae-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17416231401d03dc1cd2b0b1831C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3384ad98-a9b5-11e4-bf28-082e5f7c147d
    Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17416122801d03dc193d11d88188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE074800a2-a9b5-11e4-bf28-082e5f7c147d

    ==================== Memory info ===========================
    Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 35%
    Total physical RAM: 5596.26 MB
    Available physical RAM: 3587.97 MB
    Total Pagefile: 11228.26 MB
    Available Pagefile: 8732.49 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.81 MB
    ==================== Drives ================================
    Drive c: () (Fixed) (Total:670.37 GB) (Free:581.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:27.15 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive f: () (Removable) (Total:1.89 GB) (Free:1.85 GB) FAT
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D)
    Partition: GPT Partition Type.
    ========================================================
    Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
    Partition: GPT Partition Type.
    ==================== End Of Log ================
  • I HOPE THESE ARE THE RIGHT REPORTS IF YOU NEED MORE LET ME KNOW I will check back frequently.
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:
  • At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
  • Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
  • If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
  • I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  • Please attach all report using
    fjqb1h.png
    button below. Doing this, you make it easier for me to analyze and fix your problem.

  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay for the repair.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.




warning.gif
Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.



Can you please upload both reports?
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Reports are already saved in .txt format. You just need to upload them.

You can find them on this location --> C:\FRST\Logs
 

tinassmith

New Member
Thread author
Jan 31, 2015
14
here they are.
 

Attachments

  • FRST_01-02-2015_14-52-38.txt
    59.2 KB · Views: 32
  • Addition_01-02-2015_14-52-25.txt
    44.2 KB · Views: 61
  • FRST_01-02-2015_14-52-38.txt
    59.2 KB · Views: 29

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
warning.gif
Multiple Resident Protection warning!

Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:
  • Sophos Anti-Virus
  • Norton AntiVirus
  • avast! Antivirus

Uninstallation procedure:
  • Press the
    WindowsKey.png
    + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for each uninstalled entry, right-click it and select Uninstall.
This should be done until any other steps will be taken.




51a46ae42d560-malwarebytes_anti_malware.png
Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.





adwcleaner_new.png
Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.
  • Right-click on
    adwcleaner_new.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner
 
  • Like
Reactions: yigido

tinassmith

New Member
Thread author
Jan 31, 2015
14
ok I did all the things you recommended, the malware scan found a ton of stuff over 3500 items, I will upload the files, my power went out just as the malware scan finished so it didn't print a scan log how do I get that info for you? The only report it shows is a daily log and its empty. everything it found is quarantined. computer is running much better now.
 

Attachments

  • AdwCleaner[S0].txt
    12.5 KB · Views: 49

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Can you run MalwareBytes scan again?




FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
How is your PC now?


FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
 

tinassmith

New Member
Thread author
Jan 31, 2015
14
heres the second farbar scan my computer is a million times better, Thank you so much.
 

Attachments

  • FRST_03-02-2015_14-08-24.txt
    52.6 KB · Views: 57
  • Addition_03-02-2015_14-08-19.txt
    34.5 KB · Views: 151

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
remove%20outdated.jpg
Uninstall some programs

We need to uninstall some unwanted/unneeded programs.
  • Press the
    WindowsKey.png
    + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time
The list of programs to uninstall:
  • Common dictionary
  • ShowPass Smartbar
  • ShowPass Smartbar Engine
After completing uninstalls, please manually reboot your machine!

Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.





FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

  • fixlist.txt
    5.4 KB · Views: 103

tinassmith

New Member
Thread author
Jan 31, 2015
14
uninstalled common dictionary tried to uninstall smart bar redirected to 298098 msi file is unavailable
 
Last edited:

tinassmith

New Member
Thread author
Jan 31, 2015
14
skipped it, ran farbar with the fixit file. Thanks for all your help and time. I appreciate it.
 

Attachments

  • Fixlog_04-02-2015_16-13-25.txt
    15 KB · Views: 45

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top