Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Chrome malware ( according to staples guy)
Message
<blockquote data-quote="tinassmith" data-source="post: 343272" data-attributes="member: 33768"><p><a href="https://bay179.mail.live.com/m/messages.m/?mid=m7effb734-aa51-11e4-94c5-10604ba0ea80&mts=2015-02-01T20:32:53.770Z&fid=00000000-0000-0000-0000-000000000004&iru=%2fm%2ffolders.m%3ffid%3d00000000-0000-0000-0000-000000000004&nmid=m6d429fe6-a9bf-11e4-9439-10604ba09f00&nmts=2015-02-01T03:07:26.177Z#" target="_blank"><img src="https://a.gfx.ms/is/invis.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /><img src="https://a.gfx.ms/is/invis.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><ul> <li data-xf-list-type="ul"> Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015<br /> Ran by Smith (administrator) on ENVY on 01-02-2015 14:49:55<br /> Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC<br /> Loaded Profiles: Smith (Available profiles: Smith)<br /> Platform: Windows 8.1 (X64) OS Language: English (United States)<br /> Internet Explorer Version 11 (Default browser: IE)<br /> Boot Mode: Normal<br /> Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a><br /> ==================== Processes (Whitelisted) =================<br /> (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)<br /> (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe<br /> (AMD) C:\Windows\System32\atiesrxx.exe<br /> (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe<br /> (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe<br /> (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe<br /> (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe<br /> (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe<br /> (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe<br /> (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe<br /> (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe<br /> (Microsoft Corporation) C:\Windows\System32\dasHost.exe<br /> (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe<br /> (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe<br /> (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe<br /> () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe<br /> () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe<br /> () C:\Windows\System32\valWBFPolicyService.exe<br /> (AMD) C:\Windows\System32\atieclxx.exe<br /> (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe<br /> (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe<br /> (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe<br /> (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe<br /> () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe<br /> (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe<br /> (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe<br /> (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe<br /> (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe<br /> (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe<br /> (Smartbar) C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe<br /> (System Alerts LLC) C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe<br /> (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe<br /> (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe<br /> (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe<br /> (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe<br /> () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe<br /> (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe<br /> (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe<br /> (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe<br /> (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe<br /> (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe<br /> (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe<br /> (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe<br /> (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe<br /> (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe<br /> (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe<br /> (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe<br /> (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe<br /> (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe<br /> (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe<br /> () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe<br /> (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe<br /> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe<br /> (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe<br /> (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe<br /> <br /> ==================== Registry (Whitelisted) ==================<br /> (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)<br /> HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-05-29] (IDT, Inc.)<br /> HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2013-04-03] (Synaptics Incorporated)<br /> HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)<br /> HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)<br /> HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-03-11] (Sophos Limited)<br /> HKLM-x32\...\Run: [AllstateGateway32] => c:\program files (x86)\allstate\go gateway install\gogatewaymove.exe [40624 2009-06-26] (Allstate)<br /> HKLM-x32\...\Run: [AllstateGateway] => c:\program files\allstate\go gateway install\gogatewaymove.exe<br /> HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"<br /> HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)<br /> HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)<br /> HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)<br /> HKLM-x32\...\Run: [] => [X]<br /> HKLM-x32\...\Run: [WinCheck] => C:\Users\Smith\AppData\Local\wincheck\wincheck.exe [528896 2014-12-24] ()<br /> HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-30] (AVAST Software)<br /> HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)<br /> HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)<br /> HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)<br /> HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-03-12] (Hewlett-Packard)<br /> Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [UpdateAdmin] => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [225552 2014-10-16] (DownloadAdmin)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] ()<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe [28688 2014-11-19] (Smartbar)<br /> AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found<br /> AppInit_DLLs: C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [71680 2014-12-24] ()<br /> Startup: C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk<br /> ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)<br /> ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)<br /> GroupPolicy: Group Policy on Chrome detected <======= ATTENTION<br /> CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION<br /> ==================== Internet (Whitelisted) ====================<br /> (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION<br /> HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://g.msn.com/HPNOT13/1" target="_blank">http://g.msn.com/HPNOT13/1</a><br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Search Page =<a href="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms" target="_blank">http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms</a>}<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =<a href="http://www.msn.com/?ocid=iehp" target="_blank">http://www.msn.com/?ocid=iehp</a><br /> SearchScopes: HKLM -> {0656767C-4B32-44CB-9B4F-FEC3F26E4761} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords=%7bsearchTerms" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms</a>}<br /> SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = <a href="http://search.ask.com/web?q=%7bsearchterms%7d&l=dis&o=HPNTDF" target="_blank">http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF</a><br /> SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = <a href="http://search.yahoo.com/search?p=%7bsearchTerms%7d&ei=%7binputEncoding%7d&fr=chr-hp-psg&type=HPNTDF" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF</a><br /> SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = <br /> SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = <a href="http://rover.ebay.com/rover/1/711-154371-11896-2/4" target="_blank">http://rover.ebay.com/rover/1/711-154371-11896-2/4</a> ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}<br /> SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = <br /> SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = <a href="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms" target="_blank">http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms</a>}<br /> SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = <a href="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms" target="_blank">http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms</a>}<br /> SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = <br /> SearchScopes: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = <br /> BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File<br /> BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)<br /> BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)<br /> BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File<br /> BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)<br /> BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)<br /> BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)<br /> BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File<br /> BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)<br /> BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)<br /> BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)<br /> BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File<br /> BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)<br /> BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File<br /> BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)<br /> BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)<br /> Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File<br /> Toolbar: HKLM - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File<br /> Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File<br /> Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)<br /> Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File<br /> Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File<br /> Toolbar: HKLM-x32 - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File<br /> Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File<br /> Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)<br /> Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File<br /> Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)<br /> DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258}<a href="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab" target="_blank">http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab</a><br /> DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} <a href="https://allstate.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc.cab" target="_blank">https://allstate.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc.cab</a><br /> DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} <a href="https://officespace4r.ra.allstate.com/dana-cached/sc/JuniperSetupClient.cab" target="_blank">https://officespace4r.ra.allstate.com/dana-cached/sc/JuniperSetupClient.cab</a><br /> Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)<br /> Winsock: Catalog9 01 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Winsock: Catalog9 02 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Winsock: Catalog9 03 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Winsock: Catalog9 04 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Winsock: Catalog9 05 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Winsock: Catalog9 16 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] ()<br /> Tcpip\Parameters: [DhcpNameServer] 192.168.1.1<br /> FireFox:<br /> ========<br /> FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()<br /> FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)<br /> FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()<br /> FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)<br /> FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()<br /> FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)<br /> FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)<br /> FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)<br /> FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)<br /> FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)<br /> FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)<br /> FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)<br /> FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File<br /> FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File<br /> FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()<br /> FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)<br /> FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @tnt2npapi.com/Plugin -> C:\Users\Smith\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll No File<br /> FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smith\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)<br /> FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: hp.com/HPDetect -> C:\Users\Smith\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\confmgr.dll ()<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\npicaN.dll ()<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)<br /> FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)<br /> FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF<br /> FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-12-25]<br /> FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn<br /> FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-01-31]<br /> FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:wrc@avast.com">wrc@avast.com</a>] - C:\Program Files\AVAST Software\Avast\WebRep\FF<br /> FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30]<br /> Chrome: <br /> =======<br /> CHR dev: Chrome dev build detected! <======= ATTENTION<br /> CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path<br /> CHR HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path<br /> CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path<br /> CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - No Path<br /> CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]<br /> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]<br /> CHR HKLM-x32\...\Chrome\Extension: [ikifpllgjmnbnanggkjcdlbfghbhblkk] - No Path<br /> CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27]<br /> CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2015-01-08]<br /> ==================== Services (Whitelisted) =================<br /> (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)<br /> R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]<br /> R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software)<br /> R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)<br /> R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-15] (HP)<br /> R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-28] (WildTangent)<br /> R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]<br /> R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)<br /> R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-05] (Symantec Corporation)<br /> R2 RGMUpdater; C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]<br /> R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2014-03-30] (Sophos Limited)<br /> R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2014-03-30] (Sophos Limited)<br /> R2 serverca; C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe [143872 2014-12-24] () [File not signed]<br /> R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2013-03-11] (Sophos Limited)<br /> R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-03-11] (Sophos Limited)<br /> R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2013-03-11] (Sophos Limited)<br /> R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-09-06] (Sophos Limited)<br /> R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2878016 2014-03-30] (Sophos Limited)<br /> S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2014-03-30] (Sophos Limited)<br /> R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)<br /> R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed]<br /> S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)<br /> S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)<br /> S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)<br /> S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]<br /> ==================== Drivers (Whitelisted) ====================<br /> (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)<br /> S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)<br /> R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-30] ()<br /> R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-30] (AVAST Software)<br /> R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-30] (AVAST Software)<br /> R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-30] ()<br /> R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-30] (AVAST Software)<br /> R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-30] (AVAST Software)<br /> R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-30] (AVAST Software)<br /> R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-30] ()<br /> R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)<br /> R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)<br /> R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation)<br /> R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)<br /> R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)<br /> R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)<br /> R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-25] (Symantec Corporation)<br /> R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141226.001\IDSvia64.sys [637656 2014-12-24] (Symantec Corporation)<br /> S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\ENG64.SYS [129752 2014-12-25] (Symantec Corporation)<br /> S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\EX64.SYS [2137304 2014-12-25] (Symantec Corporation)<br /> R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2013-05-29] (Realtek Semiconductor Corp.)<br /> R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2013-09-06] (Sophos Limited)<br /> S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [36640 2013-09-06] (Sophos Limited)<br /> R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)<br /> S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)<br /> S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2013-09-06] (Sophos Plc)<br /> S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)<br /> R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)<br /> R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)<br /> R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)<br /> S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)<br /> R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-25] (Symantec Corporation)<br /> R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)<br /> R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)<br /> S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]<br /> S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)<br /> R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)<br /> S1 wpnfd_1_10_0_2; system32\drivers\wpnfd_1_10_0_2.sys [X]<br /> ==================== NetSvcs (Whitelisted) ===================<br /> (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)<br /> <br /> ==================== One Month Created Files and Folders ========<br /> (If an entry is included in the fixlist, the file\folder will be moved.)<br /> 2015-01-31 21:10 - 2015-02-01 14:49 - 00000000 ____D () C:\FRST<br /> 2015-01-31 20:05 - 2015-01-31 20:05 - 00000658 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk<br /> 2015-01-31 20:05 - 2014-10-31 05:32 - 00815248 _____ (Microsoft Corporation) C:\Users\Smith\Desktop\iexplore.exe<br /> 2015-01-31 19:28 - 2015-01-31 19:29 - 00000000 ____D () C:\ProgramData\ETTB<br /> 2015-01-30 22:01 - 2015-01-30 22:02 - 00280800 _____ () C:\WINDOWS\Minidump\013015-186890-01.dmp<br /> 2015-01-30 21:54 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll<br /> 2015-01-30 21:54 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll<br /> 2015-01-30 21:41 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe<br /> 2015-01-30 21:41 - 2014-11-17 15:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe<br /> 2015-01-30 21:41 - 2014-11-14 01:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll<br /> 2015-01-30 21:41 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll<br /> 2015-01-30 21:41 - 2014-11-14 01:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll<br /> 2015-01-30 21:41 - 2014-11-14 01:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll<br /> 2015-01-30 21:41 - 2014-11-14 01:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll<br /> 2015-01-30 21:41 - 2014-11-13 23:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll<br /> 2015-01-30 21:38 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll<br /> 2015-01-30 21:38 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll<br /> 2015-01-30 21:38 - 2014-11-14 09:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe<br /> 2015-01-30 21:38 - 2014-11-14 02:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe<br /> 2015-01-30 21:38 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll<br /> 2015-01-30 21:38 - 2014-11-14 01:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll<br /> 2015-01-30 21:38 - 2014-11-14 00:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe<br /> 2015-01-30 21:38 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll<br /> 2015-01-30 21:38 - 2014-11-14 00:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll<br /> 2015-01-30 21:38 - 2014-11-14 00:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll<br /> 2015-01-30 21:38 - 2014-11-14 00:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll<br /> 2015-01-30 21:38 - 2014-11-10 19:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll<br /> 2015-01-30 21:38 - 2014-11-10 19:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll<br /> 2015-01-30 21:38 - 2014-11-10 13:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys<br /> 2015-01-30 21:38 - 2014-11-10 13:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys<br /> 2015-01-30 21:38 - 2014-11-10 13:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS<br /> 2015-01-30 21:38 - 2014-11-10 13:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys<br /> 2015-01-30 21:38 - 2014-11-09 21:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys<br /> 2015-01-30 21:38 - 2014-11-09 20:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL<br /> 2015-01-30 21:38 - 2014-11-09 20:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL<br /> 2015-01-30 21:38 - 2014-11-09 20:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL<br /> 2015-01-30 21:38 - 2014-11-09 20:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll<br /> 2015-01-30 21:38 - 2014-11-09 20:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL<br /> 2015-01-30 21:38 - 2014-11-09 20:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll<br /> 2015-01-30 21:38 - 2014-11-09 20:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll<br /> 2015-01-30 21:38 - 2014-11-09 19:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll<br /> 2015-01-30 21:38 - 2014-11-09 19:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll<br /> 2015-01-30 21:38 - 2014-11-08 05:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll<br /> 2015-01-30 21:38 - 2014-11-08 05:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll<br /> 2015-01-30 21:38 - 2014-11-07 23:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys<br /> 2015-01-30 21:38 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys<br /> 2015-01-30 21:38 - 2014-11-07 22:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys<br /> 2015-01-30 21:38 - 2014-11-07 22:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys<br /> 2015-01-30 21:38 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp<br /> 2015-01-30 21:38 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll<br /> 2015-01-30 21:38 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll<br /> 2015-01-30 21:38 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll<br /> 2015-01-30 21:38 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp<br /> 2015-01-30 21:38 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll<br /> 2015-01-30 21:38 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll<br /> 2015-01-30 21:38 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll<br /> 2015-01-30 21:38 - 2014-11-07 21:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll<br /> 2015-01-30 21:38 - 2014-11-07 21:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll<br /> 2015-01-30 21:38 - 2014-11-07 21:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll<br /> 2015-01-30 21:38 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll<br /> 2015-01-30 21:38 - 2014-11-07 20:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll<br /> 2015-01-30 21:38 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll<br /> 2015-01-30 21:38 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe<br /> 2015-01-30 21:38 - 2014-11-06 22:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll<br /> 2015-01-30 21:38 - 2014-11-06 22:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll<br /> 2015-01-30 21:38 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL<br /> 2015-01-30 21:38 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL<br /> 2015-01-30 21:38 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL<br /> 2015-01-30 21:38 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL<br /> 2015-01-30 21:38 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll<br /> 2015-01-30 21:38 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll<br /> 2015-01-30 21:38 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys<br /> 2015-01-30 21:38 - 2014-11-04 14:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys<br /> 2015-01-30 21:38 - 2014-11-04 14:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys<br /> 2015-01-30 21:38 - 2014-11-04 01:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys<br /> 2015-01-30 21:38 - 2014-11-04 01:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys<br /> 2015-01-30 21:38 - 2014-11-04 01:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys<br /> 2015-01-30 21:38 - 2014-11-04 01:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys<br /> 2015-01-30 21:38 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe<br /> 2015-01-30 21:38 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe<br /> 2015-01-30 21:38 - 2014-10-30 19:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll<br /> 2015-01-30 21:38 - 2014-10-30 19:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll<br /> 2015-01-30 21:38 - 2014-10-30 00:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe<br /> 2015-01-30 21:38 - 2014-10-30 00:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll<br /> 2015-01-30 21:38 - 2014-10-30 00:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll<br /> 2015-01-30 21:38 - 2014-10-28 22:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys<br /> 2015-01-30 21:38 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll<br /> 2015-01-30 21:38 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe<br /> 2015-01-30 21:38 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll<br /> 2015-01-30 21:38 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe<br /> 2015-01-30 21:38 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe<br /> 2015-01-30 21:38 - 2014-10-26 17:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml<br /> 2015-01-30 21:38 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll<br /> 2015-01-30 21:38 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll<br /> 2015-01-30 21:38 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll<br /> 2015-01-30 21:38 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll<br /> 2015-01-30 21:38 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll<br /> 2015-01-30 21:38 - 2014-10-20 19:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe<br /> 2015-01-30 21:38 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll<br /> 2015-01-30 21:38 - 2014-10-16 23:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys<br /> 2015-01-30 21:38 - 2014-10-16 23:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys<br /> 2015-01-30 21:38 - 2014-10-16 23:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys<br /> 2015-01-30 21:38 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys<br /> 2015-01-30 18:10 - 2015-01-30 18:10 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk<br /> 2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime<br /> 2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime<br /> 2015-01-30 18:05 - 2015-01-30 18:05 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk<br /> 2015-01-30 18:05 - 2015-01-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes<br /> 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7<br /> 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files\iTunes<br /> 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files (x86)\iTunes<br /> 2015-01-30 18:03 - 2015-01-30 18:03 - 00000000 ____D () C:\Program Files\iPod<br /> 2015-01-30 17:49 - 2015-01-30 17:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe<br /> 2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe<br /> 2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe<br /> 2015-01-30 17:49 - 2015-01-30 17:49 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll<br /> 2015-01-30 17:49 - 2015-01-30 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java<br /> 2015-01-30 15:11 - 2015-01-30 15:11 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk<br /> 2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\Users\Smith\AppData\Roaming\AVAST Software<br /> 2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software<br /> 2015-01-30 15:10 - 2015-01-30 15:11 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update<br /> 2015-01-30 15:09 - 2015-01-30 15:10 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:10 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Users\Smith\AppData\Local\Google<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Program Files (x86)\Google<br /> 2015-01-30 15:07 - 2015-01-30 15:07 - 00000000 ____D () C:\Program Files\AVAST Software<br /> 2015-01-30 15:06 - 2015-01-30 15:07 - 00000000 ____D () C:\ProgramData\AVAST Software<br /> 2015-01-30 15:06 - 2015-01-30 15:06 - 04864952 _____ (AVAST Software) C:\Users\Smith\Downloads\avast_free_antivirus_setup_online.exe<br /> 2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ () C:\WINDOWS\system32\Drivers\rtlh64.sys<br /> 2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ () C:\WINDOWS\system32\RtNicProp64.dll<br /> 2015-01-16 11:00 - 2015-01-16 11:00 - 00000000 ____D () C:\Users\Smith\AppData\Local\{EBCEFE63-8695-472F-910A-57A763F4788B}<br /> 2015-01-13 14:55 - 2015-01-24 15:55 - 04070576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe<br /> 2015-01-13 14:18 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll<br /> 2015-01-13 14:17 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys<br /> 2015-01-13 14:17 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe<br /> 2015-01-13 14:17 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe<br /> 2015-01-13 14:17 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe<br /> 2015-01-13 14:17 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll<br /> 2015-01-13 14:17 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll<br /> 2015-01-13 14:17 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll<br /> 2015-01-13 14:17 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe<br /> 2015-01-13 14:17 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe<br /> 2015-01-13 14:17 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll<br /> 2015-01-13 14:17 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll<br /> 2015-01-13 14:17 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll<br /> 2015-01-13 14:17 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe<br /> 2015-01-13 14:17 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe<br /> 2015-01-13 14:17 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe<br /> 2015-01-13 14:17 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll<br /> 2015-01-13 14:17 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll<br /> 2015-01-13 14:17 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll<br /> 2015-01-13 14:17 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll<br /> 2015-01-13 14:17 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll<br /> 2015-01-13 14:17 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll<br /> 2015-01-13 14:17 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll<br /> 2015-01-13 14:17 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll<br /> 2015-01-10 18:33 - 2015-01-10 18:33 - 00002501 _____ () C:\Users\Smith\Downloads\desc (2).m3u8<br /> 2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc.m3u8<br /> 2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc (1).m3u8<br /> 2015-01-07 17:37 - 2015-01-08 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser<br /> 2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Users\Smith\AppData\Local\speed browser<br /> 2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Program Files (x86)\speed browser<br /> ==================== One Month Modified Files and Folders =======<br /> (If an entry is included in the fixlist, the file\folder will be moved.)<br /> 2015-02-01 14:49 - 2014-01-23 16:13 - 01409966 _____ () C:\WINDOWS\WindowsUpdate.log<br /> 2015-02-01 14:49 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru<br /> 2015-01-31 21:55 - 2014-12-25 12:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job<br /> 2015-01-31 21:51 - 2013-03-11 15:54 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{297DE414-B35A-421D-AFC3-F9C6CE882328}<br /> 2015-01-31 20:22 - 2014-12-25 16:40 - 00000000 ____D () C:\Users\Smith\AppData\Local\DesktopTemperature<br /> 2015-01-31 20:07 - 2013-03-11 16:01 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3284848147-45456043-49688854-1002<br /> 2015-01-31 20:03 - 2013-08-15 16:22 - 00000000 ____D () C:\Program Files (x86)\Steam<br /> 2015-01-31 20:00 - 2013-08-22 09:46 - 00302176 _____ () C:\WINDOWS\setupact.log<br /> 2015-01-31 20:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT<br /> 2015-01-31 19:59 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI<br /> 2015-01-31 19:48 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp<br /> 2015-01-31 19:28 - 2013-11-14 02:28 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI<br /> 2015-01-30 22:28 - 2014-01-23 15:50 - 00000000 ____D () C:\Users\Smith<br /> 2015-01-30 22:06 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData<br /> 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup<br /> 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv<br /> 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup<br /> 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv<br /> 2015-01-30 22:01 - 2014-03-08 20:54 - 00000000 ____D () C:\WINDOWS\Minidump<br /> 2015-01-30 22:00 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel<br /> 2015-01-30 21:59 - 2013-04-03 10:13 - 957826971 _____ () C:\WINDOWS\MEMORY.DMP<br /> 2015-01-30 20:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF<br /> 2015-01-30 20:01 - 2014-12-25 21:07 - 00000000 ____D () C:\Users\Smith\AppData\Local\CrashDumps<br /> 2015-01-30 19:49 - 2013-11-14 02:20 - 00069900 _____ () C:\WINDOWS\PFRO.log<br /> 2015-01-30 19:42 - 2013-03-11 15:52 - 00000000 ____D () C:\Users\Smith\AppData\Local\VirtualStore<br /> 2015-01-30 18:03 - 2013-03-28 18:54 - 00000000 ____D () C:\Program Files\Common Files\Apple<br /> 2015-01-30 18:02 - 2014-08-10 17:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69<br /> 2015-01-30 17:49 - 2013-03-13 14:38 - 00000000 ____D () C:\Program Files (x86)\Java<br /> 2015-01-30 16:50 - 2014-12-24 16:23 - 00000000 ____D () C:\Users\Smith\AppData\Local\ConvertAd<br /> 2015-01-30 16:47 - 2014-12-25 17:22 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job<br /> 2015-01-30 16:47 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM<br /> 2015-01-30 15:19 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\RGMService<br /> 2015-01-30 02:05 - 2014-11-29 11:01 - 00000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG<br /> 2015-01-28 08:51 - 2014-12-25 17:22 - 00003156 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForSmith<br /> 2015-01-24 15:55 - 2014-12-25 12:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater<br /> 2015-01-24 15:20 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe<br /> 2015-01-24 15:20 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl<br /> 2015-01-23 14:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness<br /> 2015-01-21 18:10 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Smith\AppData\Local\wincheck<br /> 2015-01-18 16:10 - 2014-11-29 12:51 - 00000000 ____D () C:\Program Files (x86)\LPT<br /> 2015-01-18 16:10 - 2014-11-29 12:50 - 00000000 ____D () C:\Users\Smith\AppData\Local\LPT<br /> 2015-01-18 16:10 - 2014-11-28 17:01 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone<br /> 2015-01-15 14:45 - 2013-08-03 10:42 - 00000000 ____D () C:\WINDOWS\system32\MRT<br /> 2015-01-15 14:25 - 2013-03-12 18:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe<br /> 2015-01-11 17:34 - 2013-02-15 21:31 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass<br /> 2015-01-08 13:51 - 2014-01-23 16:21 - 00002348 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk<br /> 2015-01-08 12:47 - 2013-08-22 08:25 - 00000194 _____ () C:\WINDOWS\win.ini<br /> 2015-01-08 12:35 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\Chrome<br /> ==================== Files in the root of some directories =======<br /> 2014-11-29 11:01 - 2015-01-30 02:05 - 0000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG<br /> 2014-11-28 17:01 - 2014-11-28 17:01 - 0000064 _____ () C:\Users\Smith\AppData\Local\bb22664f901a5339338d23029cb3f563<br /> 2013-03-13 19:22 - 2013-03-13 19:22 - 0000057 _____ () C:\ProgramData\Ament.ini<br /> Some content of TEMP:<br /> ====================<br /> C:\Users\Smith\AppData\Local\Temp\1ar4mbn-.dll<br /> C:\Users\Smith\AppData\Local\Temp\5tofxv5e.dll<br /> C:\Users\Smith\AppData\Local\Temp\77161uninstall.exe<br /> C:\Users\Smith\AppData\Local\Temp\7q_1gcsb.dll<br /> C:\Users\Smith\AppData\Local\Temp\bjmmnr8l.dll<br /> C:\Users\Smith\AppData\Local\Temp\blh_xph-.dll<br /> C:\Users\Smith\AppData\Local\Temp\e3o4dcu6.dll<br /> C:\Users\Smith\AppData\Local\Temp\Extract.exe<br /> C:\Users\Smith\AppData\Local\Temp\g9r9ms-e.dll<br /> C:\Users\Smith\AppData\Local\Temp\install.exe<br /> C:\Users\Smith\AppData\Local\Temp\install_temp.exe<br /> C:\Users\Smith\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe<br /> C:\Users\Smith\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe<br /> C:\Users\Smith\AppData\Local\Temp\Kraus.exe<br /> C:\Users\Smith\AppData\Local\Temp\m8kexy5m.dll<br /> C:\Users\Smith\AppData\Local\Temp\olbpbp3l.dll<br /> C:\Users\Smith\AppData\Local\Temp\Package_en_ww.exe<br /> C:\Users\Smith\AppData\Local\Temp\qogu9vzj.dll<br /> C:\Users\Smith\AppData\Local\Temp\SP63599.exe<br /> C:\Users\Smith\AppData\Local\Temp\sp64126.exe<br /> C:\Users\Smith\AppData\Local\Temp\SP65048.exe<br /> C:\Users\Smith\AppData\Local\Temp\Sqlite3.dll<br /> C:\Users\Smith\AppData\Local\Temp\System.Data.SQLite.dll<br /> C:\Users\Smith\AppData\Local\Temp\szsxqcyx.dll<br /> C:\Users\Smith\AppData\Local\Temp\tuv4y9e2.dll<br /> C:\Users\Smith\AppData\Local\Temp\UninstallHPSA.exe<br /> C:\Users\Smith\AppData\Local\Temp\uop9xxj9.dll<br /> C:\Users\Smith\AppData\Local\Temp\_od6oytp.dll<br /> <br /> ==================== Bamital & volsnap Check =================<br /> (There is no automatic fix for files that do not pass verification.)<br /> C:\Windows\System32\winlogon.exe => File is digitally signed<br /> C:\Windows\System32\wininit.exe => File is digitally signed<br /> C:\Windows\explorer.exe => File is digitally signed<br /> C:\Windows\SysWOW64\explorer.exe => File is digitally signed<br /> C:\Windows\System32\svchost.exe => File is digitally signed<br /> C:\Windows\SysWOW64\svchost.exe => File is digitally signed<br /> C:\Windows\System32\services.exe => File is digitally signed<br /> C:\Windows\System32\User32.dll => File is digitally signed<br /> C:\Windows\SysWOW64\User32.dll => File is digitally signed<br /> C:\Windows\System32\userinit.exe => File is digitally signed<br /> C:\Windows\SysWOW64\userinit.exe => File is digitally signed<br /> C:\Windows\System32\rpcss.dll => File is digitally signed<br /> C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed<br /> <br /> LastRegBack: 2014-12-25 16:16<br /> ==<br /> Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015<br /> Ran by Smith at 2015-02-01 14:51:15<br /> Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC<br /> Boot Mode: Normal<br /> ==========================================================<br /> <br /> ==================== Security Center ========================<br /> (If an entry is included in the fixlist, it will be removed.)<br /> AV: Sophos Anti-Virus (Enabled - Out of date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}<br /> AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}<br /> AV: Norton AntiVirus (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}<br /> AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}<br /> AS: Norton AntiVirus (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}<br /> AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}<br /> AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}<br /> AS: Sophos Anti-Virus (Enabled - Out of date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}<br /> ==================== Installed Programs ======================<br /> (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)<br /> 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> 5 Realms of Cards (HKLM-x32\...\5 Realms of Cards_is1) (Version: 1.0 - Media Contact LLC)<br /> Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)<br /> Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)<br /> Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)<br /> AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)<br /> AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)<br /> Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)<br /> Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)<br /> Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)<br /> Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION<br /> Ask Toolbar Updater (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION<br /> AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden<br /> Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)<br /> Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)<br /> Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden<br /> Citrix XenApp Web Plugin (HKLM-x32\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)<br /> Common dictionary (HKLM-x32\...\Common dictionary) (Version: 1 - Common dictionary) <==== ATTENTION!<br /> ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION!<br /> Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)<br /> CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)<br /> CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)<br /> CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)<br /> CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)<br /> CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)<br /> CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)<br /> D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden<br /> Desktop Temperature Monitor (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC)<br /> Download &amp; Install Packages (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Download &amp; Install Packages) (Version: - ) <==== ATTENTION<br /> Driver Pro v3.2.0.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2.0.2 - PC Utilities Software Limited) <==== ATTENTION<br /> Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)<br /> Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden<br /> Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden<br /> Findwide Toolbar (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{727F21DE-FD02-44FE-BFEE-4CA379A41950}) (Version: - Freshy)<br /> FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Go Gateway - 1 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\ab5e6492a7c4f440) (Version: 3.0.1.2 - Allstate)<br /> Go Gateway Install (HKLM-x32\...\{C165C324-8139-4FA5-B99B-3321B4F4C918}) (Version: 2.1.1 - Allstate)<br /> Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)<br /> Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden<br /> Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden<br /> GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.917 - Citrix Online, a division of Citrix Systems, Inc.)<br /> Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden<br /> Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden<br /> Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden<br /> HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)<br /> HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)<br /> HP Connected Music (Meridian - player) (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)<br /> HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)<br /> HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard)<br /> HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)<br /> HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)<br /> HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)<br /> HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)<br /> HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)<br /> HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)<br /> HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)<br /> HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)<br /> HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.257 - Hewlett-Packard)<br /> HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)<br /> HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)<br /> HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)<br /> HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)<br /> HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)<br /> HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)<br /> HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden<br /> HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)<br /> I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)<br /> iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)<br /> IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)<br /> Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION<br /> Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden<br /> iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)<br /> Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)<br /> Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden<br /> Juniper Networks Secure Meeting 7.1.0 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper Secure Meeting 7.1.0) (Version: 7.1.0.20169 - Juniper Networks)<br /> Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper_Setup_Client) (Version: 7.1.6.17115 - Juniper Networks, Inc.)<br /> KNCTR (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.)<br /> LizardSales (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - LizardSales) <==== ATTENTION<br /> Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Mario Forever v 2.16 ! (HKLM-x32\...\Mario Forever v 2.16 !) (Version: - )<br /> Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)<br /> Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)<br /> Microsoft SkyDrive (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)<br /> Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)<br /> Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)<br /> Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)<br /> Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)<br /> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)<br /> Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)<br /> Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)<br /> Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)<br /> Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)<br /> Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden<br /> Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden<br /> Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden<br /> Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden<br /> Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)<br /> QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)<br /> Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)<br /> Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29034 - Realtek Semiconductor Corp.)<br /> Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)<br /> Savifier (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Savifier) (Version: 1 - Savifier.com)<br /> Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)<br /> ShowPass Smartbar (HKLM-x32\...\{E10AF25A-EB67-4904-9211-DA0CDFE6051C}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION<br /> ShowPass Smartbar Engine (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{8b6d666e-8bc3-42e1-8b30-921fa628f032}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION<br /> Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.2.4 - Sophos Limited)<br /> Sophos AutoUpdate (HKLM-x32\...\{15C418EB-7675-42be-B2B3-281952DA014D}) (Version: 2.9.0.344 - Sophos Limited)<br /> Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)<br /> speed browser (HKLM-x32\...\speed browser) (Version: 40.0.2214.45 - Smart Applications)<br /> Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)<br /> swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden<br /> Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.15.0 - Synaptics Incorporated)<br /> Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden<br /> Unity Web Player (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)<br /> Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden<br /> UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin)<br /> Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)<br /> Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION<br /> Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Perion)<br /> WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)<br /> WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden<br /> WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!<br /> Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)<br /> WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION!<br /> Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden<br /> ==================== Custom CLSID (selected items): ==========================<br /> (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)<br /> CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)<br /> CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)<br /> CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)<br /> CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)<br /> ==================== Restore Points =========================<br /> 14-12-2014 18:54:41 Windows Update<br /> 18-12-2014 13:35:02 Windows Update<br /> 24-12-2014 16:04:04 PerforMax Cleaner<br /> 08-01-2015 12:56:08 PerforMax Cleaner<br /> 08-01-2015 13:01:11 PerforMax Cleaner<br /> 15-01-2015 14:22:29 Windows Update<br /> 27-01-2015 15:56:48 Windows Update<br /> 30-01-2015 15:07:27 avast! antivirus system restore point<br /> 31-01-2015 19:43:34 Windows Modules Installer<br /> ==================== Hosts content: ==========================<br /> (If needed Hosts: directive could be included in the fixlist to reset Hosts.)<br /> 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts<br /> ==================== Scheduled Tasks (whitelisted) =============<br /> (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)<br /> Task: {01CD023E-F7B4-4619-8D02-B2A20B18C2D2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)<br /> Task: {031AF880-0B4D-4AD0-9C13-7ED57BA03B37} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)<br /> Task: {119C490E-B4CA-4CA1-959A-0F9613133C2B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)<br /> Task: {18BCBB9D-527C-47E2-97C0-DEED5EEF12C8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)<br /> Task: {195B2A8C-1652-4D2C-B07D-AE0F27329D12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)<br /> Task: {23808472-E472-4786-9420-5719F13AD7C1} - System32\Tasks\TidyNetwork Update => C:\Users\Smith\AppData\Local\TidyNetwork\update.exe<br /> Task: {3211270E-C710-4179-A426-FE237FC950BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)<br /> Task: {339F59FB-365D-4D33-A4EB-69C511DEE034} - System32\Tasks\UpdateAdmin => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [2014-10-16] (DownloadAdmin)<br /> Task: {34A13AC4-B81C-45EF-9C69-F70A554BF093} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)<br /> Task: {36F38DBF-E6D7-4519-A46C-F6807E8A7695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)<br /> Task: {454E553C-52FB-4D63-8728-AE2FBBBA59BB} - System32\Tasks\Check Updates => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe<br /> Task: {4D2B8F82-EDC1-4042-8A35-DDBB7812C375} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2AJB4H8005KD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)<br /> Task: {4FF3C4EC-D189-47DA-A8BA-20CEDC9F8741} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe <==== ATTENTION<br /> Task: {5E636264-7878-40EC-85BB-12ED017EF589} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)<br /> Task: {63E1DCCB-9BBB-4537-9286-1CD3396551CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)<br /> Task: {6563202B-DEC5-48E9-8A51-BDF8C0B8A4E7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)<br /> Task: {6D2E80B1-F73F-4EC4-A540-83845CEF0745} - System32\Tasks\HPCeeScheduleForSmith => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)<br /> Task: {7659FA2F-B53F-477B-B732-7EA8285E422F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)<br /> Task: {7D359755-7F74-41EB-A671-B67781AD01EA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)<br /> Task: {7E2B69A3-368D-4976-A291-FCBA922A53C9} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)<br /> Task: {7FC6C41F-4B98-42B3-9FA0-CCADDE39BBF3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe<br /> Task: {7FDC2FDB-2B18-4A3A-AFEC-F6C60292CC3A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-03] (Synaptics Incorporated)<br /> Task: {955F1A56-D96B-4395-9754-0FAA082132DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)<br /> Task: {A4BA14A8-26B6-4111-9350-675F7FCA101F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)<br /> Task: {B0EAA0AA-A598-481D-A293-65A1EB59541B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)<br /> Task: {BB51CE7A-0D51-4912-A4BD-03B95C6111B1} - System32\Tasks\Validate Installation => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe<br /> Task: {BCA94F22-D328-446C-A85D-16073460A915} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-30] (AVAST Software)<br /> Task: {CD44659F-29E0-44AF-A77F-3B3ECD7BEE6C} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)<br /> Task: {CDFE9302-8314-4EA3-878A-621DEAE1F039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)<br /> Task: {E0345A8D-3CC4-4AA9-8CC2-727B2C0D60F1} - \GeniusBox No Task File <==== ATTENTION<br /> Task: {E06C967A-D9B4-49EA-945B-5682AB8B5DE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)<br /> Task: {FDCCAA07-A0EA-4556-B848-16EA0EF6BF9B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION<br /> Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe<br /> Task: C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe<br /> Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe<br /> ==================== Loaded Modules (whitelisted) =============<br /> 2012-08-08 13:36 - 2012-08-08 13:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll<br /> 2014-03-16 11:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll<br /> 2014-10-27 10:04 - 2014-10-27 10:04 - 00028160 _____ () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe<br /> 2014-12-24 16:23 - 2014-12-24 16:23 - 00143872 _____ () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe<br /> 2012-09-06 04:47 - 2012-09-06 04:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe<br /> 2014-11-22 14:19 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll<br /> 2012-10-15 00:08 - 2012-10-15 00:08 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe<br /> 2014-12-24 15:13 - 2014-12-24 15:13 - 00528896 _____ () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe<br /> 2012-08-08 13:36 - 2012-08-08 13:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll<br /> 2014-11-19 17:09 - 2014-11-19 17:09 - 00024080 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe<br /> 2014-11-25 10:48 - 2014-11-25 10:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013000\algo.dll<br /> 2014-12-16 20:06 - 2014-12-16 20:06 - 00307224 _____ () C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll<br /> 2015-01-31 21:13 - 2015-01-31 21:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013101\algo.dll<br /> 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll<br /> 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll<br /> 2013-03-11 16:15 - 2013-03-11 16:15 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll<br /> 2013-03-11 16:15 - 2013-03-11 16:15 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll<br /> 2013-03-11 16:15 - 2013-03-11 16:15 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL<br /> 2013-03-11 16:15 - 2013-03-11 16:15 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll<br /> 2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll<br /> 2013-05-08 09:17 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll<br /> 2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll<br /> 2013-05-08 09:17 - 2013-01-27 09:13 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll<br /> 2013-05-08 09:17 - 2012-09-25 03:32 - 01320048 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll<br /> 2013-05-08 09:17 - 2013-01-27 09:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00051216 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00086544 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srau.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00166416 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 02506768 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00067600 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\spbl.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00158736 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00014864 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\siem.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00068112 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sppsm.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00697360 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00015376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00079376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00027664 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00071184 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srut.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00030224 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srsbs.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00066064 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00151056 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smti.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00074256 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smsp.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00012304 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sidc.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00031248 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smtu.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00039440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smta.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00031760 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srom.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00048144 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srbu.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00024592 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgml.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00062480 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00025616 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srpdm.dll<br /> 2014-11-19 17:09 - 2014-11-19 17:09 - 00044048 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\MACTrackBarLib.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00035856 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll<br /> 2014-11-19 17:10 - 2014-11-19 17:10 - 00193552 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgmu.dll<br /> 2014-05-12 10:21 - 2014-05-12 10:21 - 00061440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll<br /> 2014-11-19 17:11 - 2014-11-19 17:11 - 00256016 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srns.dll<br /> 2015-01-30 15:09 - 2015-01-30 15:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll<br /> 2014-11-19 17:09 - 2014-11-19 17:09 - 00033808 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\lrcnt.dll<br /> ==================== Alternate Data Streams (whitelisted) =========<br /> (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)<br /> <br /> ==================== Safe Mode (whitelisted) ===================<br /> (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)<br /> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"<br /> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"<br /> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"<br /> ==================== EXE Association (whitelisted) =============<br /> (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)<br /> <br /> ==================== MSCONFIG/TASK MANAGER disabled items =========<br /> (Currently there is no automatic fix for this section.)<br /> HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"<br /> HKLM\...\StartupApproved\Run32: => "AllstateGateway32"<br /> HKLM\...\StartupApproved\Run32: => "PerforMax Cleaner"<br /> HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\StartupApproved\Run: => "Itibiti.exe"<br /> ========================= Accounts: ==========================<br /> Administrator (S-1-5-21-3284848147-45456043-49688854-500 - Administrator - Disabled)<br /> Guest (S-1-5-21-3284848147-45456043-49688854-501 - Limited - Disabled)<br /> Smith (S-1-5-21-3284848147-45456043-49688854-1002 - Administrator - Enabled) => C:\Users\Smith<br /> SophosSAUEnvy0 (S-1-5-21-3284848147-45456043-49688854-1003 - Limited - Enabled)<br /> ==================== Faulty Device Manager Devices =============<br /> <br /> ==================== Event log errors: =========================<br /> Application errors:<br /> ==================<br /> Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 2028<br /> Start Time: 01d03dc8633ca6f2<br /> Termination Time: 155<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 80e7e134-a9c0-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 177c<br /> Start Time: 01d03dc97d658e0e<br /> Termination Time: 1770<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 23f523a9-a9bd-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 1f38<br /> Start Time: 01d03dc68f33fe3b<br /> Termination Time: 464<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: f9559699-a9b9-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 368<br /> Start Time: 01d03dc2a6e43697<br /> Termination Time: 164<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: f45ce8c3-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 17b4<br /> Start Time: 01d03dc28207b542<br /> Termination Time: 292<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: e227b6bc-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 1fb4<br /> Start Time: 01d03dc2691f1d12<br /> Termination Time: 111<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: bd1cdcfe-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 21e4<br /> Start Time: 01d03dc2519d34a2<br /> Termination Time: 3168<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 9dd547db-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 1398<br /> Start Time: 01d03dc1f809a3cc<br /> Termination Time: 2140<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 8930a2ae-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 2314<br /> Start Time: 01d03dc1cd2b0b18<br /> Termination Time: 31<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 3384ad98-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.<br /> Process ID: 1228<br /> Start Time: 01d03dc193d11d88<br /> Termination Time: 188<br /> Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE<br /> Report Id: 074800a2-a9b5-11e4-bf28-082e5f7c147d<br /> Faulting package full name: <br /> Faulting package-relative application ID:<br /> <br /> System errors:<br /> =============<br /> Error: (01/31/2015 08:08:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )<br /> Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.<br /> Error: (01/31/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )<br /> Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.<br /> Error: (01/31/2015 08:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )<br /> Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: <br /> %%31<br /> Error: (01/31/2015 08:00:50 PM) (Source: APXACC) (EventID: 1003) (User: )<br /> Description: The NDIS6 LWF initialization has failed. (0xC0000001)<br /> Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)<br /> Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}<br /> Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)<br /> Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}<br /> Error: (01/30/2015 10:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )<br /> Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: <br /> %%31<br /> Error: (01/30/2015 10:29:45 PM) (Source: APXACC) (EventID: 1003) (User: )<br /> Description: The NDIS6 LWF initialization has failed. (0xC0000001)<br /> Error: (01/30/2015 10:28:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )<br /> Description: The Software Protection service hung on starting.<br /> Error: (01/30/2015 10:27:59 PM) (Source: DCOM) (EventID: 10010) (User: Envy)<br /> Description: {5C068441-8DC5-4C20-A101-AB9C5B0F7721}<br /> <br /> Microsoft Office Sessions:<br /> =========================<br /> Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.17416202801d03dc8633ca6f2155C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE80e7e134-a9c0-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.17416177c01d03dc97d658e0e1770C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE23f523a9-a9bd-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.174161f3801d03dc68f33fe3b464C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf9559699-a9b9-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.1741636801d03dc2a6e43697164C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf45ce8c3-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.1741617b401d03dc28207b542292C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe227b6bc-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.174161fb401d03dc2691f1d12111C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEbd1cdcfe-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.1741621e401d03dc2519d34a23168C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9dd547db-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.17416139801d03dc1f809a3cc2140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8930a2ae-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.17416231401d03dc1cd2b0b1831C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3384ad98-a9b5-11e4-bf28-082e5f7c147d<br /> Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )<br /> Description: IEXPLORE.EXE11.0.9600.17416122801d03dc193d11d88188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE074800a2-a9b5-11e4-bf28-082e5f7c147d<br /> <br /> ==================== Memory info =========================== <br /> Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics <br /> Percentage of memory in use: 35%<br /> Total physical RAM: 5596.26 MB<br /> Available physical RAM: 3587.97 MB<br /> Total Pagefile: 11228.26 MB<br /> Available Pagefile: 8732.49 MB<br /> Total Virtual: 131072 MB<br /> Available Virtual: 131071.81 MB<br /> ==================== Drives ================================<br /> Drive c: () (Fixed) (Total:670.37 GB) (Free:581.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]<br /> Drive d: (RECOVERY) (Fixed) (Total:27.15 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]<br /> Drive f: () (Removable) (Total:1.89 GB) (Free:1.85 GB) FAT<br /> ==================== MBR & Partition Table ==================<br /> ========================================================<br /> Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D)<br /> Partition: GPT Partition Type.<br /> ========================================================<br /> Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)<br /> Partition: GPT Partition Type.<br /> ==================== End Of Log ================</li> <li data-xf-list-type="ul">I HOPE THESE ARE THE RIGHT REPORTS IF YOU NEED MORE LET ME KNOW I will check back frequently.</li> </ul></blockquote><p></p>
[QUOTE="tinassmith, post: 343272, member: 33768"] [URL='https://bay179.mail.live.com/m/messages.m/?mid=m7effb734-aa51-11e4-94c5-10604ba0ea80&mts=2015-02-01T20:32:53.770Z&fid=00000000-0000-0000-0000-000000000004&iru=%2fm%2ffolders.m%3ffid%3d00000000-0000-0000-0000-000000000004&nmid=m6d429fe6-a9bf-11e4-9439-10604ba09f00&nmts=2015-02-01T03:07:26.177Z#'][IMG]https://a.gfx.ms/is/invis.gif[/IMG][IMG]https://a.gfx.ms/is/invis.gif[/IMG][/URL] [LIST] [*] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 Ran by Smith (administrator) on ENVY on 01-02-2015 14:49:55 Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC Loaded Profiles: Smith (Available profiles: Smith) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe () C:\Windows\System32\valWBFPolicyService.exe (AMD) C:\Windows\System32\atieclxx.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (Smartbar) C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe (System Alerts LLC) C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-05-29] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2013-04-03] (Synaptics Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-03-11] (Sophos Limited) HKLM-x32\...\Run: [AllstateGateway32] => c:\program files (x86)\allstate\go gateway install\gogatewaymove.exe [40624 2009-06-26] (Allstate) HKLM-x32\...\Run: [AllstateGateway] => c:\program files\allstate\go gateway install\gogatewaymove.exe HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [WinCheck] => C:\Users\Smith\AppData\Local\wincheck\wincheck.exe [528896 2014-12-24] () HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-30] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-03-12] (Hewlett-Packard) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.) HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation) HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [UpdateAdmin] => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [225552 2014-10-16] (DownloadAdmin) HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] () HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Smith\AppData\Local\Smartbar\Application\ShowPass.exe [28688 2014-11-19] (Smartbar) AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found AppInit_DLLs: C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Smith\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [71680 2014-12-24] () Startup: C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Smith\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3284848147-45456043-49688854-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://g.msn.com/HPNOT13/1[/URL] HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Search Page =[URL='http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms']http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms[/URL]} HKU\S-1-5-21-3284848147-45456043-49688854-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =[URL]http://www.msn.com/?ocid=iehp[/URL] SearchScopes: HKLM -> {0656767C-4B32-44CB-9B4F-FEC3F26E4761} URL = [URL='http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords=%7bsearchTerms']http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms[/URL]} SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = [URL='http://search.ask.com/web?q=%7bsearchterms%7d&l=dis&o=HPNTDF']http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF[/URL] SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = [URL='http://search.yahoo.com/search?p=%7bsearchTerms%7d&ei=%7binputEncoding%7d&fr=chr-hp-psg&type=HPNTDF']http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF[/URL] SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = [URL]http://rover.ebay.com/rover/1/711-154371-11896-2/4[/URL] ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = [URL='http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms']http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms[/URL]} SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = [URL='http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q=%7bsearchTerms']http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS1NZ6LZxUAmFVx3GL8HF-wJ24_mgTiLd6O9lId_HHM6KBe8pf-B2lnnWRgeq9rrSUehdSwiizpRCXRihIMpzPJuut-7f6Rhn8Z2tLXJEJRcIRMzqYPhg4_x9Tzz9xDML&q={searchTerms[/URL]} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation) BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File Toolbar: HKLM - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File Toolbar: HKLM-x32 - No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation) Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> No Name - {0B0DAEA9-2ECC-4261-B7AC-CA1D35F40D8A} - No File Toolbar: HKU\S-1-5-21-3284848147-45456043-49688854-1002 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258}[URL]http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[/URL] DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [URL]https://allstate.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc.cab[/URL] DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} [URL]https://officespace4r.ra.allstate.com/dana-cached/sc/JuniperSetupClient.cab[/URL] Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Winsock: Catalog9 01 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Winsock: Catalog9 02 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Winsock: Catalog9 03 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Winsock: Catalog9 04 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Winsock: Catalog9 05 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Winsock: Catalog9 16 C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll [307224] () Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP) FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @tnt2npapi.com/Plugin -> C:\Users\Smith\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll No File FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smith\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3284848147-45456043-49688854-1002: hp.com/HPDetect -> C:\Users\Smith\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\confmgr.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxlogging.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\npicaN.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Smith\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.) FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-12-25] FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-01-31] FF HKLM-x32\...\Firefox\Extensions: [[email]wrc@avast.com[/email]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path CHR HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - No Path CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30] CHR HKLM-x32\...\Chrome\Extension: [ikifpllgjmnbnanggkjcdlbfghbhblkk] - No Path CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-08-27] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2015-01-08] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-15] (HP) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-28] (WildTangent) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-05] (Symantec Corporation) R2 RGMUpdater; C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed] R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2014-03-30] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2014-03-30] (Sophos Limited) R2 serverca; C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe [143872 2014-12-24] () [File not signed] R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2013-03-11] (Sophos Limited) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-03-11] (Sophos Limited) R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2013-03-11] (Sophos Limited) R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-09-06] (Sophos Limited) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2878016 2014-03-30] (Sophos Limited) S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2014-03-30] (Sophos Limited) R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation) S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-30] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-30] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-30] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-30] () R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation) R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-25] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141226.001\IDSvia64.sys [637656 2014-12-24] (Symantec Corporation) S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\ENG64.SYS [129752 2014-12-25] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141227.007\EX64.SYS [2137304 2014-12-25] (Symantec Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2013-05-29] (Realtek Semiconductor Corp.) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2013-09-06] (Sophos Limited) S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [36640 2013-09-06] (Sophos Limited) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated) S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2013-09-06] (Sophos Plc) S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-25] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S1 wpnfd_1_10_0_2; system32\drivers\wpnfd_1_10_0_2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-31 21:10 - 2015-02-01 14:49 - 00000000 ____D () C:\FRST 2015-01-31 20:05 - 2015-01-31 20:05 - 00000658 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk 2015-01-31 20:05 - 2014-10-31 05:32 - 00815248 _____ (Microsoft Corporation) C:\Users\Smith\Desktop\iexplore.exe 2015-01-31 19:28 - 2015-01-31 19:29 - 00000000 ____D () C:\ProgramData\ETTB 2015-01-30 22:01 - 2015-01-30 22:02 - 00280800 _____ () C:\WINDOWS\Minidump\013015-186890-01.dmp 2015-01-30 21:54 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-01-30 21:54 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-01-30 21:41 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-01-30 21:41 - 2014-11-17 15:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2015-01-30 21:41 - 2014-11-14 01:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2015-01-30 21:41 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2015-01-30 21:41 - 2014-11-14 01:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2015-01-30 21:41 - 2014-11-14 01:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-01-30 21:41 - 2014-11-14 01:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-01-30 21:41 - 2014-11-13 23:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-01-30 21:38 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-01-30 21:38 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-01-30 21:38 - 2014-11-14 09:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-01-30 21:38 - 2014-11-14 02:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-01-30 21:38 - 2014-11-14 01:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-01-30 21:38 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-01-30 21:38 - 2014-11-14 01:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-01-30 21:38 - 2014-11-14 01:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-01-30 21:38 - 2014-11-14 01:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-01-30 21:38 - 2014-11-14 01:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-01-30 21:38 - 2014-11-14 01:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-01-30 21:38 - 2014-11-14 00:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-01-30 21:38 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-01-30 21:38 - 2014-11-14 00:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-01-30 21:38 - 2014-11-14 00:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-01-30 21:38 - 2014-11-14 00:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-01-30 21:38 - 2014-11-10 19:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-01-30 21:38 - 2014-11-10 19:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-01-30 21:38 - 2014-11-10 13:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-01-30 21:38 - 2014-11-10 13:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-01-30 21:38 - 2014-11-10 13:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2015-01-30 21:38 - 2014-11-10 13:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-01-30 21:38 - 2014-11-09 21:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2015-01-30 21:38 - 2014-11-09 20:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-01-30 21:38 - 2014-11-09 20:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-01-30 21:38 - 2014-11-09 20:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-01-30 21:38 - 2014-11-09 20:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2015-01-30 21:38 - 2014-11-09 20:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-01-30 21:38 - 2014-11-09 20:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2015-01-30 21:38 - 2014-11-09 20:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-01-30 21:38 - 2014-11-09 19:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2015-01-30 21:38 - 2014-11-09 19:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-01-30 21:38 - 2014-11-08 05:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-01-30 21:38 - 2014-11-08 05:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-01-30 21:38 - 2014-11-07 23:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2015-01-30 21:38 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2015-01-30 21:38 - 2014-11-07 22:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2015-01-30 21:38 - 2014-11-07 22:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2015-01-30 21:38 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2015-01-30 21:38 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll 2015-01-30 21:38 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll 2015-01-30 21:38 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll 2015-01-30 21:38 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2015-01-30 21:38 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll 2015-01-30 21:38 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll 2015-01-30 21:38 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll 2015-01-30 21:38 - 2014-11-07 21:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-01-30 21:38 - 2014-11-07 21:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-01-30 21:38 - 2014-11-07 21:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll 2015-01-30 21:38 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-01-30 21:38 - 2014-11-07 20:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll 2015-01-30 21:38 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2015-01-30 21:38 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2015-01-30 21:38 - 2014-11-06 22:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-01-30 21:38 - 2014-11-06 22:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-01-30 21:38 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL 2015-01-30 21:38 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL 2015-01-30 21:38 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2015-01-30 21:38 - 2014-11-04 20:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2015-01-30 21:38 - 2014-11-04 20:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2015-01-30 21:38 - 2014-11-04 20:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2015-01-30 21:38 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL 2015-01-30 21:38 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL 2015-01-30 21:38 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2015-01-30 21:38 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2015-01-30 21:38 - 2014-11-04 20:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2015-01-30 21:38 - 2014-11-04 20:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2015-01-30 21:38 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2015-01-30 21:38 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2015-01-30 21:38 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-01-30 21:38 - 2014-11-04 14:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys 2015-01-30 21:38 - 2014-11-04 14:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys 2015-01-30 21:38 - 2014-11-04 01:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys 2015-01-30 21:38 - 2014-11-04 01:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys 2015-01-30 21:38 - 2014-11-04 01:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2015-01-30 21:38 - 2014-11-04 01:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys 2015-01-30 21:38 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2015-01-30 21:38 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2015-01-30 21:38 - 2014-10-30 19:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-01-30 21:38 - 2014-10-30 19:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-01-30 21:38 - 2014-10-30 00:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-01-30 21:38 - 2014-10-30 00:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-01-30 21:38 - 2014-10-30 00:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-01-30 21:38 - 2014-10-28 22:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2015-01-30 21:38 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-01-30 21:38 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-01-30 21:38 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-01-30 21:38 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2015-01-30 21:38 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-01-30 21:38 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2015-01-30 21:38 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2015-01-30 21:38 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2015-01-30 21:38 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2015-01-30 21:38 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2015-01-30 21:38 - 2014-10-26 17:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-01-30 21:38 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll 2015-01-30 21:38 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll 2015-01-30 21:38 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll 2015-01-30 21:38 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2015-01-30 21:38 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll 2015-01-30 21:38 - 2014-10-20 19:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2015-01-30 21:38 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2015-01-30 21:38 - 2014-10-16 23:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-01-30 21:38 - 2014-10-16 23:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-01-30 21:38 - 2014-10-16 23:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2015-01-30 21:38 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-01-30 18:10 - 2015-01-30 18:10 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-01-30 18:10 - 2015-01-30 18:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-30 18:05 - 2015-01-30 18:05 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-01-30 18:05 - 2015-01-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files\iTunes 2015-01-30 18:03 - 2015-01-30 18:04 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-01-30 18:03 - 2015-01-30 18:03 - 00000000 ____D () C:\Program Files\iPod 2015-01-30 17:49 - 2015-01-30 17:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2015-01-30 17:49 - 2015-01-30 17:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2015-01-30 17:49 - 2015-01-30 17:49 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-01-30 17:49 - 2015-01-30 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-30 15:11 - 2015-01-30 15:11 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\Users\Smith\AppData\Roaming\AVAST Software 2015-01-30 15:11 - 2015-01-30 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-01-30 15:10 - 2015-01-30 15:11 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-01-30 15:09 - 2015-01-30 15:10 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2015-01-30 15:09 - 2015-01-30 15:10 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-01-30 15:09 - 2015-01-30 15:09 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-01-30 15:09 - 2015-01-30 15:09 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Users\Smith\AppData\Local\Google 2015-01-30 15:09 - 2015-01-30 15:09 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-30 15:07 - 2015-01-30 15:07 - 00000000 ____D () C:\Program Files\AVAST Software 2015-01-30 15:06 - 2015-01-30 15:07 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-01-30 15:06 - 2015-01-30 15:06 - 04864952 _____ (AVAST Software) C:\Users\Smith\Downloads\avast_free_antivirus_setup_online.exe 2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ () C:\WINDOWS\system32\Drivers\rtlh64.sys 2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ () C:\WINDOWS\system32\RtNicProp64.dll 2015-01-16 11:00 - 2015-01-16 11:00 - 00000000 ____D () C:\Users\Smith\AppData\Local\{EBCEFE63-8695-472F-910A-57A763F4788B} 2015-01-13 14:55 - 2015-01-24 15:55 - 04070576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2015-01-13 14:18 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-01-13 14:17 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2015-01-13 14:17 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-01-13 14:17 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-01-13 14:17 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-01-13 14:17 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2015-01-13 14:17 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2015-01-13 14:17 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-01-13 14:17 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-01-13 14:17 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-01-13 14:17 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2015-01-13 14:17 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2015-01-13 14:17 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-01-13 14:17 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-01-13 14:17 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-01-13 14:17 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-01-13 14:17 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2015-01-13 14:17 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2015-01-13 14:17 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-01-13 14:17 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-01-13 14:17 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-01-13 14:17 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2015-01-13 14:17 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2015-01-13 14:17 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2015-01-13 14:17 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-01-13 14:17 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2015-01-10 18:33 - 2015-01-10 18:33 - 00002501 _____ () C:\Users\Smith\Downloads\desc (2).m3u8 2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc.m3u8 2015-01-10 18:18 - 2015-01-10 18:18 - 00002461 _____ () C:\Users\Smith\Downloads\desc (1).m3u8 2015-01-07 17:37 - 2015-01-08 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser 2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Users\Smith\AppData\Local\speed browser 2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Program Files (x86)\speed browser ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 14:49 - 2014-01-23 16:13 - 01409966 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-01 14:49 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-01-31 21:55 - 2014-12-25 12:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-01-31 21:51 - 2013-03-11 15:54 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{297DE414-B35A-421D-AFC3-F9C6CE882328} 2015-01-31 20:22 - 2014-12-25 16:40 - 00000000 ____D () C:\Users\Smith\AppData\Local\DesktopTemperature 2015-01-31 20:07 - 2013-03-11 16:01 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3284848147-45456043-49688854-1002 2015-01-31 20:03 - 2013-08-15 16:22 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-31 20:00 - 2013-08-22 09:46 - 00302176 _____ () C:\WINDOWS\setupact.log 2015-01-31 20:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-31 19:59 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2015-01-31 19:48 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-01-31 19:28 - 2013-11-14 02:28 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-01-30 22:28 - 2014-01-23 15:50 - 00000000 ____D () C:\Users\Smith 2015-01-30 22:06 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup 2015-01-30 22:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv 2015-01-30 22:01 - 2014-03-08 20:54 - 00000000 ____D () C:\WINDOWS\Minidump 2015-01-30 22:00 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2015-01-30 21:59 - 2013-04-03 10:13 - 957826971 _____ () C:\WINDOWS\MEMORY.DMP 2015-01-30 20:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2015-01-30 20:01 - 2014-12-25 21:07 - 00000000 ____D () C:\Users\Smith\AppData\Local\CrashDumps 2015-01-30 19:49 - 2013-11-14 02:20 - 00069900 _____ () C:\WINDOWS\PFRO.log 2015-01-30 19:42 - 2013-03-11 15:52 - 00000000 ____D () C:\Users\Smith\AppData\Local\VirtualStore 2015-01-30 18:03 - 2013-03-28 18:54 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-30 18:02 - 2014-08-10 17:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-30 17:49 - 2013-03-13 14:38 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-30 16:50 - 2014-12-24 16:23 - 00000000 ____D () C:\Users\Smith\AppData\Local\ConvertAd 2015-01-30 16:47 - 2014-12-25 17:22 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job 2015-01-30 16:47 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-01-30 15:19 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\RGMService 2015-01-30 02:05 - 2014-11-29 11:01 - 00000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG 2015-01-28 08:51 - 2014-12-25 17:22 - 00003156 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForSmith 2015-01-24 15:55 - 2014-12-25 12:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-01-24 15:20 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-01-24 15:20 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-23 14:17 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-01-21 18:10 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Smith\AppData\Local\wincheck 2015-01-18 16:10 - 2014-11-29 12:51 - 00000000 ____D () C:\Program Files (x86)\LPT 2015-01-18 16:10 - 2014-11-29 12:50 - 00000000 ____D () C:\Users\Smith\AppData\Local\LPT 2015-01-18 16:10 - 2014-11-28 17:01 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone 2015-01-15 14:45 - 2013-08-03 10:42 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-01-15 14:25 - 2013-03-12 18:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-01-11 17:34 - 2013-02-15 21:31 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass 2015-01-08 13:51 - 2014-01-23 16:21 - 00002348 _____ () C:\Users\Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-08 12:47 - 2013-08-22 08:25 - 00000194 _____ () C:\WINDOWS\win.ini 2015-01-08 12:35 - 2014-12-24 15:35 - 00000000 ____D () C:\Users\Smith\AppData\Local\Chrome ==================== Files in the root of some directories ======= 2014-11-29 11:01 - 2015-01-30 02:05 - 0000143 _____ () C:\Users\Smith\AppData\Roaming\WB.CFG 2014-11-28 17:01 - 2014-11-28 17:01 - 0000064 _____ () C:\Users\Smith\AppData\Local\bb22664f901a5339338d23029cb3f563 2013-03-13 19:22 - 2013-03-13 19:22 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Smith\AppData\Local\Temp\1ar4mbn-.dll C:\Users\Smith\AppData\Local\Temp\5tofxv5e.dll C:\Users\Smith\AppData\Local\Temp\77161uninstall.exe C:\Users\Smith\AppData\Local\Temp\7q_1gcsb.dll C:\Users\Smith\AppData\Local\Temp\bjmmnr8l.dll C:\Users\Smith\AppData\Local\Temp\blh_xph-.dll C:\Users\Smith\AppData\Local\Temp\e3o4dcu6.dll C:\Users\Smith\AppData\Local\Temp\Extract.exe C:\Users\Smith\AppData\Local\Temp\g9r9ms-e.dll C:\Users\Smith\AppData\Local\Temp\install.exe C:\Users\Smith\AppData\Local\Temp\install_temp.exe C:\Users\Smith\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Smith\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Smith\AppData\Local\Temp\Kraus.exe C:\Users\Smith\AppData\Local\Temp\m8kexy5m.dll C:\Users\Smith\AppData\Local\Temp\olbpbp3l.dll C:\Users\Smith\AppData\Local\Temp\Package_en_ww.exe C:\Users\Smith\AppData\Local\Temp\qogu9vzj.dll C:\Users\Smith\AppData\Local\Temp\SP63599.exe C:\Users\Smith\AppData\Local\Temp\sp64126.exe C:\Users\Smith\AppData\Local\Temp\SP65048.exe C:\Users\Smith\AppData\Local\Temp\Sqlite3.dll C:\Users\Smith\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Smith\AppData\Local\Temp\szsxqcyx.dll C:\Users\Smith\AppData\Local\Temp\tuv4y9e2.dll C:\Users\Smith\AppData\Local\Temp\UninstallHPSA.exe C:\Users\Smith\AppData\Local\Temp\uop9xxj9.dll C:\Users\Smith\AppData\Local\Temp\_od6oytp.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-25 16:16 == Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by Smith at 2015-02-01 14:51:15 Running from C:\Users\Smith\AppData\Local\Microsoft\Windows\INetCache\IE\OXBWUJKC Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Sophos Anti-Virus (Enabled - Out of date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton AntiVirus (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Norton AntiVirus (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} AS: Sophos Anti-Virus (Enabled - Out of date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden 5 Realms of Cards (HKLM-x32\...\5 Realms of Cards_is1) (Version: 1.0 - Media Contact LLC) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION Ask Toolbar Updater (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Citrix XenApp Web Plugin (HKLM-x32\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.) Common dictionary (HKLM-x32\...\Common dictionary) (Version: 1 - Common dictionary) <==== ATTENTION! ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION! Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Desktop Temperature Monitor (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC) Download & Install Packages (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Download & Install Packages) (Version: - ) <==== ATTENTION Driver Pro v3.2.0.2 (HKLM-x32\...\Driver Pro_is1) (Version: 3.2.0.2 - PC Utilities Software Limited) <==== ATTENTION Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden Findwide Toolbar (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{727F21DE-FD02-44FE-BFEE-4CA379A41950}) (Version: - Freshy) FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Go Gateway - 1 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\ab5e6492a7c4f440) (Version: 3.0.1.2 - Allstate) Go Gateway Install (HKLM-x32\...\{C165C324-8139-4FA5-B99B-3321B4F4C918}) (Version: 2.1.1 - Allstate) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.917 - Citrix Online, a division of Citrix Systems, Inc.) Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent) HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company) HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard) HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.257 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT) Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Juniper Networks Secure Meeting 7.1.0 (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper Secure Meeting 7.1.0) (Version: 7.1.0.20169 - Juniper Networks) Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Juniper_Setup_Client) (Version: 7.1.6.17115 - Juniper Networks, Inc.) KNCTR (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.) LizardSales (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - LizardSales) <==== ATTENTION Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden Mario Forever v 2.16 ! (HKLM-x32\...\Mario Forever v 2.16 !) (Version: - ) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation) Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29034 - Realtek Semiconductor Corp.) Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Savifier (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\Savifier) (Version: 1 - Savifier.com) Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media) ShowPass Smartbar (HKLM-x32\...\{E10AF25A-EB67-4904-9211-DA0CDFE6051C}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION ShowPass Smartbar Engine (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\{8b6d666e-8bc3-42e1-8b30-921fa628f032}) (Version: 11.128.76.20716 - ReSoft Ltd.) <==== ATTENTION Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.2.4 - Sophos Limited) Sophos AutoUpdate (HKLM-x32\...\{15C418EB-7675-42be-B2B3-281952DA014D}) (Version: 2.9.0.344 - Sophos Limited) Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited) speed browser (HKLM-x32\...\speed browser) (Version: 40.0.2214.45 - Smart Applications) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.15.0 - Synaptics Incorporated) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Unity Web Player (HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin) Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.) Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Perion) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION! Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION! Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3284848147-45456043-49688854-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Smith\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 14-12-2014 18:54:41 Windows Update 18-12-2014 13:35:02 Windows Update 24-12-2014 16:04:04 PerforMax Cleaner 08-01-2015 12:56:08 PerforMax Cleaner 08-01-2015 13:01:11 PerforMax Cleaner 15-01-2015 14:22:29 Windows Update 27-01-2015 15:56:48 Windows Update 30-01-2015 15:07:27 avast! antivirus system restore point 31-01-2015 19:43:34 Windows Modules Installer ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {01CD023E-F7B4-4619-8D02-B2A20B18C2D2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {031AF880-0B4D-4AD0-9C13-7ED57BA03B37} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation) Task: {119C490E-B4CA-4CA1-959A-0F9613133C2B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation) Task: {18BCBB9D-527C-47E2-97C0-DEED5EEF12C8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink) Task: {195B2A8C-1652-4D2C-B07D-AE0F27329D12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {23808472-E472-4786-9420-5719F13AD7C1} - System32\Tasks\TidyNetwork Update => C:\Users\Smith\AppData\Local\TidyNetwork\update.exe Task: {3211270E-C710-4179-A426-FE237FC950BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {339F59FB-365D-4D33-A4EB-69C511DEE034} - System32\Tasks\UpdateAdmin => C:\Users\Smith\AppData\Local\UpdateAdmin\UpdateAdmin.exe [2014-10-16] (DownloadAdmin) Task: {34A13AC4-B81C-45EF-9C69-F70A554BF093} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation) Task: {36F38DBF-E6D7-4519-A46C-F6807E8A7695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {454E553C-52FB-4D63-8728-AE2FBBBA59BB} - System32\Tasks\Check Updates => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe Task: {4D2B8F82-EDC1-4042-8A35-DDBB7812C375} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2AJB4H8005KD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard) Task: {4FF3C4EC-D189-47DA-A8BA-20CEDC9F8741} - System32\Tasks\Driver Pro Schedule => C:\Program Files (x86)\Driver Pro\DPTray.exe <==== ATTENTION Task: {5E636264-7878-40EC-85BB-12ED017EF589} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated) Task: {63E1DCCB-9BBB-4537-9286-1CD3396551CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {6563202B-DEC5-48E9-8A51-BDF8C0B8A4E7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {6D2E80B1-F73F-4EC4-A540-83845CEF0745} - System32\Tasks\HPCeeScheduleForSmith => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {7659FA2F-B53F-477B-B732-7EA8285E422F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.) Task: {7D359755-7F74-41EB-A671-B67781AD01EA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation) Task: {7E2B69A3-368D-4976-A291-FCBA922A53C9} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {7FC6C41F-4B98-42B3-9FA0-CCADDE39BBF3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe Task: {7FDC2FDB-2B18-4A3A-AFEC-F6C60292CC3A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-03] (Synaptics Incorporated) Task: {955F1A56-D96B-4395-9754-0FAA082132DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {A4BA14A8-26B6-4111-9350-675F7FCA101F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard) Task: {B0EAA0AA-A598-481D-A293-65A1EB59541B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard) Task: {BB51CE7A-0D51-4912-A4BD-03B95C6111B1} - System32\Tasks\Validate Installation => C:\Users\Smith\AppData\Local\GeniusBox\updater.exe Task: {BCA94F22-D328-446C-A85D-16073460A915} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-30] (AVAST Software) Task: {CD44659F-29E0-44AF-A77F-3B3ECD7BEE6C} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {CDFE9302-8314-4EA3-878A-621DEAE1F039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {E0345A8D-3CC4-4AA9-8CC2-727B2C0D60F1} - \GeniusBox No Task File <==== ATTENTION Task: {E06C967A-D9B4-49EA-945B-5682AB8B5DE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {FDCCAA07-A0EA-4556-B848-16EA0EF6BF9B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForSmith.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-08 13:36 - 2012-08-08 13:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-03-16 11:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-10-27 10:04 - 2014-10-27 10:04 - 00028160 _____ () C:\Users\Smith\AppData\Local\RGMService\RGMUpdater.exe 2014-12-24 16:23 - 2014-12-24 16:23 - 00143872 _____ () C:\Users\Smith\AppData\Local\ConvertAd\CASrv.exe 2012-09-06 04:47 - 2012-09-06 04:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe 2014-11-22 14:19 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-10-15 00:08 - 2012-10-15 00:08 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe 2014-12-24 15:13 - 2014-12-24 15:13 - 00528896 _____ () C:\Users\Smith\AppData\Local\wincheck\wincheck.exe 2012-08-08 13:36 - 2012-08-08 13:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-11-19 17:09 - 2014-11-19 17:09 - 00024080 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Lrcnta.exe 2014-11-25 10:48 - 2014-11-25 10:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-01-30 15:09 - 2015-01-30 15:09 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013000\algo.dll 2014-12-16 20:06 - 2014-12-16 20:06 - 00307224 _____ () C:\Users\Smith\AppData\Local\DesktopTemperature\2EuaM7.dll 2015-01-31 21:13 - 2015-01-31 21:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013101\algo.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll 2013-03-11 16:15 - 2013-03-11 16:15 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll 2013-03-11 16:15 - 2013-03-11 16:15 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll 2013-03-11 16:15 - 2013-03-11 16:15 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL 2013-03-11 16:15 - 2013-03-11 16:15 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll 2013-03-11 16:14 - 2013-03-11 16:14 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll 2013-05-08 09:17 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2013-05-08 09:17 - 2013-01-27 09:13 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll 2013-05-08 09:17 - 2012-09-25 03:32 - 01320048 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll 2013-05-08 09:17 - 2013-01-27 09:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00051216 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00086544 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srau.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00166416 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 02506768 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00067600 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\spbl.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00158736 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00014864 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\siem.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00068112 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sppsm.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00697360 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00015376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00079376 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00027664 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00071184 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srut.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00030224 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srsbs.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00066064 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00151056 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smti.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00074256 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smsp.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00012304 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sidc.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00031248 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smtu.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00039440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\smta.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00031760 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srom.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00048144 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srbu.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00024592 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgml.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00062480 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00025616 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srpdm.dll 2014-11-19 17:09 - 2014-11-19 17:09 - 00044048 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\MACTrackBarLib.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00035856 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll 2014-11-19 17:10 - 2014-11-19 17:10 - 00193552 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\sgmu.dll 2014-05-12 10:21 - 2014-05-12 10:21 - 00061440 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll 2014-11-19 17:11 - 2014-11-19 17:11 - 00256016 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\srns.dll 2015-01-30 15:09 - 2015-01-30 15:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-11-19 17:09 - 2014-11-19 17:09 - 00033808 _____ () C:\Users\Smith\AppData\Local\Smartbar\Application\lrcnt.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run32: => "AllstateGateway32" HKLM\...\StartupApproved\Run32: => "PerforMax Cleaner" HKU\S-1-5-21-3284848147-45456043-49688854-1002\...\StartupApproved\Run: => "Itibiti.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-3284848147-45456043-49688854-500 - Administrator - Disabled) Guest (S-1-5-21-3284848147-45456043-49688854-501 - Limited - Disabled) Smith (S-1-5-21-3284848147-45456043-49688854-1002 - Administrator - Enabled) => C:\Users\Smith SophosSAUEnvy0 (S-1-5-21-3284848147-45456043-49688854-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2028 Start Time: 01d03dc8633ca6f2 Termination Time: 155 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 80e7e134-a9c0-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 177c Start Time: 01d03dc97d658e0e Termination Time: 1770 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 23f523a9-a9bd-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1f38 Start Time: 01d03dc68f33fe3b Termination Time: 464 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: f9559699-a9b9-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 368 Start Time: 01d03dc2a6e43697 Termination Time: 164 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: f45ce8c3-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 17b4 Start Time: 01d03dc28207b542 Termination Time: 292 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: e227b6bc-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1fb4 Start Time: 01d03dc2691f1d12 Termination Time: 111 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: bd1cdcfe-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 21e4 Start Time: 01d03dc2519d34a2 Termination Time: 3168 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 9dd547db-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1398 Start Time: 01d03dc1f809a3cc Termination Time: 2140 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 8930a2ae-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2314 Start Time: 01d03dc1cd2b0b18 Termination Time: 31 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 3384ad98-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1228 Start Time: 01d03dc193d11d88 Termination Time: 188 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 074800a2-a9b5-11e4-bf28-082e5f7c147d Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (01/31/2015 08:08:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. Error: (01/31/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. Error: (01/31/2015 08:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%31 Error: (01/31/2015 08:00:50 PM) (Source: APXACC) (EventID: 1003) (User: ) Description: The NDIS6 LWF initialization has failed. (0xC0000001) Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/31/2015 07:56:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/30/2015 10:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%31 Error: (01/30/2015 10:29:45 PM) (Source: APXACC) (EventID: 1003) (User: ) Description: The NDIS6 LWF initialization has failed. (0xC0000001) Error: (01/30/2015 10:28:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Software Protection service hung on starting. Error: (01/30/2015 10:27:59 PM) (Source: DCOM) (EventID: 10010) (User: Envy) Description: {5C068441-8DC5-4C20-A101-AB9C5B0F7721} Microsoft Office Sessions: ========================= Error: (01/31/2015 10:15:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416202801d03dc8633ca6f2155C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE80e7e134-a9c0-11e4-bf28-082e5f7c147d Error: (01/31/2015 09:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416177c01d03dc97d658e0e1770C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE23f523a9-a9bd-11e4-bf28-082e5f7c147d Error: (01/31/2015 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.174161f3801d03dc68f33fe3b464C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf9559699-a9b9-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1741636801d03dc2a6e43697164C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf45ce8c3-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1741617b401d03dc28207b542292C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe227b6bc-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.174161fb401d03dc2691f1d12111C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEbd1cdcfe-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:57:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1741621e401d03dc2519d34a23168C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9dd547db-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:56:39 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416139801d03dc1f809a3cc2140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8930a2ae-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416231401d03dc1cd2b0b1831C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3384ad98-a9b5-11e4-bf28-082e5f7c147d Error: (01/31/2015 08:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416122801d03dc193d11d88188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE074800a2-a9b5-11e4-bf28-082e5f7c147d ==================== Memory info =========================== Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics Percentage of memory in use: 35% Total physical RAM: 5596.26 MB Available physical RAM: 3587.97 MB Total Pagefile: 11228.26 MB Available Pagefile: 8732.49 MB Total Virtual: 131072 MB Available Virtual: 131071.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:670.37 GB) (Free:581.18 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:27.15 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: () (Removable) (Total:1.89 GB) (Free:1.85 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ================ [*]I HOPE THESE ARE THE RIGHT REPORTS IF YOU NEED MORE LET ME KNOW I will check back frequently. [/LIST] [/QUOTE]
Insert quotes…
Verification
Post reply
Top