- Jan 31, 2015
- 14
- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Smith (administrator) on ENVY on 01-02-2015 14:49:55
Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC
Loaded Profiles: Smith (Available profiles: Smith)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
() C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(Smartbar) C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe
(System Alerts LLC) C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Smith\AppData\Local\wincheck\wincheck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-05-29] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2013-04-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-03-11] (Sophos Limited)
HKLM-x32\...\Run: [AllstateGateway32] => c:\program files (x86)\allstate\go gateway install\gogatewaymove.exe [40624 2009-06-26] (Allstate)
HKLM-x32\...\Run: [AllstateGateway] => c:\program files\allstate\go gateway install\gogatewaymove.exe
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WinCheck] => C:\Users\Smith\AppData\Local\wincheck\wincheck.exe [528896 2014-12-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-03-12] (Hewlett-Packard)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [UpdateAdmin] => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [225552 2014-10-16] (DownloadAdmin)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] ()
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe [28688 2014-11-19] (Smartbar)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs: C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [71680 2014-12-24] ()
Startup: C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3284848147-45456043-49688854-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Search Page =http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0656767C-4B32-44CB-9B4F-FEC3F26E4761} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Toolbar: HKLM - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKLM-x32 - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File
Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258}http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://allstate.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://officespace4r.ra.allstate.com/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Winsock: Catalog9 02 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Winsock: Catalog9 03 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Winsock: Catalog9 04 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Winsock: Catalog9 05 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Winsock: Catalog9 16 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @tnt2npapi.com/Plugin -> C:\Users\Smith\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll No File
FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smith\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: hp.com/HPDetect -> C:\Users\Smith\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
CHR HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [ikifpllgjmnbnanggkjcdlbfghbhblkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2015-01-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-15] (HP)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-28] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-05] (Symantec Corporation)
R2 RGMUpdater; C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2014-03-30] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2014-03-30] (Sophos Limited)
R2 serverca; C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe [143872 2014-12-24] () [File not signed]
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2013-03-11] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-03-11] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2013-03-11] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-09-06] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2878016 2014-03-30] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2014-03-30] (Sophos Limited)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-30] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-25] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141226.001\IDSvia64.sys [637656 2014-12-24] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\ENG64.SYS [129752 2014-12-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\EX64.SYS [2137304 2014-12-25] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2013-05-29] (Realtek Semiconductor Corp.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2013-09-06] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [36640 2013-09-06] (Sophos Limited)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2013-09-06] (Sophos Plc)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S1 wpnfd_1_10_0_2; system32\drivers\wpnfd_1_10_0_2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 21:10 - 2015-02-01 14:49 - 00000000 ____D () C:\FRST
2015-01-31 20:05 - 2015-01-31 20:05 - 00000658 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk
2015-01-31 20:05 - 2014-10-31 05:32 - 00815248 _____ (Microsoft Corporation) C:\Users\Smith\Desktop\iexplore.exe
2015-01-31 19:28 - 2015-01-31 19:29 - 00000000 ____D () C:\ProgramData\ETTB
2015-01-30 22:01 - 2015-01-30 22:02 - 00280800 _____ () C:\WINDOWS\Minidump\013015-186890-01.dmp
2015-01-30 21:54 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-30 21:54 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-30 21:41 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-30 21:41 - 2014-11-17 15:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-30 21:41 - 2014-11-14 01:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-30 21:41 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-30 21:41 - 2014-11-14 01:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-30 21:41 - 2014-11-14 01:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-30 21:41 - 2014-11-14 01:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-30 21:41 - 2014-11-13 23:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-30 21:38 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-30 21:38 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-30 21:38 - 2014-11-14 09:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-30 21:38 - 2014-11-14 02:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-30 21:38 - 2014-11-14 01:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-30 21:38 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-30 21:38 - 2014-11-14 01:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-30 21:38 - 2014-11-14 01:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-30 21:38 - 2014-11-14 01:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-30 21:38 - 2014-11-14 01:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-30 21:38 - 2014-11-14 01:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-30 21:38 - 2014-11-14 00:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-30 21:38 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-30 21:38 - 2014-11-14 00:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-30 21:38 - 2014-11-14 00:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-30 21:38 - 2014-11-14 00:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-30 21:38 - 2014-11-10 19:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-30 21:38 - 2014-11-10 19:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-30 21:38 - 2014-11-10 13:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-30 21:38 - 2014-11-10 13:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-30 21:38 - 2014-11-10 13:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-30 21:38 - 2014-11-10 13:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-30 21:38 - 2014-11-09 21:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-30 21:38 - 2014-11-09 20:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-30 21:38 - 2014-11-09 20:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-30 21:38 - 2014-11-09 20:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-30 21:38 - 2014-11-09 20:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-30 21:38 - 2014-11-09 20:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-30 21:38 - 2014-11-09 20:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-30 21:38 - 2014-11-09 20:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-30 21:38 - 2014-11-09 19:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-30 21:38 - 2014-11-09 19:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-30 21:38 - 2014-11-08 05:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-30 21:38 - 2014-11-08 05:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-30 21:38 - 2014-11-07 23:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-30 21:38 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-30 21:38 - 2014-11-07 22:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-30 21:38 - 2014-11-07 22:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-30 21:38 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-30 21:38 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-30 21:38 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-30 21:38 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-30 21:38 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-30 21:38 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-30 21:38 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-30 21:38 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-30 21:38 - 2014-11-07 21:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-30 21:38 - 2014-11-07 21:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-30 21:38 - 2014-11-07 21:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-30 21:38 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-30 21:38 - 2014-11-07 20:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-30 21:38 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-30 21:38 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-30 21:38 - 2014-11-06 22:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-30 21:38 - 2014-11-06 22:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-30 21:38 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-30 21:38 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-30 21:38 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-30 21:38 - 2014-11-04 20:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-30 21:38 - 2014-11-04 20:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-30 21:38 - 2014-11-04 20:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-30 21:38 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-30 21:38 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-30 21:38 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-30 21:38 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-30 21:38 - 2014-11-04 20:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-30 21:38 - 2014-11-04 20:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-30 21:38 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-30 21:38 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-30 21:38 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-30 21:38 - 2014-11-04 14:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-30 21:38 - 2014-11-04 14:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-30 21:38 - 2014-11-04 01:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-30 21:38 - 2014-11-04 01:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-30 21:38 - 2014-11-04 01:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-30 21:38 - 2014-11-04 01:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-30 21:38 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-30 21:38 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-30 21:38 - 2014-10-30 19:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-30 21:38 - 2014-10-30 19:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-30 21:38 - 2014-10-30 00:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-30 21:38 - 2014-10-30 00:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-30 21:38 - 2014-10-30 00:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-30 21:38 - 2014-10-28 22:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-30 21:38 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-30 21:38 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-30 21:38 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-30 21:38 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-30 21:38 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-30 21:38 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-30 21:38 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-30 21:38 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-30 21:38 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-30 21:38 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-30 21:38 - 2014-10-26 17:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-30 21:38 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-30 21:38 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-30 21:38 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-30 21:38 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-30 21:38 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-30 21:38 - 2014-10-20 19:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-30 21:38 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-30 21:38 - 2014-10-16 23:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-30 21:38 - 2014-10-16 23:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-30 21:38 - 2014-10-16 23:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-30 21:38 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-30 18:10 - 2015-01-30 18:10 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-30 18:05 - 2015-01-30 18:05 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-30 18:05 - 2015-01-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files\iTunes
2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-30 18:03 - 2015-01-30 18:03 - 00000000 ____D () C:\Program Files\iPod
2015-01-30 17:49 - 2015-01-30 17:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-30 17:49 - 2015-01-30 17:49 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-30 17:49 - 2015-01-30 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-30 15:11 - 2015-01-30 15:11 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\Users\Smith\AppData\Roaming\AVAST Software
2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-30 15:10 - 2015-01-30 15:11 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-30 15:09 - 2015-01-30 15:10 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-30 15:09 - 2015-01-30 15:10 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-30 15:09 - 2015-01-30 15:09 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-30 15:09 - 2015-01-30 15:09 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Users\Smith\AppData\Local\Google
2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-30 15:07 - 2015-01-30 15:07 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-30 15:06 - 2015-01-30 15:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-30 15:06 - 2015-01-30 15:06 - 04864952 _____ (AVAST Software) C:\Users\Smith\Downloads\avast_free_antivirus_setup_online.exe
2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ () C:\WINDOWS\system32\Drivers\rtlh64.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ () C:\WINDOWS\system32\RtNicProp64.dll
2015-01-16 11:00 - 2015-01-16 11:00 - 00000000 ____D () C:\Users\Smith\AppData\Local\{EBCEFE63-8695-472F-910A-57A763F4788B}
2015-01-13 14:55 - 2015-01-24 15:55 - 04070576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-01-13 14:18 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-13 14:17 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-13 14:17 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-13 14:17 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-13 14:17 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-13 14:17 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-13 14:17 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-13 14:17 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-13 14:17 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-13 14:17 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 14:17 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-13 14:17 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-13 14:17 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-13 14:17 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-13 14:17 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-13 14:17 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-13 14:17 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-13 14:17 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-13 14:17 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-13 14:17 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-13 14:17 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-13 14:17 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-13 14:17 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-13 14:17 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-13 14:17 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-13 14:17 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-10 18:33 - 2015-01-10 18:33 - 00002501 _____ () C:\Users\Smith\Downloads\desc (2).m3u8
2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc.m3u8
2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc (1).m3u8
2015-01-07 17:37 - 2015-01-08 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Users\Smith\AppData\Local\speed browser
2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Program Files (x86)\speed browser
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-01 14:49 - 2014-01-23 16:13 - 01409966 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-01 14:49 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-31 21:55 - 2014-12-25 12:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-31 21:51 - 2013-03-11 15:54 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{297DE414-B35A-421D-AFC3-F9C6CE882328}
2015-01-31 20:22 - 2014-12-25 16:40 - 00000000 ____D () C:\Users\Smith\AppData\Local\DesktopTemperature
2015-01-31 20:07 - 2013-03-11 16:01 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3284848147-45456043-49688854-1002
2015-01-31 20:03 - 2013-08-15 16:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-31 20:00 - 2013-08-22 09:46 - 00302176 _____ () C:\WINDOWS\setupact.log
2015-01-31 20:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-31 19:59 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-31 19:48 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-31 19:28 - 2013-11-14 02:28 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-30 22:28 - 2014-01-23 15:50 - 00000000 ____D () C:\Users\Smith
2015-01-30 22:06 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-30 22:01 - 2014-03-08 20:54 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-30 22:00 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-30 21:59 - 2013-04-03 10:13 - 957826971 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-30 20:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-30 20:01 - 2014-12-25 21:07 - 00000000 ____D () C:\Users\Smith\AppData\Local\CrashDumps
2015-01-30 19:49 - 2013-11-14 02:20 - 00069900 _____ () C:\WINDOWS\PFRO.log
2015-01-30 19:42 - 2013-03-11 15:52 - 00000000 ____D () C:\Users\Smith\AppData\Local\VirtualStore
2015-01-30 18:03 - 2013-03-28 18:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-30 18:02 - 2014-08-10 17:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-30 17:49 - 2013-03-13 14:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-30 16:50 - 2014-12-24 16:23 - 00000000 ____D () C:\Users\Smith\AppData\Local\ConvertAd
2015-01-30 16:47 - 2014-12-25 17:22 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job
2015-01-30 16:47 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-30 15:19 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\RGMService
2015-01-30 02:05 - 2014-11-29 11:01 - 00000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG
2015-01-28 08:51 - 2014-12-25 17:22 - 00003156 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForSmith
2015-01-24 15:55 - 2014-12-25 12:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-24 15:20 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 15:20 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 14:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-21 18:10 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Smith\AppData\Local\wincheck
2015-01-18 16:10 - 2014-11-29 12:51 - 00000000 ____D () C:\Program Files (x86)\LPT
2015-01-18 16:10 - 2014-11-29 12:50 - 00000000 ____D () C:\Users\Smith\AppData\Local\LPT
2015-01-18 16:10 - 2014-11-28 17:01 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone
2015-01-15 14:45 - 2013-08-03 10:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 14:25 - 2013-03-12 18:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-11 17:34 - 2013-02-15 21:31 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
2015-01-08 13:51 - 2014-01-23 16:21 - 00002348 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-08 12:47 - 2013-08-22 08:25 - 00000194 _____ () C:\WINDOWS\win.ini
2015-01-08 12:35 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\Chrome
==================== Files in the root of some directories =======
2014-11-29 11:01 - 2015-01-30 02:05 - 0000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG
2014-11-28 17:01 - 2014-11-28 17:01 - 0000064 _____ () C:\Users\Smith\AppData\Local\bb22664f901a5339338d23029cb3f563
2013-03-13 19:22 - 2013-03-13 19:22 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Smith\AppData\Local\Temp\1ar4mbn-.dll
C:\Users\Smith\AppData\Local\Temp\5tofxv5e.dll
C:\Users\Smith\AppData\Local\Temp\77161uninstall.exe
C:\Users\Smith\AppData\Local\Temp\7q_1gcsb.dll
C:\Users\Smith\AppData\Local\Temp\bjmmnr8l.dll
C:\Users\Smith\AppData\Local\Temp\blh_xph-.dll
C:\Users\Smith\AppData\Local\Temp\e3o4dcu6.dll
C:\Users\Smith\AppData\Local\Temp\Extract.exe
C:\Users\Smith\AppData\Local\Temp\g9r9ms-e.dll
C:\Users\Smith\AppData\Local\Temp\install.exe
C:\Users\Smith\AppData\Local\Temp\install_temp.exe
C:\Users\Smith\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Smith\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Smith\AppData\Local\Temp\Kraus.exe
C:\Users\Smith\AppData\Local\Temp\m8kexy5m.dll
C:\Users\Smith\AppData\Local\Temp\olbpbp3l.dll
C:\Users\Smith\AppData\Local\Temp\Package_en_ww.exe
C:\Users\Smith\AppData\Local\Temp\qogu9vzj.dll
C:\Users\Smith\AppData\Local\Temp\SP63599.exe
C:\Users\Smith\AppData\Local\Temp\sp64126.exe
C:\Users\Smith\AppData\Local\Temp\SP65048.exe
C:\Users\Smith\AppData\Local\Temp\Sqlite3.dll
C:\Users\Smith\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Smith\AppData\Local\Temp\szsxqcyx.dll
C:\Users\Smith\AppData\Local\Temp\tuv4y9e2.dll
C:\Users\Smith\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Smith\AppData\Local\Temp\uop9xxj9.dll
C:\Users\Smith\AppData\Local\Temp\_od6oytp.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 16:16
==
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Smith at 2015-02-01 14:51:15
Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Enabled - Out of date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Norton AntiVirus (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Sophos Anti-Virus (Enabled - Out of date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
5 Realms of Cards (HKLM-x32\...\5 Realms of Cards_is1) (Version: 1.0 - Media Contact LLC)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix XenApp Web Plugin (HKLM-x32\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
Common dictionary (HKLM-x32\...\Common dictionary) (Version: 1 - Common dictionary) <==== ATTENTION!
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION!
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Temperature Monitor (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC)
Download & Install Packages (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Download & Install Packages) (Version: - ) <==== ATTENTION
Driver Pro v3.2.0.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2.0.2 - PC Utilities Software Limited) <==== ATTENTION
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Findwide Toolbar (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{727F21DE-FD02-44FE-BFEE-4CA379A41950}) (Version: - Freshy)
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Go Gateway - 1 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\ab5e6492a7c4f440) (Version: 3.0.1.2 - Allstate)
Go Gateway Install (HKLM-x32\...\{C165C324-8139-4FA5-B99B-3321B4F4C918}) (Version: 2.1.1 - Allstate)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.917 - Citrix Online, a division of Citrix Systems, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.257 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juniper Networks Secure Meeting 7.1.0 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper Secure Meeting 7.1.0) (Version: 7.1.0.20169 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper_Setup_Client) (Version: 7.1.6.17115 - Juniper Networks, Inc.)
KNCTR (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.)
LizardSales (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - LizardSales) <==== ATTENTION
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mario Forever v 2.16 ! (HKLM-x32\...\Mario Forever v 2.16 !) (Version: - )
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29034 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Savifier (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Savifier) (Version: 1 - Savifier.com)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
ShowPass Smartbar (HKLM-x32\...\{E10AF25A-EB67-4904-9211-DA0CDFE6051C}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION
ShowPass Smartbar Engine (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{8b6d666e-8bc3-42e1-8b30-921fa628f032}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION
Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.2.4 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{15C418EB-7675-42be-B2B3-281952DA014D}) (Version: 2.9.0.344 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
speed browser (HKLM-x32\...\speed browser) (Version: 40.0.2214.45 - Smart Applications)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.15.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin)
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION
Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Perion)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION!
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
14-12-2014 18:54:41 Windows Update
18-12-2014 13:35:02 Windows Update
24-12-2014 16:04:04 PerforMax Cleaner
08-01-2015 12:56:08 PerforMax Cleaner
08-01-2015 13:01:11 PerforMax Cleaner
15-01-2015 14:22:29 Windows Update
27-01-2015 15:56:48 Windows Update
30-01-2015 15:07:27 avast! antivirus system restore point
31-01-2015 19:43:34 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01CD023E-F7B4-4619-8D02-B2A20B18C2D2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {031AF880-0B4D-4AD0-9C13-7ED57BA03B37} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {119C490E-B4CA-4CA1-959A-0F9613133C2B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {18BCBB9D-527C-47E2-97C0-DEED5EEF12C8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {195B2A8C-1652-4D2C-B07D-AE0F27329D12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {23808472-E472-4786-9420-5719F13AD7C1} - System32\Tasks\TidyNetwork Update => C:\Users\Smith\AppData\Local\TidyNetwork\update.exe
Task: {3211270E-C710-4179-A426-FE237FC950BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {339F59FB-365D-4D33-A4EB-69C511DEE034} - System32\Tasks\UpdateAdmin => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [2014-10-16] (DownloadAdmin)
Task: {34A13AC4-B81C-45EF-9C69-F70A554BF093} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: {36F38DBF-E6D7-4519-A46C-F6807E8A7695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {454E553C-52FB-4D63-8728-AE2FBBBA59BB} - System32\Tasks\Check Updates => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe
Task: {4D2B8F82-EDC1-4042-8A35-DDBB7812C375} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2AJB4H8005KD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {4FF3C4EC-D189-47DA-A8BA-20CEDC9F8741} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe <==== ATTENTION
Task: {5E636264-7878-40EC-85BB-12ED017EF589} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {63E1DCCB-9BBB-4537-9286-1CD3396551CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6563202B-DEC5-48E9-8A51-BDF8C0B8A4E7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {6D2E80B1-F73F-4EC4-A540-83845CEF0745} - System32\Tasks\HPCeeScheduleForSmith => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7659FA2F-B53F-477B-B732-7EA8285E422F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
Task: {7D359755-7F74-41EB-A671-B67781AD01EA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {7E2B69A3-368D-4976-A291-FCBA922A53C9} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7FC6C41F-4B98-42B3-9FA0-CCADDE39BBF3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {7FDC2FDB-2B18-4A3A-AFEC-F6C60292CC3A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-03] (Synaptics Incorporated)
Task: {955F1A56-D96B-4395-9754-0FAA082132DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A4BA14A8-26B6-4111-9350-675F7FCA101F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {B0EAA0AA-A598-481D-A293-65A1EB59541B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {BB51CE7A-0D51-4912-A4BD-03B95C6111B1} - System32\Tasks\Validate Installation => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe
Task: {BCA94F22-D328-446C-A85D-16073460A915} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-30] (AVAST Software)
Task: {CD44659F-29E0-44AF-A77F-3B3ECD7BEE6C} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CDFE9302-8314-4EA3-878A-621DEAE1F039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E0345A8D-3CC4-4AA9-8CC2-727B2C0D60F1} - \GeniusBox No Task File <==== ATTENTION
Task: {E06C967A-D9B4-49EA-945B-5682AB8B5DE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {FDCCAA07-A0EA-4556-B848-16EA0EF6BF9B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2012-08-08 13:36 - 2012-08-08 13:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-16 11:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-10-27 10:04 - 2014-10-27 10:04 - 00028160 _____ () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe
2014-12-24 16:23 - 2014-12-24 16:23 - 00143872 _____ () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe
2012-09-06 04:47 - 2012-09-06 04:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2014-11-22 14:19 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-10-15 00:08 - 2012-10-15 00:08 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2014-12-24 15:13 - 2014-12-24 15:13 - 00528896 _____ () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe
2012-08-08 13:36 - 2012-08-08 13:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-11-19 17:09 - 2014-11-19 17:09 - 00024080 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-11-25 10:48 - 2014-11-25 10:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-01-30 15:09 - 2015-01-30 15:09 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013000\algo.dll
2014-12-16 20:06 - 2014-12-16 20:06 - 00307224 _____ () C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll
2015-01-31 21:13 - 2015-01-31 21:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013101\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2013-03-11 16:15 - 2013-03-11 16:15 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2013-03-11 16:15 - 2013-03-11 16:15 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2013-03-11 16:15 - 2013-03-11 16:15 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
2013-03-11 16:15 - 2013-03-11 16:15 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2013-05-08 09:17 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-05-08 09:17 - 2013-01-27 09:13 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2013-05-08 09:17 - 2012-09-25 03:32 - 01320048 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
2013-05-08 09:17 - 2013-01-27 09:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00051216 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00086544 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srau.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00166416 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 02506768 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00067600 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\spbl.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00158736 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00014864 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\siem.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00068112 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sppsm.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00697360 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00015376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00079376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00027664 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00071184 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srut.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00030224 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srsbs.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00066064 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00151056 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smti.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00074256 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smsp.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00012304 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sidc.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00031248 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smtu.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00039440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smta.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00031760 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srom.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00048144 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srbu.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00024592 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgml.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00062480 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00025616 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srpdm.dll
2014-11-19 17:09 - 2014-11-19 17:09 - 00044048 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00035856 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-11-19 17:10 - 2014-11-19 17:10 - 00193552 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 10:21 - 2014-05-12 10:21 - 00061440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-11-19 17:11 - 2014-11-19 17:11 - 00256016 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srns.dll
2015-01-30 15:09 - 2015-01-30 15:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-19 17:09 - 2014-11-19 17:09 - 00033808 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\lrcnt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "AllstateGateway32"
HKLM\...\StartupApproved\Run32: => "PerforMax Cleaner"
HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\StartupApproved\Run: => "Itibiti.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-3284848147-45456043-49688854-500 - Administrator - Disabled)
Guest (S-1-5-21-3284848147-45456043-49688854-501 - Limited - Disabled)
Smith (S-1-5-21-3284848147-45456043-49688854-1002 - Administrator - Enabled) => C:\Users\Smith
SophosSAUEnvy0 (S-1-5-21-3284848147-45456043-49688854-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2028
Start Time: 01d03dc8633ca6f2
Termination Time: 155
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 80e7e134-a9c0-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 177c
Start Time: 01d03dc97d658e0e
Termination Time: 1770
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 23f523a9-a9bd-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1f38
Start Time: 01d03dc68f33fe3b
Termination Time: 464
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: f9559699-a9b9-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 368
Start Time: 01d03dc2a6e43697
Termination Time: 164
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: f45ce8c3-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 17b4
Start Time: 01d03dc28207b542
Termination Time: 292
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: e227b6bc-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1fb4
Start Time: 01d03dc2691f1d12
Termination Time: 111
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: bd1cdcfe-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 21e4
Start Time: 01d03dc2519d34a2
Termination Time: 3168
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 9dd547db-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1398
Start Time: 01d03dc1f809a3cc
Termination Time: 2140
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 8930a2ae-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2314
Start Time: 01d03dc1cd2b0b18
Termination Time: 31
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 3384ad98-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1228
Start Time: 01d03dc193d11d88
Termination Time: 188
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 074800a2-a9b5-11e4-bf28-082e5f7c147d
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (01/31/2015 08:08:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (01/31/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (01/31/2015 08:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31
Error: (01/31/2015 08:00:50 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/30/2015 10:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31
Error: (01/30/2015 10:29:45 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (01/30/2015 10:28:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.
Error: (01/30/2015 10:27:59 PM) (Source: DCOM) (EventID: 10010) (User: Envy)
Description: {5C068441-8DC5-4C20-A101-AB9C5B0F7721}
Microsoft Office Sessions:
=========================
Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416202801d03dc8633ca6f2155C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE80e7e134-a9c0-11e4-bf28-082e5f7c147d
Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416177c01d03dc97d658e0e1770C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE23f523a9-a9bd-11e4-bf28-082e5f7c147d
Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174161f3801d03dc68f33fe3b464C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf9559699-a9b9-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1741636801d03dc2a6e43697164C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf45ce8c3-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1741617b401d03dc28207b542292C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe227b6bc-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174161fb401d03dc2691f1d12111C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEbd1cdcfe-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1741621e401d03dc2519d34a23168C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9dd547db-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416139801d03dc1f809a3cc2140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8930a2ae-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416231401d03dc1cd2b0b1831C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3384ad98-a9b5-11e4-bf28-082e5f7c147d
Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416122801d03dc193d11d88188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE074800a2-a9b5-11e4-bf28-082e5f7c147d
==================== Memory info ===========================
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 35%
Total physical RAM: 5596.26 MB
Available physical RAM: 3587.97 MB
Total Pagefile: 11228.26 MB
Available Pagefile: 8732.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:670.37 GB) (Free:581.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:27.15 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:1.89 GB) (Free:1.85 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ================ - I HOPE THESE ARE THE RIGHT REPORTS IF YOU NEED MORE LET ME KNOW I will check back frequently.